* Daniel P. Berrangé (berra...@redhat.com) wrote: > The various ACL related commands are obsolete now that the QAuthZ > framework for authorization is fully integrated throughout QEMU network > services. Mark it as deprecated with no replacement to be provided. > > Signed-off-by: Daniel P. Berrangé <berra...@redhat.com>
OK, so I can do all these by using object_add/object_del with the right type and parameters? but looks OK: Reviewed-by: Dr. David Alan Gilbert <dgilb...@redhat.com> > --- > monitor.c | 23 +++++++++++++++++++++++ > qemu-doc.texi | 8 ++++++++ > 2 files changed, 31 insertions(+) > > diff --git a/monitor.c b/monitor.c > index 67c63013bd..c4a9ae5c85 100644 > --- a/monitor.c > +++ b/monitor.c > @@ -2089,6 +2089,19 @@ static QAuthZList *find_auth(Monitor *mon, const char > *name) > return QAUTHZ_LIST(obj); > } > > +static bool warn_acl; > +static void hmp_warn_acl(void) > +{ > + if (warn_acl) { > + return; > + } > + error_report("The acl_show, acl_reset, acl_policy, acl_add, acl_remove " > + "commands are deprecated with no replacement. Authorization > " > + "for VNC should be performed using the pluggable QAuthZ " > + "objects"); > + warn_acl = true; > +} > + > static void hmp_acl_show(Monitor *mon, const QDict *qdict) > { > const char *aclname = qdict_get_str(qdict, "aclname"); > @@ -2096,6 +2109,8 @@ static void hmp_acl_show(Monitor *mon, const QDict > *qdict) > QAuthZListRuleList *rules; > size_t i = 0; > > + hmp_warn_acl(); > + > if (!auth) { > return; > } > @@ -2119,6 +2134,8 @@ static void hmp_acl_reset(Monitor *mon, const QDict > *qdict) > const char *aclname = qdict_get_str(qdict, "aclname"); > QAuthZList *auth = find_auth(mon, aclname); > > + hmp_warn_acl(); > + > if (!auth) { > return; > } > @@ -2137,6 +2154,8 @@ static void hmp_acl_policy(Monitor *mon, const QDict > *qdict) > int val; > Error *err = NULL; > > + hmp_warn_acl(); > + > if (!auth) { > return; > } > @@ -2172,6 +2191,8 @@ static void hmp_acl_add(Monitor *mon, const QDict > *qdict) > QAuthZListFormat format; > size_t i = 0; > > + hmp_warn_acl(); > + > if (!auth) { > return; > } > @@ -2227,6 +2248,8 @@ static void hmp_acl_remove(Monitor *mon, const QDict > *qdict) > QAuthZList *auth = find_auth(mon, aclname); > ssize_t i = 0; > > + hmp_warn_acl(); > + > if (!auth) { > return; > } > diff --git a/qemu-doc.texi b/qemu-doc.texi > index 5b7e3faab2..c6aad94015 100644 > --- a/qemu-doc.texi > +++ b/qemu-doc.texi > @@ -2938,6 +2938,14 @@ The ``query-cpus'' command is replaced by the > ``query-cpus-fast'' command. > The ``arch'' output member of the ``query-cpus-fast'' command is > replaced by the ``target'' output member. > > +@section Human Monitor Protocol (HMP) commands > + > +@subsection acl_show, acl_reset, acl_policy, acl_add, acl_remove (since > 3.0.0) > + > +The ``acl_show'', ``acl_reset'', ``acl_policy'', ``acl_add'', and > +``acl_remove'' commands are deprecated with no replacement. Authorization > +for VNC should be performed using the pluggable QAuthZ objects. > + > @section System emulator devices > > @subsection ivshmem (since 2.6.0) > -- > 2.17.0 > -- Dr. David Alan Gilbert / dgilb...@redhat.com / Manchester, UK