[one-users] problem with access to objects in opennebula 3.0
Rolandas Naujikas
rolandas.naujikas at mif.vu.lt
Tue Nov 8 08:22:22 PST 2011
On 2011-11-08 16:16, Carlos Martín Sánchez wrote:
> Hi,
>
> Users in the oneadmin group are authorized to perform any operation [1].
Thanks.
ID USER GROUP NAME SIZE TYPE REGTIME PUB
PER STAT RVMS
0 oneadmin users 10G-qcow2 0M OS 11/08 09:43:31 Yes
No rdy 0
2 oneadmin users debian-6.0-a 1G OS 11/08 11:04:30 No
No used 7
When I (regular user from group "users") tried to use this image (ID=2)
I got error (not authorized) - so it works.
Problem is that regular user could see private (not public) images from
other users.
Regards, Rolandas
> Regards.
>
> [1]
> http://opennebula.org/documentation:rel3.0:manage_acl#how_permission_is_granted_or_denied
> --
> Carlos Martín, MSc
> Project Engineer
> OpenNebula - The Open Source Toolkit for Data Center Virtualization
> www.OpenNebula.org | cmartin at opennebula.org |
> @OpenNebula<http://twitter.com/opennebula><cmartin at opennebula.org>
>
>
> On Tue, Nov 8, 2011 at 2:25 PM, Rolandas Naujikas <
> rolandas.naujikas at mif.vu.lt> wrote:
>
>> Hi,
>>
>> Why an user could access private objects from other users in the same
>> group ?
>> OpenNebula 3.0 documentation says opposite.
>> http://opennebula.org/documentation:rel3.0:manage_users
>>
>> Regards, Rolandas
>>
>> P.S. I have images created with oneadmin and one of them public
>> (published) and others - no. With regular user (in the group oneadmin) I
>> can access all user oneadmin images (and create VM from them).
>> The same was with the group "users".
>> _______________________________________________
>> Users mailing list
>> Users at lists.opennebula.org
>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>>
>
More information about the Users
mailing list