CVSROOT: /cvs/cluster
Module name: conga
Changes by: [EMAIL PROTECTED] 2008-07-10 20:25:59
Modified files:
ricci/modules : Makefile
ricci/modules/cluster: ClusterModule.cpp Makefile
Added files:
ricci/modules/cluster: XVM.h
ricci/modules/virt: .cvsignore Makefile Virt.cpp Virt.h
VirtModule.cpp VirtModule.h main.cpp
ricci/modules/virt/d-bus: ricci-modvirt.oddjob.conf
ricci-modvirt.systembus.conf
Removed files:
ricci/modules/cluster: Virt.cpp Virt.h
Log message:
Move functionality that depends on libvirt into its own module
Patches:
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/Makefile.diff?cvsroot=cluster&r1=1.8&r2=1.9
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/cluster/XVM.h.diff?cvsroot=cluster&r1=NONE&r2=1.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/cluster/ClusterModule.cpp.diff?cvsroot=cluster&r1=1.12&r2=1.13
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/cluster/Makefile.diff?cvsroot=cluster&r1=1.21&r2=1.22
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/cluster/Virt.cpp.diff?cvsroot=cluster&r1=1.10&r2=NONE
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/cluster/Virt.h.diff?cvsroot=cluster&r1=1.7&r2=NONE
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/virt/.cvsignore.diff?cvsroot=cluster&r1=NONE&r2=1.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/virt/Makefile.diff?cvsroot=cluster&r1=NONE&r2=1.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/virt/Virt.cpp.diff?cvsroot=cluster&r1=NONE&r2=1.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/virt/Virt.h.diff?cvsroot=cluster&r1=NONE&r2=1.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/virt/VirtModule.cpp.diff?cvsroot=cluster&r1=NONE&r2=1.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/virt/VirtModule.h.diff?cvsroot=cluster&r1=NONE&r2=1.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/virt/main.cpp.diff?cvsroot=cluster&r1=NONE&r2=1.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/virt/d-bus/ricci-modvirt.oddjob.conf.diff?cvsroot=cluster&r1=NONE&r2=1.1
http://sourceware.org/cgi-bin/cvsweb.cgi/conga/ricci/modules/virt/d-bus/ricci-modvirt.systembus.conf.diff?cvsroot=cluster&r1=NONE&r2=1.1
--- conga/ricci/modules/Makefile 2008/01/02 20:47:35 1.8
+++ conga/ricci/modules/Makefile 2008/07/10 20:25:58 1.9
@@ -15,6 +15,7 @@
${MAKE} -C rpm
${MAKE} -C log
${MAKE} -C service
+ ${MAKE} -C virt
clustermon:
${MAKE} -C cluster
@@ -24,6 +25,7 @@
${MAKE} -C rpm install
${MAKE} -C log install
${MAKE} -C service install
+ ${MAKE} -C virt install
install_clustermon:
${MAKE} -C cluster install
@@ -36,6 +38,7 @@
${MAKE} -C rpm clean
${MAKE} -C log clean
${MAKE} -C service clean
+ ${MAKE} -C virt clean
check:
/cvs/cluster/conga/ricci/modules/cluster/XVM.h,v --> standard output
revision 1.1
--- conga/ricci/modules/cluster/XVM.h
+++ - 2008-07-10 20:26:00.084233000 +0000
@@ -0,0 +1,41 @@
+/*
+** Copyright (C) Red Hat, Inc. 2006-2008
+**
+** This program is free software; you can redistribute it and/or modify it
+** under the terms of the GNU General Public License version 2 as
+** published by the Free Software Foundation.
+**
+** This program is distributed in the hope that it will be useful, but
+** WITHOUT ANY WARRANTY; without even the implied warranty of
+** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+** General Public License for more details.
+**
+** You should have received a copy of the GNU General Public License
+** along with this program; see the file COPYING. If not, write to the
+** Free Software Foundation, Inc., 675 Mass Ave, Cambridge,
+** MA 02139, USA.
+*/
+
+#ifndef __CONGA_MODCLUSTER_XVM_H
+#define __CONGA_MODCLUSTER_XVM_H
+
+#include "String.h"
+#include <map>
+
+#define XVM_KEY_PATH "/etc/cluster/fence_xvm.key"
+#define XVM_KEY_MAX_SIZE 4096
+#define XVM_KEY_MIN_SIZE 128
+#define XVM_KEY_DEFAULT_SIZE 4096
+
+#define DMIDECODE_PATH "/usr/sbin/dmidecode"
+
+class XVM {
+ public:
+ static bool virt_guest(void);
+ static bool delete_xvm_key(void);
+ static bool set_xvm_key(const char *key_base64);
+ static char *get_xvm_key(void);
+ static bool generate_xvm_key(size_t key_bytes);
+};
+
+#endif
--- conga/ricci/modules/cluster/ClusterModule.cpp 2008/03/14 19:58:12
1.12
+++ conga/ricci/modules/cluster/ClusterModule.cpp 2008/07/10 20:25:58
1.13
@@ -27,7 +27,7 @@
#include "ClusterStatus.h"
#include "Clusvcadm.h"
#include "Fence.h"
-#include "Virt.h"
+#include "XVM.h"
#include "base64.h"
@@ -50,7 +50,6 @@
static VarMap set_xvm_key(const VarMap& args);
static VarMap get_xvm_key(const VarMap& args);
static VarMap generate_xvm_key(const VarMap& args);
-static VarMap list_vm(const VarMap& args);
static ApiFcnMap build_fcn_map();
@@ -88,7 +87,6 @@
api_1_0["get_xvm_key"] = get_xvm_key;
api_1_0["generate_xvm_key"] = generate_xvm_key;
api_1_0["virt_guest"] = virt_guest;
- api_1_0["list_vm"] = list_vm;
ApiFcnMap api_fcn_map;
@@ -227,7 +225,7 @@
VarMap
virt_guest(const VarMap& args)
{
- Variable var("virt_guest", Virt::virt_guest());
+ Variable var("virt_guest", XVM::virt_guest());
VarMap ret;
ret.insert(pair<String, Variable>(var.name(), var));
@@ -235,44 +233,8 @@
}
VarMap
-list_vm(const VarMap& args)
-{
- String hypervisor_uri = "";
-
- try {
- VarMap::const_iterator iter = args.find("hypervisor_uri");
-
- if (iter != args.end())
- hypervisor_uri = iter->second.get_string();
- } catch ( String e ) {
- throw APIerror(e);
- }
-
- if (!hypervisor_uri.size())
- hypervisor_uri = String(DEFAULT_HV_URI);
-
- std::map<String, String> vm_list = Virt::get_vm_list(hypervisor_uri);
-
- list<XMLObject> ids_list;
- for ( map<String,String>::iterator iter = vm_list.begin() ;
- iter != vm_list.end();
- iter++)
- {
- XMLObject id_xml("vm");
- id_xml.set_attr("domain", String(iter->first));
- id_xml.set_attr("status", String(iter->second));
- ids_list.push_back(id_xml);
- }
-
- Variable var("vm_list", ids_list);
- VarMap ret;
- ret.insert(pair<String, Variable>(var.name(), var));
- return ret;
-}
-
-VarMap
delete_xvm_key(const VarMap& args) {
- Virt::delete_xvm_key();
+ XVM::delete_xvm_key();
VarMap ret;
return ret;
}
@@ -293,7 +255,7 @@
throw APIerror(e);
}
- Virt::set_xvm_key(key_base64.c_str());
+ XVM::set_xvm_key(key_base64.c_str());
VarMap ret;
return ret;
}
@@ -302,7 +264,7 @@
get_xvm_key(const VarMap& args) {
char *key_base64 = NULL;
- key_base64 = Virt::get_xvm_key();
+ key_base64 = XVM::get_xvm_key();
Variable var("key_base64", String(key_base64));
memset(key_base64, 0, strlen(key_base64));
free(key_base64);
@@ -343,7 +305,7 @@
throw APIerror(e);
}
- Virt::generate_xvm_key(key_bytes);
+ XVM::generate_xvm_key(key_bytes);
VarMap ret;
return ret;
}
--- conga/ricci/modules/cluster/Makefile 2008/03/14 19:58:12 1.21
+++ conga/ricci/modules/cluster/Makefile 2008/07/10 20:25:58 1.22
@@ -22,12 +22,11 @@
ClusterStatus.o \
Clusvcadm.o \
Fence.o \
- Virt.o
+ XVM.o
PARANOID=0
INCLUDE += -I${top_srcdir}/common/
CXXFLAGS += -DPARANOIA=$(PARANOID)
-LDFLAGS += -lvirt
ifeq ($(PARANOID), 1)
LDFLAGS += ${top_srcdir}/common/paranoid/*.o
/cvs/cluster/conga/ricci/modules/virt/.cvsignore,v --> standard output
revision 1.1
--- conga/ricci/modules/virt/.cvsignore
+++ - 2008-07-10 20:26:01.160899000 +0000
@@ -0,0 +1,3 @@
+ricci-modvirt
+*.orig
+*.rej
/cvs/cluster/conga/ricci/modules/virt/Makefile,v --> standard output
revision 1.1
--- conga/ricci/modules/virt/Makefile
+++ - 2008-07-10 20:26:01.245680000 +0000
@@ -0,0 +1,56 @@
+################################################################################
+##
+## Copyright (C) 2005-2008 Red Hat, Inc. All rights reserved.
+##
+## This copyrighted material is made available to anyone wishing to use,
+## modify, copy, or redistribute it subject to the terms and conditions
+## of the GNU General Public License v.2.
+##
+################################################################################
+
+top_srcdir=../..
+UNINSTALL = ${top_srcdir}/scripts/uninstall.pl
+
+include ${top_srcdir}/make/defines.mk
+
+
+TARGET = modvirt
+
+OBJECTS = main.o \
+ VirtModule.o \
+ Virt.o
+
+PARANOID=0
+INCLUDE += -I${top_srcdir}/common/
+CXXFLAGS += -DPARANOIA=$(PARANOID)
+LDFLAGS += -lvirt
+
+ifeq ($(PARANOID), 1)
+ LDFLAGS += ${top_srcdir}/common/paranoid/*.o
+else
+ LDFLAGS += ${top_srcdir}/common/*.o
+endif
+
+all: ${TARGET}
+
+*.o: *.h
+
+install:
+ $(INSTALL_DIR) ${libexecdir}
+ $(INSTALL_BIN) ${TARGET} ${libexecdir}
+ $(INSTALL_DIR) ${sysconfdir}/oddjobd.conf.d
+ $(INSTALL_FILE) d-bus/modvirt.oddjob.conf ${sysconfdir}/oddjobd.conf.d
+ $(INSTALL_DIR) ${sysconfdir}/dbus-1/system.d
+ $(INSTALL_FILE) d-bus/modvirt.systembus.conf
${sysconfdir}/dbus-1/system.d
+
+uninstall:
+
+clean:
+ rm -f $(OBJECTS) $(TARGET)
+
+check:
+
+rebuild: clean all
+
+$(TARGET): $(OBJECTS)
+ $(CXX) -o $(TARGET) $(OBJECTS) $(LDFLAGS)
/cvs/cluster/conga/ricci/modules/virt/Virt.cpp,v --> standard output
revision 1.1
--- conga/ricci/modules/virt/Virt.cpp
+++ - 2008-07-10 20:26:01.389284000 +0000
@@ -0,0 +1,132 @@
+/*
+** Copyright (C) Red Hat, Inc. 2006-2008
+**
+** This program is free software; you can redistribute it and/or modify it
+** under the terms of the GNU General Public License version 2 as
+** published by the Free Software Foundation.
+**
+** This program is distributed in the hope that it will be useful, but
+** WITHOUT ANY WARRANTY; without even the implied warranty of
+** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+** General Public License for more details.
+**
+** You should have received a copy of the GNU General Public License
+** along with this program; see the file COPYING. If not, write to the
+** Free Software Foundation, Inc., 675 Mass Ave, Cambridge,
+** MA 02139, USA.
+*/
+
+extern "C" {
+ #include <unistd.h>
+ #include <stdlib.h>
+ #include <fcntl.h>
+ #include <sys/stat.h>
+ #include <string.h>
+ #include <errno.h>
+ #include <libvirt/libvirt.h>
+
+ #include "sys_util.h"
+ #include "base64.h"
+}
+
+#include "Virt.h"
+#include "utils.h"
+
+using namespace std;
+
+bool Virt::virt_guest(void) {
+ try {
+ String out, err;
+ int status;
+ vector<String> args;
+
+ if (utils::execute(DMIDECODE_PATH, args, out, err, status,
false))
+ throw command_not_found_error_msg(DMIDECODE_PATH);
+ if (status != 0)
+ throw String("dmidecode failed: " + err);
+ if (out.find("Vendor: Xen") != out.npos)
+ return true;
+ if (out.find("Manufacturer: Xen") != out.npos)
+ return true;
+ } catch ( ... ) {}
+
+ return false;
+}
+
+map<String, String> Virt::get_vm_list(const String &hvURI) {
+ std::map<String, String> vm_list;
+ int i;
+ int ret;
+ int num_doms;
+ virConnectPtr con = NULL;
+
+ con = virConnectOpenReadOnly(hvURI.c_str());
+ if (con == NULL)
+ throw String("unable to connect to virtual machine manager");
+
+
+ num_doms = virConnectNumOfDefinedDomains(con);
+ if (num_doms < 1) {
+ virConnectClose(con);
+ throw String("Unable to get the number of defined domains");
+ }
+
+ if (num_doms > 0) {
+ char **dom = (char **) calloc(num_doms, sizeof(char *));
+ if (!dom) {
+ virConnectClose(con);
+ throw String("Out of memory");
+ }
+
+ ret = virConnectListDefinedDomains(con, dom, num_doms);
+ if (ret < 0) {
+ free(dom);
+ virConnectClose(con);
+ throw String("Unable to list defined domains");
+ }
+
+ for (i = 0 ; i < ret ; i++) {
+ if (dom[i] != NULL) {
+ vm_list.insert(
+ pair<String,String>(String(dom[i]),
String("inactive")));
+ free(dom[i]);
+ }
+ }
+
+ free(dom);
+ }
+
+ num_doms = virConnectNumOfDomains(con);
+ if (num_doms < 0) {
+ virConnectClose(con);
+ throw String("Unable to get the number of defined domains");
+ }
+
+ if (num_doms > 0) {
+ int *active_doms = (int *) calloc(sizeof(int), num_doms);
+ ret = virConnectListDomains(con, active_doms, num_doms);
+ if (ret > 0) {
+ for (i = 0 ; i < ret ; i++) {
+ const char *name;
+ if (active_doms[i] == 0) {
+ /* Skip dom0 */
+ continue;
+ }
+
+ virDomainPtr vdp = virDomainLookupByID(con,
active_doms[i]);
+ if (vdp == NULL)
+ continue;
+
+ name = virDomainGetName(vdp);
+ if (name != NULL) {
+ vm_list.insert(
+
pair<String,String>(String(name), String("active")));
+ }
+ }
+ }
+ free(active_doms);
+ }
+
+ virConnectClose(con);
+ return vm_list;
+}
/cvs/cluster/conga/ricci/modules/virt/Virt.h,v --> standard output
revision 1.1
--- conga/ricci/modules/virt/Virt.h
+++ - 2008-07-10 20:26:01.533158000 +0000
@@ -0,0 +1,34 @@
+/*
+** Copyright (C) Red Hat, Inc. 2006-2008
+**
+** This program is free software; you can redistribute it and/or modify it
+** under the terms of the GNU General Public License version 2 as
+** published by the Free Software Foundation.
+**
+** This program is distributed in the hope that it will be useful, but
+** WITHOUT ANY WARRANTY; without even the implied warranty of
+** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+** General Public License for more details.
+**
+** You should have received a copy of the GNU General Public License
+** along with this program; see the file COPYING. If not, write to the
+** Free Software Foundation, Inc., 675 Mass Ave, Cambridge,
+** MA 02139, USA.
+*/
+
+#ifndef __CONGA_MODCLUSTER_VIRT_H
+#define __CONGA_MODCLUSTER_VIRT_H
+
+#include "String.h"
+#include <map>
+
+#define DMIDECODE_PATH "/usr/sbin/dmidecode"
+#define DEFAULT_HV_URI "xen:///"
+
+class Virt {
+ public:
+ static std::map<String, String> get_vm_list(const String&
hvURI);
+ static bool virt_guest(void);
+};
+
+#endif
/cvs/cluster/conga/ricci/modules/virt/VirtModule.cpp,v --> standard output
revision 1.1
--- conga/ricci/modules/virt/VirtModule.cpp
+++ - 2008-07-10 20:26:01.721380000 +0000
@@ -0,0 +1,99 @@
+/*
+** Copyright (C) Red Hat, Inc. 2006-2008
+**
+** This program is free software; you can redistribute it and/or modify it
+** under the terms of the GNU General Public License version 2 as
+** published by the Free Software Foundation.
+**
+** This program is distributed in the hope that it will be useful, but
+** WITHOUT ANY WARRANTY; without even the implied warranty of
+** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+** General Public License for more details.
+**
+** You should have received a copy of the GNU General Public License
+** along with this program; see the file COPYING. If not, write to the
+** Free Software Foundation, Inc., 675 Mass Ave, Cambridge,
+** MA 02139, USA.
+*/
+
+/*
+ * Author: Ryan McCabe <[EMAIL PROTECTED]>
+ */
+
+#include "VirtModule.h"
+#include "Virt.h"
+#include "base64.h"
+
+using namespace std;
+
+static VarMap virt_guest(const VarMap& args);
+static VarMap list_vm(const VarMap& args);
+
+static ApiFcnMap build_fcn_map();
+
+VirtModule::VirtModule() :
+ Module(build_fcn_map())
+{}
+
+VirtModule::~VirtModule()
+{}
+
+ApiFcnMap
+build_fcn_map()
+{
+ FcnMap api_1_0;
+
+ api_1_0["virt_guest"] = virt_guest;
+ api_1_0["list_vm"] = list_vm;
+
+ ApiFcnMap api_fcn_map;
+ api_fcn_map["1.0"] = api_1_0;
+
+ return api_fcn_map;
+}
+
+VarMap
+virt_guest(const VarMap& args)
+{
+ Variable var("virt_guest", Virt::virt_guest());
+
+ VarMap ret;
+ ret.insert(pair<String, Variable>(var.name(), var));
+ return ret;
+}
+
+VarMap
+list_vm(const VarMap& args)
+{
+ String hypervisor_uri = "";
+
+ try {
+ VarMap::const_iterator iter = args.find("hypervisor_uri");
+
+ if (iter != args.end())
+ hypervisor_uri = iter->second.get_string();
+ } catch (String e) {
+ throw APIerror(e);
+ }
+
+ if (!hypervisor_uri.size())
+ hypervisor_uri = String(DEFAULT_HV_URI);
+
+ std::map<String, String> vm_list = Virt::get_vm_list(hypervisor_uri);
+
+ list<XMLObject> ids_list;
+ for ( map<String,String>::iterator iter = vm_list.begin() ;
+ iter != vm_list.end();
+ iter++)
+ {
+ XMLObject id_xml("vm");
+ id_xml.set_attr("domain", String(iter->first));
+ id_xml.set_attr("status", String(iter->second));
+ ids_list.push_back(id_xml);
+ }
+
+ Variable var("vm_list", ids_list);
+ VarMap ret;
+ ret.insert(pair<String, Variable>(var.name(), var));
+ return ret;
+}
/cvs/cluster/conga/ricci/modules/virt/VirtModule.h,v --> standard output
revision 1.1
--- conga/ricci/modules/virt/VirtModule.h
+++ - 2008-07-10 20:26:03.299190000 +0000
@@ -0,0 +1,33 @@
+/*
+** Copyright (C) Red Hat, Inc. 2006-2008
+**
+** This program is free software; you can redistribute it and/or modify it
+** under the terms of the GNU General Public License version 2 as
+** published by the Free Software Foundation.
+**
+** This program is distributed in the hope that it will be useful, but
+** WITHOUT ANY WARRANTY; without even the implied warranty of
+** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+** General Public License for more details.
+**
+** You should have received a copy of the GNU General Public License
+** along with this program; see the file COPYING. If not, write to the
+** Free Software Foundation, Inc., 675 Mass Ave, Cambridge,
+** MA 02139, USA.
+*/
+
+#ifndef __CONGA_MODVIRT_VIRTMODULE_H
+#define __CONGA_MODVIRT_VIRTMODULE_H
+
+#include "Module.h"
+
+class VirtModule : public Module
+{
+ public:
+ VirtModule();
+ virtual ~VirtModule();
+
+ private:
+};
+
+#endif
/cvs/cluster/conga/ricci/modules/virt/main.cpp,v --> standard output
revision 1.1
--- conga/ricci/modules/virt/main.cpp
+++ - 2008-07-10 20:26:03.647531000 +0000
@@ -0,0 +1,35 @@
+/*
+** Copyright (C) Red Hat, Inc. 2006-2008
+**
+** This program is free software; you can redistribute it and/or modify it
+** under the terms of the GNU General Public License version 2 as
+** published by the Free Software Foundation.
+**
+** This program is distributed in the hope that it will be useful, but
+** WITHOUT ANY WARRANTY; without even the implied warranty of
+** MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+** General Public License for more details.
+**
+** You should have received a copy of the GNU General Public License
+** along with this program; see the file COPYING. If not, write to the
+** Free Software Foundation, Inc., 675 Mass Ave, Cambridge,
+** MA 02139, USA.
+*/
+
+#include "VirtModule.h"
+
+#include <iostream>
+
+using namespace std;
+
+int
+main(int argc, char **argv)
+{
+ try {
+ VirtModule m;
+ return stdin_out_module_driver(m, argc, argv);
+ } catch (String e) {
+ cerr << e << endl;
+ return 1;
+ }
+}
/cvs/cluster/conga/ricci/modules/virt/d-bus/ricci-modvirt.oddjob.conf,v -->
standard output
revision 1.1
--- conga/ricci/modules/virt/d-bus/ricci-modvirt.oddjob.conf
+++ - 2008-07-10 20:26:04.364260000 +0000
@@ -0,0 +1,25 @@
+<?xml version="1.0"?>
+<oddjobconfig>
+ <service name="com.redhat.ricci">
+ <object name="/com/redhat/ricci">
+ <interface name="com.redhat.ricci">
+ <method name="modvirt_rw">
+ <helper exec="/usr/libexec/ricci-modvirt"
+ arguments="1"
+ prepend_user_name="no"
+ argument_passing_method="stdin"
+ />
+ <allow user="root"/>
+ </method>
+ <method name="modvirt_ro">
+ <helper exec="/usr/libexec/ricci-modvirt_ro"
+ arguments="1"
+ prepend_user_name="no"
+ argument_passing_method="stdin"
+ />
+ <allow user="root"/>
+ </method>
+ </interface>
+ </object>
+ </service>
+</oddjobconfig>
/cvs/cluster/conga/ricci/modules/virt/d-bus/ricci-modvirt.systembus.conf,v -->
standard output
revision 1.1
--- conga/ricci/modules/virt/d-bus/ricci-modvirt.systembus.conf
+++ - 2008-07-10 20:26:04.517816000 +0000
@@ -0,0 +1,25 @@
+<!DOCTYPE busconfig PUBLIC
+ "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
+ "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd";>
+
+<busconfig>
+
+ <!-- Only root can own ricci service. -->
+ <policy user="root">
+ <allow own="com.redhat.ricci"/>
+ </policy>
+
+ <!-- Allow anyone to call modvirt_rw and modvirt_ro
+ methods. oddjobd performs actual ACL. -->
+ <policy context="default">
+ <allow send_destination="com.redhat.ricci"
+ send_path="/com/redhat/ricci"
+ send_interface="com.redhat.ricci"
+ send_member="modvirt_rw"/>
+ <allow send_destination="com.redhat.ricci"
+ send_path="/com/redhat/ricci"
+ send_interface="com.redhat.ricci"
+ send_member="modvirt_ro"/>
+ </policy>
+
+</busconfig>
