On Mon, Sep 27, 2010 at 12:41 PM, Jan Safranek <[email protected]> wrote: > On 09/27/2010 08:47 AM, Ivana Hutarova Varekova wrote: >> >> On 09/24/2010 01:53 PM, [email protected] wrote: >>> >>> OK, I am not happy with this patch. I want to change the mechanism >>> like this. So, you have a file maybe, cgsnapshot_blacklist so >>> $cat cgsnapshot_blacklist >>> devices.allow >>> devices.deny >>> >>> Now, this is *just* the blacklist. Now, parse this file, as opposed to >>> devices.allow=Y or devices.allow=N which does not make it really >>> obvious which one is the blacklist entry and which is not. Also makes >>> your parsing code much more straightforward. >>> >>> Next, you can reuse this same code to parse a file which just has teh >>> list of variables you want to read. Of course there are priority >>> issues, does the blacklist get priority or does the whitelist get it, >>> but we can figure it out later on. >>> >>> Dhaval >>> >> So your suggestionn is to have the option like: >> >> -b, --blacklist Display only variables from blacklist (default >> /etc/cgsnapshot_blacklist.conf) >> --blacklist-file file Set the blacklist configuration file >> >> which will have the list of variables which are problematic now, or >> forbidden from some reason. >> but you mention in the last paragraph the reuse of this code to the list >> of variables which are should >> be printed. So do you want to have there some options like >> -l, --variablelist >> --variablelist-file >> Do you agree with this options? >> Ivana > > If I can propose something, I'd like to have these options: > -b --blacklist=file Ignore the parameters mentioned in the file > -w --whitelist=file Show only the parameters mentioned in the file > > The semantics should be the same as in hosts.allow and hosts.deny: > - parameter is shown if it is on the whitelist > - otherwise, the parameter is hidden if it is on blacklist > - otherwise (i.e. it's not on any list), it is shown (let's call these > parameters as 'gray'). > > A Warning should be shown for these gray parameters. There should be also an > option to hide gray parameters, so only those explicitly mentioned on > whitelist would be shown (-B, --blacklist-default?). > > When there is no -w or -b, the lists are taken from > /etc/cgsnapshot.{white,black}list. If there is no such file, the appropriate > list is empty. User could erase these default lists using e.g. '-b > /dev/null' (=no extra code needed) or '-i' as '--ignore-default-lists'. >
I am not so sure I want a default blacklist. But I can see where you are coming from, and do not have a strong objection to it. > As an extra feature, I'd like to have possibility to have more than one -b > and -w option, IMHO it wouldn't require too much code. > The question still remains on how to prioritize values between these files? > And as Christmas wish, I'd love to use regular expressions in these files > :). Like blacklisting cpuset.* and whitelisting just cpuset.cpus and > cpuset.mems. > :-) Dhaval ------------------------------------------------------------------------------ Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev _______________________________________________ Libcg-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/libcg-devel
