diff --git a/daemon/config.go b/daemon/config.go index 98ef251b92..a842bda244 100644 --- a/daemon/config.go +++ b/daemon/config.go @@ -55,7 +55,7 @@ type CommonConfig struct { // from the command-line. func (config *Config) InstallCommonFlags(cmd *flag.FlagSet, usageFn func(string) string) { cmd.Var(opts.NewListOptsRef(&config.GraphOptions, nil), []string{"-storage-opt"}, usageFn("Set storage driver options")) - cmd.Var(opts.NewListOptsRef(&config.AuthZPlugins, nil), []string{"-authz-plugins"}, usageFn("List authorization plugins in order from first evaluator to last")) + cmd.Var(opts.NewListOptsRef(&config.AuthZPlugins, nil), []string{"-authz-plugin"}, usageFn("List authorization plugins in order from first evaluator to last")) cmd.Var(opts.NewListOptsRef(&config.ExecOptions, nil), []string{"-exec-opt"}, usageFn("Set exec driver options")) cmd.StringVar(&config.Pidfile, []string{"p", "-pidfile"}, defaultPidFile, usageFn("Path to use for daemon PID file")) cmd.StringVar(&config.Root, []string{"g", "-graph"}, defaultGraph, usageFn("Root of the Docker runtime")) diff --git a/docs/extend/authorization.md b/docs/extend/authorization.md index 448497e6a8..a48a8fbdf7 100644 --- a/docs/extend/authorization.md +++ b/docs/extend/authorization.md @@ -93,14 +93,14 @@ support the Docker client interactions detailed in this section. ### Setting up Docker daemon Enable the authorization plugin with a dedicated command line flag in the -`--authz-plugins=PLUGIN_ID` format. The flag supplies a `PLUGIN_ID` value. +`--authz-plugin=PLUGIN_ID` format. The flag supplies a `PLUGIN_ID` value. This value can be the plugin’s socket or a path to a specification file. ```bash -$ docker daemon --authz-plugins=plugin1 --authz-plugins=plugin2,... +$ docker daemon --authz-plugin=plugin1 --authz-plugin=plugin2,... ``` -Docker's authorization subsystem supports multiple `--authz-plugins` parameters. +Docker's authorization subsystem supports multiple `--authz-plugin` parameters. ### Calling authorized command (allow) diff --git a/docs/reference/commandline/daemon.md b/docs/reference/commandline/daemon.md index d1a606db75..3c28295188 100644 --- a/docs/reference/commandline/daemon.md +++ b/docs/reference/commandline/daemon.md @@ -17,7 +17,7 @@ weight = -1 Options: --api-cors-header="" Set CORS headers in the remote API - --authz-plugins=[] Set authorization plugins to load + --authz-plugin=[] Set authorization plugins to load -b, --bridge="" Attach containers to a network bridge --bip="" Specify network bridge IP -D, --debug=false Enable debug mode @@ -607,10 +607,10 @@ The currently supported cluster store options are: Docker's access authorization can be extended by authorization plugins that your organization can purchase or build themselves. You can install one or more authorization plugins when you start the Docker `daemon` using the -`--authz-plugins=PLUGIN_ID` option. +`--authz-plugin=PLUGIN_ID` option. ```bash -docker daemon --authz-plugins=plugin1 --authz-plugins=plugin2,... +docker daemon --authz-plugin=plugin1 --authz-plugin=plugin2,... ``` The `PLUGIN_ID` value is either the plugin's name or a path to its specification diff --git a/integration-cli/docker_cli_authz_unix_test.go b/integration-cli/docker_cli_authz_unix_test.go index 72e4e8fa30..6ef325840d 100644 --- a/integration-cli/docker_cli_authz_unix_test.go +++ b/integration-cli/docker_cli_authz_unix_test.go @@ -156,7 +156,7 @@ func (s *DockerAuthzSuite) TearDownSuite(c *check.C) { func (s *DockerAuthzSuite) TestAuthZPluginAllowRequest(c *check.C) { - err := s.d.Start("--authz-plugins=" + testAuthZPlugin) + err := s.d.Start("--authz-plugin=" + testAuthZPlugin) c.Assert(err, check.IsNil) s.ctrl.reqRes.Allow = true s.ctrl.resRes.Allow = true @@ -180,7 +180,7 @@ func (s *DockerAuthzSuite) TestAuthZPluginAllowRequest(c *check.C) { func (s *DockerAuthzSuite) TestAuthZPluginDenyRequest(c *check.C) { - err := s.d.Start("--authz-plugins=" + testAuthZPlugin) + err := s.d.Start("--authz-plugin=" + testAuthZPlugin) c.Assert(err, check.IsNil) s.ctrl.reqRes.Allow = false s.ctrl.reqRes.Msg = unauthorizedMessage @@ -197,7 +197,7 @@ func (s *DockerAuthzSuite) TestAuthZPluginDenyRequest(c *check.C) { func (s *DockerAuthzSuite) TestAuthZPluginDenyResponse(c *check.C) { - err := s.d.Start("--authz-plugins=" + testAuthZPlugin) + err := s.d.Start("--authz-plugin=" + testAuthZPlugin) c.Assert(err, check.IsNil) s.ctrl.reqRes.Allow = true s.ctrl.resRes.Allow = false diff --git a/man/docker-daemon.8.md b/man/docker-daemon.8.md index b3e3ad65b1..f06a05e92b 100644 --- a/man/docker-daemon.8.md +++ b/man/docker-daemon.8.md @@ -7,7 +7,7 @@ docker-daemon - Enable daemon mode # SYNOPSIS **docker daemon** [**--api-cors-header**=[=*API-CORS-HEADER*]] -[**--authz-plugins**[=*[]*]] +[**--authz-plugin**[=*[]*]] [**-b**|**--bridge**[=*BRIDGE*]] [**--bip**[=*BIP*]] [**--cluster-store**[=*[]*]] @@ -71,7 +71,7 @@ format. **--api-cors-header**="" Set CORS headers in the remote API. Default is cors disabled. Give urls like "http://foo, http://bar, ...". Give "*" to allow all. -**--authz-plugins**="" +**--authz-plugin**="" Set authorization plugins to load **-b**, **--bridge**="" @@ -465,10 +465,10 @@ Key/Value store. Docker's access authorization can be extended by authorization plugins that your organization can purchase or build themselves. You can install one or more authorization plugins when you start the Docker `daemon` using the -`--authz-plugins=PLUGIN_ID` option. +`--authz-plugin=PLUGIN_ID` option. ```bash -docker daemon --authz-plugins=plugin1 --authz-plugins=plugin2,... +docker daemon --authz-plugin=plugin1 --authz-plugin=plugin2,... ``` The `PLUGIN_ID` value is either the plugin's name or a path to its specification