From f1d243bd85f1f168cb8746b6c2856ee72a9c008f Mon Sep 17 00:00:00 2001
From: Michael Hanselmann <hansmi@google.com>
Date: Thu, 13 Dec 2012 15:20:34 +0100
Subject: [PATCH] RAPI documentation fix and update
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
- Mention user capabilities in security.rst
- Replace βqueryβ with βreadβ in RAPI documentation
Signed-off-by: Michael Hanselmann <hansmi@google.com>
Reviewed-by: Iustin Pop <iustin@google.com>
---
doc/rapi.rst | 8 +++++---
doc/security.rst | 4 +++-
2 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/doc/rapi.rst b/doc/rapi.rst
index e69fa19bf..f70f8ca1a 100644
--- a/doc/rapi.rst
+++ b/doc/rapi.rst
@@ -16,6 +16,7 @@ it runs on TCP port 5080, but this can be changed either in
which is used by default, can also be disabled by passing command line
parameters.
+.. _rapi-users:
Users and passwords
-------------------
@@ -64,10 +65,11 @@ Example::
jessica {HA1}7046452df2cbb530877058712cf17bd4 write
# Monitoring can query for values
- monitoring {HA1}ec018ffe72b8e75bb4d508ed5b6d079c query
+ monitoring {HA1}ec018ffe72b8e75bb4d508ed5b6d079c read
- # A user who can query and write
- superuser {HA1}ec018ffe72b8e75bb4d508ed5b6d079c query,write
+ # A user who can read and write (the former is implied by granting
+ # write access)
+ superuser {HA1}ec018ffe72b8e75bb4d508ed5b6d079c read,write
.. [#pwhash] Using the MD5 hash of username, realm and password is
diff --git a/doc/security.rst b/doc/security.rst
index a24d7ffe5..70d1d9556 100644
--- a/doc/security.rst
+++ b/doc/security.rst
@@ -98,7 +98,9 @@ Remote API
----------
Starting with Ganeti 2.0, Remote API traffic is encrypted using SSL/TLS
-by default. It supports Basic authentication as per :rfc:`2617`.
+by default. It supports Basic authentication as per :rfc:`2617`. Users
+can be granted different capabilities. Details can be found in the
+:ref:`RAPI documentation <rapi-users>`.
Paths for certificate, private key and CA files required for SSL/TLS
will be set at source configure time. Symlinks or command line
--
GitLab