On a Thursday in 2020, Dr. David Alan Gilbert (git) wrote:
From: "Dr. David Alan Gilbert" <dgilb...@redhat.com>Add a few examples of xattrmaps to the documentation. Signed-off-by: Dr. David Alan Gilbert <dgilb...@redhat.com> --- docs/tools/virtiofsd.rst | 49 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) diff --git a/docs/tools/virtiofsd.rst b/docs/tools/virtiofsd.rst index 2efa16d3c5..a138549862 100644 --- a/docs/tools/virtiofsd.rst +++ b/docs/tools/virtiofsd.rst @@ -161,6 +161,55 @@ in which case a 'server' rule will always match on all names from the server. +xattr-mapping Examples +---------------------- + +1) Prefix all attributes with 'user.virtiofs.' + +:: + +-o xattrmap=":all:prefix::user.virtiofs.::all:bad:::" + + +This uses two rules, using : as the field separator; +the first rule prefixes and strips 'user.virtiofs.', +the second rule hides any non-prefixed attributes that +the host set. + +2) Prefix 'trusted.' attributes, allow others through + +:: + + "/all/prefix/trusted./user.virtiofs./ + /server/bad//trusted./ + /client/bad/user.virtiofs.trusted.// + /all/ok///" + + +Here there are four rules, using / as the field +separator, and also demonstrating that new lines can +be included between rules. +The first rule is the prefixing of 'trusted.'. +The second rule hides unprefixed 'trusted.' attributes +on the host. +The third rule stops a guest from explicitily setting
explicitly
+the 'user.viritofs.trusted.' path directly. +Finally, the fourth rule lets all remaining attributes +through. + +3) Hide 'security.' attributes, and allow everything else + +:: + + "/all/bad/security./security./ + /all/ok///' + +The first rule combines what could be separate client and server +rules into a single 'all' rule, matching 'security.' in either +client arguments or lists returned from the host. This stops +the client seeing any 'security.' attributes on the server and +stops it setting any.
extra space. Reviewed-by: Ján Tomko <jto...@redhat.com> Jano
signature.asc
Description: PGP signature
