[one-users] ACLs issues

Ruben Diez rdiez at cesga.es
Thu Oct 20 04:47:39 PDT 2011


Hi:

We are attempt that OpenNebula users of group XXX (id=108) could view 
and use the NETs and IMAGES of the  group users (id=1)

So we create this ACL rule:

create "@108 NET+IMAGE/@1 USE+INFO+INFO_POOL"

but, contrary to expectations, un an user of the group XXX (id=108) 
can't list the vnets under the group user

user_under_XXX$ onevnet list
  ID USER     GROUP    NAME                    TYPE BRIDGE PUB  LEASES


user_under_XXX$ onevnet list a
[VirtualNetworkPoolInfo] User [4] : Not authorized to perform INFO_POOL NET.


Please note that there are vnets under group user:


oneadmin$ onevnet list
  ID USER     GROUP    NAME                    TYPE BRIDGE PUB  LEASES
 175 oneadmin users    red-192.169.40              R virbrG  No       0
 171 oneadmin users    red-84.21.173              R virbrC Yes      50


Where are the mistake??

Regards






More information about the Users mailing list