openlmi-devel November 2013

openlmi-devel@lists.stg.fedorahosted.org

17 participants
42 discussions

Granual Access Control to operations in LMI
by Praveen_Paladugu＠Dell.com 01 Nov '13

01 Nov '13

We had a short discussion on 10/28 (at #openlmi) about enabling more granular access controls for CIM Operations. I took a few action items to find out how similar access controls were implemented in Dell iDRAC. Here is what I have: Essentially, all the access controls are setup in the individual providers. On top of basic authentication for an incoming request, all the providers have an extra layer of authentication enabled. All the users in the system have pre-defined roles. And the CIM operations in the providers are categorized into Privilege levels. The role of the user in the incoming request is verified against his/her privilege level following a table as show in the attachment. As providers in question are not open source, I cannot share the code for the same. Hope this helps. Thank you Praveen K Paladugu Dell Linux Engineering

1 0

openlmi-reviews Digest, Vol 7, Issue 1
by openlmi-reviews-request＠lists.fedorahosted.org 01 Nov '13

01 Nov '13

Send openlmi-reviews mailing list submissions to openlmi-reviews(a)lists.fedorahosted.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.fedorahosted.org/mailman/listinfo/openlmi-reviews or, via email, send a message with subject or body 'help' to openlmi-reviews-request(a)lists.fedorahosted.org You can reach the person managing the list at openlmi-reviews-owner(a)lists.fedorahosted.org When replying, please edit your Subject line so it is more specific than "Re: Contents of openlmi-reviews digest..." Today's Topics: 1. Re: Review Request 1159: providers [2/3] python: solve ComputerSystem issues (Jan Safranek) 2. Re: Review Request 1155: openlmi-software: Load ComputerSystem.Name from CIMOM (Jan Safranek) 3. Re: Review Request 1156: openlmi-storage: Use real CIMOM's ComputerSystem.Name as CreationClassName. (Jan Safranek) 4. buildbot failure in OpenLMI on networking-rawhide (openlmiproject(a)gmail.com) 5. Re: Review Request 1160: providers [3/3] software: use shared ComputerSystem module (Jan Safranek) 6. buildbot failure in OpenLMI on providers-rhel7 (openlmiproject(a)gmail.com) 7. Review Request 1161: networking [1/1] Remove old usecases documentation and its tests (Radek Novacek) 8. Re: Review Request 1161: networking [1/1] Remove old usecases documentation and its tests (Jan Safranek) 9. Re: Review Request 1152: [1/1] Account: Added 3 changes as one. (Jan Safranek) 10. Re: Review Request 1161: networking [1/1] Remove old usecases documentation and its tests (Radek Novacek) 11. buildbot success in OpenLMI on networking-rhel7 (openlmiproject(a)gmail.com) 12. buildbot failure in OpenLMI on providers-rawhide (openlmiproject(a)gmail.com) 13. buildbot failure in OpenLMI on providers-rhel7 (openlmiproject(a)gmail.com) 14. buildbot failure in OpenLMI on networking-rawhide (openlmiproject(a)gmail.com) 15. Re: Review Request 1152: [1/1] Account: Added 3 changes as one. (Robin Hack) 16. buildbot failure in OpenLMI on providers-rhel7 (openlmiproject(a)gmail.com) 17. buildbot failure in OpenLMI on providers-rawhide (openlmiproject(a)gmail.com) 18. Review Request 1162: providers [1/3] python: fixed ComputerSystem module (Michal Minar) 19. Review Request 1163: providers [2/3] python: fixed is_this_system (Michal Minar) 20. Review Request 1164: providers [3/3] software: ditched reference to removed system_name property (Michal Minar) 21. Re: Review Request 1162: providers [1/3] python: fixed ComputerSystem module (Jan Safranek) 22. Re: Review Request 1163: providers [2/3] python: fixed is_this_system (Jan Safranek) 23. Re: Review Request 1163: providers [2/3] python: fixed is_this_system (Michal Minar) 24. Re: Review Request 1162: providers [1/3] python: fixed ComputerSystem module (Michal Minar) 25. Re: Review Request 1159: providers [2/3] python: solve ComputerSystem issues (Michal Minar) 26. Re: Review Request 1160: providers [3/3] software: use shared ComputerSystem module (Michal Minar) 27. Re: Review Request 1164: providers [3/3] software: ditched reference to removed system_name property (Jan Safranek) 28. buildbot failure in OpenLMI on providers-rhel7 (openlmiproject(a)gmail.com) 29. Review Request 1165: storage: Use get_system_name() to get name from CIMOM instead of simple domain name (Jan Safranek) 30. Review Request 1166: providers: Prevent libglib2 from unloading (Jan Safranek) 31. Review Request 1167: providers-tests [1/5] providers: enhanced base test class (Michal Minar) 32. Review Request 1168: providers-tests [2/5] software: fix querying repository database (Michal Minar) 33. Review Request 1169: providers-tests [3/5] software: test improvements (Michal Minar) 34. Review Request 1170: providers-tests [4/5] software: refactored tests (Michal Minar) 35. Review Request 1171: providers-tests [5/5] software: temporarily disabled dangerous tests (Michal Minar) 36. buildbot failure in OpenLMI on providers-rhel7 (openlmiproject(a)gmail.com) 37. Review Request 1172: Hardware: Added Physical Disk Provider (Peter Schiffer) 38. Re: Review Request 1168: providers-tests [2/5] software: fix querying repository database (Jan Safranek) 39. Re: Review Request 1171: providers-tests [5/5] software: temporarily disabled dangerous tests (Jan Safranek) 40. Re: Review Request 1165: storage: Use get_system_name() to get name from CIMOM instead of simple domain name (Michal Minar) 41. buildbot failure in OpenLMI on networking-rawhide (openlmiproject(a)gmail.com) 42. buildbot failure in OpenLMI on storage-rawhide (openlmiproject(a)gmail.com) 43. Re: Review Request 1172: Hardware: Added Physical Disk Provider (Michal Minar) 44. buildbot failure in OpenLMI on networking-rhel7 (openlmiproject(a)gmail.com) 45. buildbot failure in OpenLMI on storage-rhel7 (openlmiproject(a)gmail.com) 46. Re: Review Request 1165: storage: Use get_system_name() to get name from CIMOM instead of simple domain name (Jan Safranek) 47. Re: Review Request 1167: providers-tests [1/5] providers: enhanced base test class (Jan Safranek) 48. buildbot failure in OpenLMI on providers-rhel7 (openlmiproject(a)gmail.com) 49. buildbot failure in OpenLMI on storage-rawhide (openlmiproject(a)gmail.com) 50. buildbot failure in OpenLMI on storage-rhel7 (openlmiproject(a)gmail.com) 51. Review Request 1173: storage: Fixed LMI_VGStoragePool.RemainingManagedSpace and .RemainingExtents (Jan Safranek) 52. Re: Review Request 1166: providers: Prevent libglib2 from unloading (Michal Minar) 53. Re: Review Request 1173: storage: Fixed LMI_VGStoragePool.RemainingManagedSpace and .RemainingExtents (Michal Minar) 54. Re: Review Request 1166: providers: Prevent libglib2 from unloading (Jan Safranek) 55. Re: Review Request 1173: storage: Fixed LMI_VGStoragePool.RemainingManagedSpace and .RemainingExtents (Jan Safranek) 56. Review Request 1175: logicalfile: implement LMI_RootDirectory.EnumerateInstanceNames (Jan Safranek) 57. buildbot failure in OpenLMI on storage-rhel7 (openlmiproject(a)gmail.com) 58. Re: Review Request 1175: logicalfile: implement LMI_RootDirectory.EnumerateInstanceNames (Jan Synacek) 59. Review Request 1174: lmishell, wrap reference properties to LMIInstanceName (Peter Hatina) 60. Re: Review Request 1175: logicalfile: implement LMI_RootDirectory.EnumerateInstanceNames (Jan Safranek) _______________________________________________ openlmi-reviews mailing list openlmi-reviews(a)lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/openlmi-reviews

1 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

openlmi-devel November 2013