commit | 3946028d2d3143109bb562841efce3e094c70c0b | [log] [tgz] |
---|---|---|
author | AppaRao Puli <apparao.puli@linux.intel.com> | Tue Apr 07 17:03:04 2020 +0530 |
committer | AppaRao Puli <apparao.puli@linux.intel.com> | Wed Apr 22 18:14:21 2020 +0000 |
tree | f4e5123fae37b84898ff2aafb9d83a0656500c05 | |
parent | 0b631aeaba4093945071857d28adb8dafc12f291 [diff] |
Correct privilege levels for LogService Correct the privilege levels for LogService as per privilege registry under redfish specification. https://redfish.dmtf.org/registries/Redfish_1.0.4_PrivilegeRegistry.json 1) ClearLog actions(EventLog, CrashDump, PostCode, JournalLog etc..) are subordinates of LogService should be executed with "ConfigureComponents" privilege level. 2) For security reasons, Restricted CrashDump (LogService and LogEntry) to "ConfigureComponents". Tested: - Created Operator, User and Administrator users and validated all methods under LogService, LogEntry LogServiceCollections and LogEntryCollections, its subordinates. Signed-off-by: AppaRao Puli <apparao.puli@linux.intel.com> Change-Id: I4ce1ee90b3b999a80daa9aa20e5e7d79b64a9b85
This component attempts to be a "do everything" embedded webserver for openbmc.
At this time, the webserver implements a few interfaces:
BMCWeb is configured by setting -D
flags that correspond to options in bmcweb/CMakeLists.txt
and then compiling. For example, cmake -DBMCWEB_ENABLE_KVM=NO ...
followed by make
. The option names become C++ preprocessor symbols that control which code is compiled into the program.
When BMCWeb starts running, it reads persistent configuration data (such as UUID and session data) from a local file. If this is not usable, it generates a new configuration.
When BMCWeb SSL support is enabled and a usable certificate is not found, it will generate a self-sign a certificate before launching the server. The keys are generated by the secp384r1
algorithm. The certificate
C=US, O=OpenBMC, CN=testhost
,SHA-256
algorithm.