Apply suggestions from code review

acl_docs: Stylistic improvements

Co-Authored-By: Tim Gross <tim@0x74696d.com>
This commit is contained in:
Danielle 2019-09-06 15:03:38 +02:00 committed by GitHub
parent 4b6e03b8e9
commit 25b7d58b37
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -378,12 +378,12 @@ host_volume "prod-ca-certificates" {
Host volume rules are keyed to the volume names that they apply to. As with Host volume rules are keyed to the volume names that they apply to. As with
namespaces, you may use wildcards to reuse the same configuration across a set namespaces, you may use wildcards to reuse the same configuration across a set
of volumes. In addition to the coarse grained policy specification, the of volumes. In addition to the coarse grained policy specification, the
host_volume stanza allows setting a more fine grained list of capabilities. `host_volume` stanza allows setting a more fine grained list of capabilities.
This includes: This includes:
- `deny` - Do not allow a user to mount a volume in any way. - `deny` - Do not allow a user to mount a volume in any way.
- `mount-readonly` - Only allow the user to mount the volume as `readonly` - `mount-readonly` - Only allow the user to mount the volume as `readonly`
- `mount-readwrite` - Allow the user to mount the volume as `readonly` or `readwrite` if the host_volume configuration allows it. - `mount-readwrite` - Allow the user to mount the volume as `readonly` or `readwrite` if the `host_volume` configuration allows it.
The course grained policy permissions are shorthand for the fine grained capabilities: The course grained policy permissions are shorthand for the fine grained capabilities: