Revoking the GetUserAccess privilege for Operator

In IPMITOOL, operator can see all the accounts for "user list 3" command. This
poses a security issue. It not consistent with Redfish beheviour where the
Operator user is unable to view other users. This change revokes the Operator
to see other users over IPMITOOL.

Tested: Operator unable to view the users through IPMI
ipmitool -I lanplus -H <ip-address> -U <userid> -P <password> -L Operator -C 17 user list 3
IPMI command failed: Insufficient privilege level

Change-Id: I5b200a85662a05bfdf1fce395e7acff6bbf1a22e
Signed-off-by: Ankita Prasad <ankita.prasad@intel.com>
1 file changed
tree: 8692e3a52b0f43d255e8f9aced4e6e19355c1d17
  1. app/
  2. dbus-sdr/
  3. docs/
  4. include/
  5. libipmid/
  6. scripts/
  7. softoff/
  8. subprojects/
  9. test/
  10. user_channel/
  11. xyz/
  12. .build.sh
  13. .clang-format
  14. .gitignore
  15. .shellcheck
  16. .travis.yml
  17. apphandler.cpp
  18. apphandler.hpp
  19. chassishandler.cpp
  20. chassishandler.hpp
  21. dcmihandler.cpp
  22. dcmihandler.hpp
  23. elog-errors.hpp
  24. entity_map_json.cpp
  25. entity_map_json.hpp
  26. error-HostEvent.hpp
  27. fruread.hpp
  28. generate_whitelist.sh
  29. generate_whitelist_create.sh
  30. globalhandler.cpp
  31. globalhandler.hpp
  32. groupext.cpp
  33. host-cmd-manager.cpp
  34. host-cmd-manager.hpp
  35. host-interface.cpp
  36. host-interface.hpp
  37. host-ipmid-whitelist.conf
  38. ipmi_fru_info_area.cpp
  39. ipmi_fru_info_area.hpp
  40. ipmid-new.cpp
  41. ipmisensor.cpp
  42. ipmiwhitelist.hpp
  43. LICENSE
  44. meson.build
  45. meson_options.txt
  46. OWNERS
  47. read_fru_data.cpp
  48. read_fru_data.hpp
  49. README.md
  50. selutility.cpp
  51. selutility.hpp
  52. sensordatahandler.cpp
  53. sensordatahandler.hpp
  54. sensorhandler.cpp
  55. sensorhandler.hpp
  56. settings.cpp
  57. settings.hpp
  58. storageaddsel.cpp
  59. storageaddsel.hpp
  60. storagehandler.cpp
  61. storagehandler.hpp
  62. sys_info_param.cpp
  63. sys_info_param.hpp
  64. systemintfcmds.cpp
  65. systemintfcmds.hpp
  66. testaddsel.cpp
  67. testit.cpp
  68. transporthandler.cpp
  69. transporthandler.hpp
  70. whitelist-filter.cpp
README.md

Compile ipmid with default options:

meson builddir
ninja -C builddir

Compile ipmid with yocto defaults:

meson builddir -Dbuildtype=minsize -Db_lto=true -Dtests=disabled
ninja -C builddir

If any of the dependencies are not found on the host system during configuration, meson automatically gets them via its wrap dependencies mentioned in ipmid/subprojects.

Enable/Disable meson wrap feature

meson builddir -Dwrap_mode=nofallback
ninja -C builddir

Enable debug traces

meson builddir -Dbuildtype=debug
ninja -C builddir

Generate test coverage report:

meson builddir -Db_coverage=true -Dtests=enabled
ninja -C builddir test
ninja -C builddir coverage