summaryrefslogtreecommitdiff
path: root/fdi
diff options
context:
space:
mode:
Diffstat (limited to 'fdi')
-rw-r--r--fdi/policy/10osvendor/20-acl-management.fdi16
1 files changed, 13 insertions, 3 deletions
diff --git a/fdi/policy/10osvendor/20-acl-management.fdi b/fdi/policy/10osvendor/20-acl-management.fdi
index 124d889f..ee637681 100644
--- a/fdi/policy/10osvendor/20-acl-management.fdi
+++ b/fdi/policy/10osvendor/20-acl-management.fdi
@@ -31,9 +31,19 @@
<!-- Removable block devices -->
<match key="info.capabilities" contains="block">
<match key="@block.storage_device:storage.removable" bool="true">
- <append key="info.capabilities" type="strlist">access_control</append>
- <merge key="access_control.file" type="copy_property">block.device</merge>
- <merge key="access_control.type" type="string">removable-block</merge>
+ <!-- do not set acls on unpartitioned volumes, parent gets them -->
+ <match key="block.is_volume" bool="true">
+ <match key="volume.is_partition" bool="true">
+ <append key="info.capabilities" type="strlist">access_control</append>
+ <merge key="access_control.file" type="copy_property">block.device</merge>
+ <merge key="access_control.type" type="string">removable-block</merge>
+ </match>
+ </match>
+ <match key="block.is_volume" bool="false">
+ <append key="info.capabilities" type="strlist">access_control</append>
+ <merge key="access_control.file" type="copy_property">block.device</merge>
+ <merge key="access_control.type" type="string">removable-block</merge>
+ </match>
</match>
</match>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-12 04:59:06 +0000