当前位置: 首页>>代码示例>>Golang>>正文

Golang Domain.Save方法代码示例

本文整理汇总了Golang中github.com/jlmucb/cloudproxy/go/tao.Domain.Save方法的典型用法代码示例。如果您正苦于以下问题:Golang Domain.Save方法的具体用法?Golang Domain.Save怎么用?Golang Domain.Save使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在github.com/jlmucb/cloudproxy/go/tao.Domain的用法示例。


在下文中一共展示了Domain.Save方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Golang代码示例。

示例1: addContainerRules

func addContainerRules(host string, domain *tao.Domain) {
	dt := template()
	if domain.Config.DomainInfo.GetGuardType() == "Datalog" {
		for _, c := range dt.ContainerPaths {
			prin, err := makeContainerSubPrin(c)
			if err != nil {
				continue
			}
			pt := auth.PrinTail{Ext: prin}
			pred := auth.MakePredicate(dt.GetContainerPredicateName(), pt)
			err = domain.Guard.AddRule(fmt.Sprint(pred))
			options.FailIf(err, "Can't add rule to domain")
		}
	} else if domain.Config.DomainInfo.GetGuardType() == "ACLs" && host != "" {
		prin := makeHostPrin(host)
		for _, p := range dt.ContainerPaths {
			subprin, err := makeContainerSubPrin(p)
			if err != nil {
				continue
			}
			prog := prin.MakeSubprincipal(subprin)
			err = domain.Guard.Authorize(prog, "Execute", nil)
			options.FailIf(err, "Can't authorize program in domain")
		}
	}
	err := domain.Save()
	options.FailIf(err, "Can't save domain")
}
开发者ID:tmroeder,项目名称:cloudproxy,代码行数:28,代码来源:tao_admin.go

示例2: InitAcls

// This function reads in trusted entities from a file at trustedEntitiesPath. In particular,
// this file contains the text representation of a trusted_entities proto message, which contains
// the Tao names of trusted programs and hosts, information about trusted machines and trusted
// machine certificates.
// For each such trusted entity, this function adds ACL rules to the domain guard, and saves
// the changes before returning.
func InitAcls(domain *tao.Domain, trustedEntitiesPath string) error {
	text, err := ioutil.ReadFile(trustedEntitiesPath)
	if err != nil {
		log.Printf("Can't open trusted entities file: %s", trustedEntitiesPath)
		return err
	}
	trustedEntities := TrustedEntities{}
	err = proto.UnmarshalText(string(text), &trustedEntities)
	if err != nil {
		log.Printf("Can't parse trusted entities file: %s", trustedEntitiesPath)
		return err
	}
	for _, programTaoName := range trustedEntities.GetTrustedProgramTaoNames() {
		var programPrin auth.Prin
		_, err := fmt.Sscanf(programTaoName, "%v", &programPrin)
		if err != nil {
			log.Printf("Can't create program principal from: %s\nError: %s",
				programTaoName, err)
			return err
		}
		err = domain.Guard.Authorize(programPrin, "Execute", []string{})
		if err != nil {
			log.Printf("Can't authorize principal: %s\nError: %s", programPrin, err)
			return err
		}
	}
	for _, hostTaoName := range trustedEntities.GetTrustedHostTaoNames() {
		var hostPrin auth.Prin
		_, err := fmt.Sscanf(hostTaoName, "%v", &hostPrin)
		if err != nil {
			log.Printf("Can't create host principal from: %s\nError: %s",
				hostTaoName, err)
			return err
		}
		err = domain.Guard.Authorize(hostPrin, "Host", []string{})
		if err != nil {
			log.Printf("Can't authorize principal: %s\nError: %s", hostPrin, err)
			return err
		}
	}
	for _, machineInfo := range trustedEntities.GetTrustedMachineInfos() {
		machinePrin := auth.Prin{
			Type:    "MachineInfo",
			KeyHash: auth.Str(machineInfo),
		}
		err = domain.Guard.Authorize(machinePrin, "Root", []string{})
		if err != nil {
			log.Printf("Can't authorize principal: %s\nError: %s", machinePrin, err)
			return err
		}
	}
	err = domain.Save()
	if err != nil {
		log.Println("Can't save domain.", err)
	}
	return err
}
开发者ID:tmroeder,项目名称:cloudproxy,代码行数:63,代码来源:domain_service.go

示例3: addHostRules

func addHostRules(host string, domain *tao.Domain) {
	if host == "" {
		return
	}
	dt := template()
	prin := makeHostPrin(host)
	pred := auth.MakePredicate(dt.GetHostPredicateName(), prin)
	err := domain.Guard.AddRule(fmt.Sprint(pred))
	options.FailIf(err, "Can't add rule to domain")
	err = domain.Save()
	options.FailIf(err, "Can't save domain")
}
开发者ID:tmroeder,项目名称:cloudproxy,代码行数:12,代码来源:tao_admin.go

示例4: addGuardRules

func addGuardRules(domain *tao.Domain) {
	dt := template()
	subprin := domain.Guard.Subprincipal()
	pt := auth.PrinTail{Ext: subprin}
	pred := auth.Pred{
		Name: dt.GetGuardPredicateName(),
		Arg:  []auth.Term{pt},
	}
	err := domain.Guard.AddRule(fmt.Sprint(pred))
	options.FailIf(err, "Can't add rule to domain")
	err = domain.Save()
	options.FailIf(err, "Can't save domain")
}
开发者ID:tmroeder,项目名称:cloudproxy,代码行数:13,代码来源:tao_admin.go

示例5: addExecute

func addExecute(path, host string, domain *tao.Domain) {
	prin := makeHostPrin(host)
	subprin, err := makeProgramSubPrin(path)
	if err == nil {
		prog := prin.MakeSubprincipal(subprin)
		fmt.Fprintf(noise, "Authorizing program to execute:\n"+
			"  path: %s\n"+
			"  host: %s\n"+
			"  name: %s\n", path, prin, subprin)
		err := domain.Guard.Authorize(prog, "Execute", nil)
		options.FailIf(err, "Can't authorize program in domain")
		err = domain.Save()
		options.FailIf(err, "Can't save domain")
	}
}
开发者ID:tmroeder,项目名称:cloudproxy,代码行数:15,代码来源:tao_admin.go

示例6: addLinuxHostRules

func addLinuxHostRules(domain *tao.Domain) {
	dt := template()
	for _, c := range dt.LinuxHostPaths {
		prin, err := makeLinuxHostSubPrin(c)
		if err != nil {
			continue
		}
		pt := auth.PrinTail{Ext: prin}
		pred := auth.MakePredicate(dt.GetLinuxHostPredicateName(), pt)
		err = domain.Guard.AddRule(fmt.Sprint(pred))
		options.FailIf(err, "Can't add rule to domain")
	}
	// The ACLs need the full name, so that only happens for containers and
	// programs.
	err := domain.Save()
	options.FailIf(err, "Can't save domain")
}
开发者ID:tmroeder,项目名称:cloudproxy,代码行数:17,代码来源:tao_admin.go

示例7: addTPM2Rules

func addTPM2Rules(domain *tao.Domain) {
	dt := template()
	tpmPath, pcrNums := getTPM2Config()
	prin := makeTPM2Prin(tpmPath, pcrNums)

	// TrustedOS predicate from PCR principal tail.
	prinPCRs := auth.PrinTail{Ext: prin.Ext}
	predTrustedOS := auth.MakePredicate(dt.GetOsPredicateName(), prinPCRs)
	err := domain.Guard.AddRule(fmt.Sprint(predTrustedOS))
	options.FailIf(err, "Can't add rule to domain")

	// TrustedTPM predicate from TPM principal.
	prin.Ext = nil
	predTrustedTPM2 := auth.MakePredicate(dt.GetTpm2PredicateName(), prin)
	err = domain.Guard.AddRule(fmt.Sprint(predTrustedTPM2))
	options.FailIf(err, "Can't add rule to domain")

	err = domain.Save()
	options.FailIf(err, "Can't save domain")
}
开发者ID:tmroeder,项目名称:cloudproxy,代码行数:20,代码来源:tao_admin.go

示例8: addProgramRules

func addProgramRules(host string, domain *tao.Domain) {
	dt := template()
	if domain.Config.DomainInfo.GetGuardType() == "Datalog" {
		// Add the hashes of any programs given in the template.
		for _, p := range dt.ProgramPaths {
			prin, err := makeProgramSubPrin(p)
			if err != nil {
				continue
			}
			pt := auth.PrinTail{Ext: prin}
			pred := auth.MakePredicate(dt.GetProgramPredicateName(), pt)
			err = domain.Guard.AddRule(fmt.Sprint(pred))
			options.FailIf(err, "Can't add rule to domain")
		}
	} else if domain.Config.DomainInfo.GetGuardType() == "ACLs" {
		addACLPrograms(host, domain)
	}
	err := domain.Save()
	options.FailIf(err, "Can't save domain")
}
开发者ID:tmroeder,项目名称:cloudproxy,代码行数:20,代码来源:tao_admin.go


注:本文中的github.com/jlmucb/cloudproxy/go/tao.Domain.Save方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。