minor |= (devID & 0x00000ffffff00000) >> 12

	return fmt.Sprintf("%d:%d", major, minor), nil
}

func filterLocalDisks(node, args string) ([]localDisk, error) {
	var result []localDisk

	argP, err := ellipses.FindEllipsesPatterns(args)
	if err != nil {
		return nil, err
	}
	exp := argP.Expand()

	if node == "" {
		for index, e := range exp {

			args = append(args, msg)
			msg = "%s"
		}
		console.quiet(msg+"\n", args...)
	default:
		if len(msg) != 0 && len(args) == 0 {
			args = append(args, msg)
			msg = "%s"
		}
		console.pretty(msg+"\n", args...)
	}
}

// Fatal prints only fatal error message with no stack trace
// it will be called for input validation failures
func Fatal(err error, msg string, data ...interface{}) {
	fatal(err, msg, data...)
}

	}

	config.Net.KeepAlive = 60 * time.Second
	config.Net.SASL.User = args.SASL.User
	config.Net.SASL.Password = args.SASL.Password
	initScramClient(args, config) // initializes configured scram client.
	config.Net.SASL.Enable = args.SASL.Enable

	tlsConfig, err := saramatls.NewConfig(args.TLS.ClientTLSCert, args.TLS.ClientTLSKey)
	if err != nil {
		target.loggerOnce(context.Background(), err, target.ID().String())
		return err
	}

}

// Only called from init()
func (target *WebhookTarget) initWebhook() error {
	args := target.args
	transport := target.transport

	if args.ClientCert != "" && args.ClientKey != "" {
		manager, err := certs.NewManager(context.Background(), args.ClientCert, args.ClientKey, tls.LoadX509KeyPair)
		if err != nil {
			return err
		}

	}

	if target.stanConn != nil {
		if target.args.Streaming.Async {
			_, err = target.stanConn.PublishAsync(target.args.Subject, data, nil)
		} else {
			err = target.stanConn.Publish(target.args.Subject, data)
		}
	} else {
		if target.jstream != nil {
			_, err = target.jstream.Publish(target.args.Subject, data)
		} else {
			err = target.natsConn.Publish(target.args.Subject, data)
		}
	}
	return err
}

func Authentication(username, password string) OperatorOption {
	return func(args *OperatorDNS) {
		args.username = username
		args.password = password
	}
}

// RootCAs - add custom trust certs pool
func RootCAs(certPool *x509.CertPool) OperatorOption {
	return func(args *OperatorDNS) {
		args.rootCAs = certPool
	}
}

// NewOperatorDNS - initialize a new K8S Operator DNS set/unset values.

	first_time=$(find ${WORK_DIR}/ | grep format.json | wc -l)

	start_port=$2
	args=""
	for d in $(seq 1 3 5); do
		args="$args http://127.0.0.1:$((start_port + 1))${WORK_DIR}/1/${d}/ http://127.0.0.1:$((start_port + 2))${WORK_DIR}/2/${d}/ http://127.0.0.1:$((start_port + 3))${WORK_DIR}/3/${d}/ "
		d=$((d + 1))

	if hasSessionPolicy {
		return isAllowedSP && (isOwnerDerived || combinedPolicy.IsAllowed(args))
	}

	// Sub policy not set, this is most common since subPolicy
	// is optional, use the inherited policies.
	return isOwnerDerived || combinedPolicy.IsAllowed(args)
}

func isAllowedBySessionPolicyForServiceAccount(args policy.Args) (hasSessionPolicy bool, isAllowed bool) {

#### Site

```
KEY:
site  label the server and its location

ARGS:
name     (string)    name for the site e.g. "cal-rack0"
region   (string)    name of the location of the server e.g. "us-west-1"
comment  (sentence)  optionally add a comment to this setting
```

or environment variables

```
KEY:
site  label the server and its location

ARGS:
MINIO_SITE_NAME     (string)    name for the site e.g. "cal-rack0"

		byPassSet = globalIAMSys.IsAllowed(policy.Args{
			AccountName:     cred.AccessKey,
			Groups:          cred.Groups,
			Action:          policy.BypassGovernanceRetentionAction,
			BucketName:      bucketName,
			ObjectName:      objectName,
			ConditionValues: conditions,
			IsOwner:         owner,
			Claims:          cred.Claims,
		})
	}
	if globalIAMSys.IsAllowed(policy.Args{
		AccountName:     cred.AccessKey,