[one-users] users and vnets

Mon Jan 10 08:09:16 PST 2011

Hi, Javier.

Sorry for the delay in the answer: I was in vacation....

Yes, the user id of the render user is 3:

mysql> select * from user_pool where user_name='render';
+-----+-----------+------------------------------------------+---------+
| oid | user_name | password                                 | enabled |
+-----+-----------+------------------------------------------+---------+
|   3 | render    | xxxxxxxxxxxxxxxxxxxxxxxxxxx |       1 |
+-----+-----------+------------------------------------------+---------+

And yes, the table "network_pool" assign the correct user (id=3) to the 
network created by this user:

mysql> select * from network_pool where oid=223;
+-----+------+--------------------+------+--------+--------+
| oid | uid  | name               | type | bridge | public |
+-----+------+--------------------+------+--------+--------+
| 223 |    3 | render_01_localnet |    0 | br1    |      0 |
+-----+------+--------------------+------+--------+--------+

Please note that in this actualized example, the net created by the user 
"render" has the id 223:

[oneadmin at onesrv02 ]$ onevnet list
  ID USER     NAME                   TYPE BRIDGE P #LEASES
 142 oneadmin Public LAN xen       Ranged xenbr1 N       3
 143 oneadmin Public LAN kvm       Ranged    br1 N       1
 174 oneadmin genom_localnet       Ranged xenbr1 N       4
 176 oneadmin araceli_localnet     Ranged xenbr1 N      29
 203 oneadmin zahara1_localnet     Ranged xenbr1 N      74
 223 render   render_01_localnet   Ranged    br1 N       2

About the one version:

[oneadmin at onesrv02 ]$ oned -v
Copyright 2002-2010, OpenNebula Project Leads (OpenNebula.org)

OpenNebula 1.9.80 is distributed and licensed for use under the terms of the
Apache License, Version 2.0 (http://www.apache.org/licenses/LICENSE-2.0).

Can you help me about this issue???

Regards.

Javier Fontan escribió:
> Users should be able to delete their own objects, that includes vnets
> so there must me a problem here. Can you check that in the table
> "network_pool" the network with id 220 has uid=3 (it seems that render
> user is 3 from the provided messages)?
>
> If that is not the case tell me the version on oned and if you are
> using the external auth module so I can check the problem here.
>
> On Mon, Dec 27, 2010 at 3:52 PM, Ruben Diez <rdiez at cesga.es> wrote:
>   
>> Hi:
>>
>> I just have added a OpenNebula user. This user (render), have all the
>> permissions:
>>
>> This user can create a vnet by using "onevnet create".
>>
>>
>> $ onevnet create render_pru_localnet.net
>>
>> $ onevnet list
>>  ID USER     NAME                   TYPE BRIDGE P #LEASES
>> 220 render   render_pru_localnet  Ranged    br1 N       0
>>
>> But when the user attempts to delete this net, it not works:
>>
>> $ onevnet delete 220
>> Error: [VirtualNetworkDelete] User [3] not authorized to perform DELETE on
>> NET [220].
>>
>> How cat this user delete his own nets??
>>
>> The user seems to have all the permissions:
>>
>> mysql> select * from user_permissions where user_name='render';
>> +-----------+----------------+
>> | user_name | permissions_id |
>> +-----------+----------------+
>> | render    |              1 |
>> | render    |              2 |
>> | render    |              3 |
>> | render    |              4 |
>> | render    |              5 |
>> | render    |              6 |
>> | render    |              7 |
>> | render    |              8 |
>> | render    |              9 |
>> | render    |             10 |
>> | render    |             11 |
>> | render    |             12 |
>> | render    |             13 |
>> | render    |             14 |
>> | render    |             15 |
>> | render    |             16 |
>> +-----------+----------------+
>> 16 rows in set (0.01 sec)
>>
>> Regards.
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>
>>     
>
>
>
>   