/openbmc/phosphor-dbus-interfaces/yaml/xyz/openbmc_project/User/ |
H A D | PrivilegeMapper.interface.yaml | 2 Implement this interface to set the privilege of the user based on the group 3 name. The users in the group will inherit the privilege mapping of the 8 unique number generated by the application. If the privilege mapping already 11 privilege for a mapping which already exists, the Privilege property in the 13 application consuming the privilege mapping should not cache the object path 21 Creates a mapping for the group to the privilege. 26 Group Name to which the privilege is to be assigned. In the case 32 The privilege associated with the group. The set of available 35 be thrown if the privilege is invalid. Additional documentation 36 on privilege is available here. [all …]
|
H A D | PrivilegeMapperEntry.interface.yaml | 2 Implement to provide privilege for the group. 8 Group Name to which the privilege is to be assigned. In the case of 17 One of the privilege as defined by 20 thrown if the privilege is invalid. Additional documentation on 21 privilege is available here.
|
/openbmc/openbmc-test-automation/gui/test/access_control/ |
H A D | test_obmc_gui_local_users.robot | 22 ${xpath_select_privilege} //select[@id="privilege"] 33 Page should contain View privilege role descriptions 89 [Arguments] ${username} ${password} ${privilege}=Administrator 95 # privilege User privilege. 103 [Arguments] ${username} ${password} ${privilege} ${account_status} 108 # privilege User privilege. 117 Select User Privilege ${privilege} 121 [Documentation] Select user privilege. 122 [Arguments] ${privilege}=Administrator 125 # privilege User privilege. [all …]
|
/openbmc/openbmc-test-automation/redfish/account_service/ |
H A D | test_ipmi_redfish_user.robot | 89 # Verify new user privilege level via IPMI. 168 # Create user using IPMI with admin privilege. 177 ${privilege}= Redfish_Utils.Get Attribute 179 Should Be Equal ${privilege} Operator 195 ${privilege}= Redfish_Utils.Get Attribute 197 Should Be Equal ${privilege} ReadOnly 255 ${privilege}= Redfish_Utils.Get Attribute 257 Valid Value privilege ['ReadOnly'] 264 [Arguments] ${password} ${privilege}=0 285 Run Keyword If '${privilege}' != '0' [all …]
|
H A D | test_ldap_configuration.robot | 152 # With LDAP user and with right privilege trying to do BMC reboot. 204 [Documentation] Verify that LDAP user with read privilege able to 293 ... privilege. 439 # Verify LDAP user with Operator privilege able to do host poweroff. 457 # Verify LDAP user with Operator privilege able to do host poweron. 564 # group_privilege The group privilege ("Administrator", 658 [Documentation] Set read privilege and check firmware inventory. 662 # read_privilege The read privilege role (e.g. "User" / "Callback"). 722 [Documentation] Get LDAP privilege and return it. 732 [Documentation] Restore the LDAP privilege to its original value. [all …]
|
/openbmc/phosphor-user-manager/phosphor-ldap-config/ |
H A D | ldap_mapper_entry.cpp | 18 const std::string& privilege, Config& parent) : in LDAPMapperEntry() argument 23 Interfaces::privilege(privilege, true); in LDAPMapperEntry() 53 std::string LDAPMapperEntry::privilege(std::string value) in privilege() function in phosphor::ldap::LDAPMapperEntry 55 if (value == Interfaces::privilege()) in privilege() 61 auto val = Interfaces::privilege(value); in privilege()
|
H A D | ldap_mapper_serialize.cpp | 33 archive(entry.groupName(), entry.privilege()); in save() 49 std::string privilege{}; in load() local 51 archive(groupName, privilege); in load() 56 privilege(privilege, true); in load()
|
H A D | ldap_mapper_entry.hpp | 49 const std::string& privilege, Config& parent); 81 std::string privilege(std::string value) override; 84 privilege;
|
/openbmc/phosphor-net-ipmid/ |
H A D | command_table.hpp | 56 session::Privilege privilege; member 117 Entry(CommandID command, session::Privilege privilege) : in Entry() argument 118 command(command), privilege(privilege) in Entry() 142 return privilege; in getPrivilege() 155 session::Privilege privilege; member in command::Entry 173 session::Privilege privilege, bool sessionless) : in NetIpmidEntry() argument 174 Entry(command, privilege), functor(functor), sessionless(sessionless) in NetIpmidEntry()
|
/openbmc/bmcweb/redfish-core/include/ |
H A D | privileges.hpp | 98 for (const char* privilege : privilegeList) in Privileges() local 100 if (!setSinglePrivilege(privilege)) in Privileges() 103 privilege); in Privileges() 116 bool setSinglePrivilege(std::string_view privilege) in setSinglePrivilege() argument 121 if (privilege == privilegeNames[searchIndex]) in setSinglePrivilege() 139 bool resetSinglePrivilege(const char* privilege) in resetSinglePrivilege() argument 144 if (privilege == privilegeNames[searchIndex]) in resetSinglePrivilege()
|
/openbmc/webui-vue/src/views/SecurityAndAccess/UserManagement/ |
H A D | ModalUser.vue | 104 label-for="privilege" 107 id="privilege" 108 v-model="form.privilege" 113 @input="$v.form.privilege.$touch()" 259 privilege: null, 287 this.form.privilege = value.privilege; 301 privilege: { 330 userData.privilege = this.form.privilege; 341 if (this.$v.form.privilege.$dirty) { 342 userData.privilege = this.form.privilege; [all …]
|
/openbmc/openbmc-test-automation/openpower/localuser/ |
H A D | test_ipmi_redfish_user.robot | 26 [Documentation] Create user using IPMI without privilege and verify user privilege 36 # Verify new user privilege level via Redfish. 37 ${privilege}= Redfish_Utils.Get Attribute 39 Valid Value privilege ['ReadOnly'] 126 # Create user using Redfish with admin privilege. 142 # Update user privilege to readonly using Redfish. 146 # Verify new user privilege level via IPMI. 168 [Arguments] ${password} ${privilege}=0 188 # Set given privilege and enable IPMI messaging for newly created user. 189 Run Keyword If '${privilege}' != '0' [all …]
|
/openbmc/openbmc-tools/openbmctool/ |
H A D | README.md | 202 ### Add privilege mapping 205 openbmctool.py <connection options> ldap privilege-mapper create --groupName=<groupName> --privileg… 208 ### Delete privilege mapping 214 ### List privilege mapping 217 openbmctool.py <connection options> ldap privilege-mapper list 225 - Configure user privilege. 230 privilege mapping for the LDAP credentials then the user will get the following 233 403, 'LDAP group privilege mapping does not exist'. 235 Action: Add the privilege (refer to the section "Add privilege mapping") 240 Action: Add the privilege (refer to the section "Add privilege mapping") with [all …]
|
/openbmc/openbmc-test-automation/ipmi/ |
H A D | test_ipmi_user.robot | 300 # Delay added for user privilege to get set. 373 # Set admin privilege for newly created user with channel 1. 376 # Set user privilege for newly created user with channel 2. 407 # Set user privilege for newly created user with channel 2. 502 # Delay added for user privilege to get set. 540 # privilege (i.e. "Passed" or "Failed"). 555 # Delay added for user privilege to get set. 570 ... password, privilege and expected status. 575 # privilege The session privilege for IPMI command (e.g. "User", "Operator", etc.). 583 ... L=${privilege} [all …]
|
/openbmc/phosphor-dbus-interfaces/yaml/xyz/openbmc_project/Channel/ |
H A D | ChannelAccess.interface.yaml | 2 This interface defines channel specific privilege access information which 4 privilege restriction based on this property. 10 Maximum privilege associated with specific channel.
|
/openbmc/linux/arch/powerpc/boot/dts/ |
H A D | microwatt.dts | 44 usable-privilege = <2>; 49 usable-privilege = <3>; 55 usable-privilege = <2>; 60 usable-privilege = <3>; 65 usable-privilege = <2>; 71 usable-privilege = <3>;
|
/openbmc/bmcweb/http/routing/ |
H A D | ruleparametertraits.hpp | 78 for (const std::initializer_list<const char*>& privilege : p) in privileges() local 80 self->privilegesSet.emplace_back(privilege); in privileges() 89 for (const redfish::Privileges& privilege : p) in privileges() local 91 self->privilegesSet.emplace_back(privilege); in privileges()
|
/openbmc/linux/Documentation/devicetree/bindings/powerpc/ |
H A D | ibm,powerpc-cpu-features.txt | 13 enablement, privilege, and compatibility metadata. 94 - usable-privilege 104 This property describes the privilege levels and/or software components 118 This property describes the HV privilege support required to enable the 119 feature to lesser privilege levels. If the property does not exist then no 137 This property describes the OS privilege support required to enable the 213 usable-privilege = <1 | 2 | 4>; 219 usable-privilege = <1 | 2>; 226 usable-privilege = <2 | 4>; 233 usable-privilege = <1 | 2 | 4>; [all …]
|
/openbmc/linux/arch/arm64/include/asm/ |
H A D | hw_breakpoint.h | 17 privilege : 2, member 35 u32 val = (ctrl.len << 5) | (ctrl.type << 3) | (ctrl.privilege << 1) | in encode_ctrl_reg() 38 if (is_kernel_in_hyp_mode() && ctrl.privilege == AARCH64_BREAKPOINT_EL1) in encode_ctrl_reg() 49 ctrl->privilege = reg & 0x3; in decode_ctrl_reg()
|
/openbmc/openbmc-test-automation/gui/gui_test/security_and_access_menu/ |
H A D | test_user_management_sub_menu.robot | 56 Page should contain View privilege role descriptions 120 [Documentation] Create users with different access privilege 160 # Get random username and user privilege level. 176 # Get random username and user privilege level. 184 FOR ${privilege} IN @{list_user_privilege} 185 IF '${privilege}' != '${privilege_level}' 186 ${modify_privilege}= Set Variable ${privilege} 190 # Modify user privilege via GUI. 202 # Verify user privilege via Redfish. 214 # Get random username, user privilege level and account status. [all …]
|
/openbmc/linux/arch/arm64/kernel/ |
H A D | hw_breakpoint.c | 140 static enum dbg_active_el debug_exception_level(int privilege) in debug_exception_level() argument 142 switch (privilege) { in debug_exception_level() 148 pr_warn("invalid breakpoint privilege level %d\n", privilege); in debug_exception_level() 229 enum dbg_active_el dbg_el = debug_exception_level(info->ctrl.privilege); in hw_breakpoint_control() 494 hw->ctrl.privilege = AARCH64_BREAKPOINT_EL1; in arch_build_bp_info() 496 hw->ctrl.privilege = AARCH64_BREAKPOINT_EL0; in arch_build_bp_info() 569 if (hw->ctrl.privilege == AARCH64_BREAKPOINT_EL1 && bp->hw.target) in hw_breakpoint_arch_parse() 582 int i, max_slots, privilege; in toggle_bp_registers() local 603 privilege = counter_arch_bp(slots[i])->ctrl.privilege; in toggle_bp_registers() 604 if (debug_exception_level(privilege) != el) in toggle_bp_registers() [all …]
|
/openbmc/linux/arch/arm/include/asm/ |
H A D | hw_breakpoint.h | 17 privilege : 2, 31 (ctrl.privilege << 1) | ctrl.enabled; in encode_ctrl_reg() 39 ctrl->privilege = reg & 0x3; in decode_ctrl_reg()
|
/openbmc/phosphor-host-ipmid/user_channel/ |
H A D | user_layer.cpp | 153 privAccess.privilege = userInfo->userPrivAccess[chNum].privilege; in ipmiUserGetPrivilegeAccess() 166 userPrivAccess.privilege = privAccess.privilege; in ipmiUserSetPrivilegeAccess()
|
/openbmc/bmcweb/scripts/ |
H A D | parse_registries.py | 151 for privilege in privileges: 152 if privilege == "NoAuth": 155 privilege_string += privilege 157 if privilege != "NoAuth":
|
/openbmc/docs/architecture/ |
H A D | user-management.md | 58 OpenBMC supports privilege roles which are common across all the supported 59 groups (i.e. User will have same privilege for REDFISH / Webserver / IPMI / SSH 60 / HostConsole). User can belong to any one of the following privilege roles at 429 |privilege as the privilege | 451 the OpenBMC privilege roles. The preferred way is to group LDAP user accounts 458 by the webserver interface. The privilege role is a property of the user D-Bus 466 fetch the privilege role from the D-Bus object and update the session 470 information with the privilege role. 471 5. If there is no mapping for group name to privilege role, default to `user` 472 privilege role for the session. [all …]
|