From e4e280183ec8be4694743de4c150634cf0e23f3e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= Date: Fri, 30 Oct 2020 12:36:44 +0100 Subject: [PATCH] privs: add some more comments explaining privileges MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Fabian Grünbichler --- src/config/acl.rs | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/config/acl.rs b/src/config/acl.rs index 17eb47dc..8cdce8bf 100644 --- a/src/config/acl.rs +++ b/src/config/acl.rs @@ -26,15 +26,23 @@ constnamedbitmap! { PRIV_SYS_MODIFY("Sys.Modify"); PRIV_SYS_POWER_MANAGEMENT("Sys.PowerManagement"); + /// Datastore.Audit allows knowing about a datastore, + /// including reading the configuration entry and listing its contents PRIV_DATASTORE_AUDIT("Datastore.Audit"); + /// Datastore.Allocate allows creating or deleting datastores PRIV_DATASTORE_ALLOCATE("Datastore.Allocate"); + /// Datastore.Modify allows modifying a datastore and its contents PRIV_DATASTORE_MODIFY("Datastore.Modify"); + /// Datastore.Read allows reading arbitrary backup contents PRIV_DATASTORE_READ("Datastore.Read"); + /// Allows verifying a datastore PRIV_DATASTORE_VERIFY("Datastore.Verify"); - /// Datastore.Backup also requires backup ownership + /// Datastore.Backup allows Datastore.Read|Verify and creating new snapshots, + /// but also requires backup ownership PRIV_DATASTORE_BACKUP("Datastore.Backup"); - /// Datastore.Prune also requires backup ownership + /// Datastore.Prune allows deleting snapshots, + /// but also requires backup ownership PRIV_DATASTORE_PRUNE("Datastore.Prune"); PRIV_PERMISSIONS_MODIFY("Permissions.Modify");