[one-users] default ownership for VM instances

Carlos Martín Sánchez cmartin at opennebula.org
Tue Apr 2 08:36:56 PDT 2013


I think this can be easily done with a hook [1]. You will need to trigger
it each time a new VM is created:

    name      = "default_chmod",
    on        = "CREATE",
    command   = "default_chmod.rb",
    arguments = "$ID $TEMPLATE" ]

And then create a small script (default_chmod.rb) that looks for the
default uid and gid inside the vm template (second argument, it will be the
xml base64 enconded); and executes 'onevm chmod'.

Let me know if this works for you.


[1] http://opennebula.org/documentation:rel3.8:hooks

Carlos Martín, MSc
Project Engineer
OpenNebula - The Open-source Solution for Data Center Virtualization
www.OpenNebula.org | cmartin at opennebula.org |
@OpenNebula<http://twitter.com/opennebula><cmartin at opennebula.org>

On Tue, Apr 2, 2013 at 4:40 PM, Gary S. Cuozzo <gary at isgsoftware.net> wrote:

> Hello all,
> Is there a way to have a VM user/group ownership (and potentially ACL's)
> be set based on values in the template?
> Here is my use case:
> Currently, all of our VM's are one of a kind.  Each VM is based on a
> unique template and uses persistent images.  It is the virtual equivalent
> of colocated servers where each customer has their own dedicated and
> customized servers.  We basically manage the images & templates, but want
> to give users access to their vm for start/stop/vnc.
> What I have right now is I create a user/group for each customer.  The I
> set the ownership of the resources to be their user & group.  When we
> instantiate the VM, we have to remember to set the ownership accordingly or
> it will not show up as a resource when they login to sunstone.
> It would be ideal if there was a way to specify, in the template, the
> default user and group which should own the VM and the ACL's.  It would
> also be nice if the default name of the VM could be set (Though I think
> there may already be a feature being added for this).  This way, if we had
> to stop & recreate the VM instance (such as for adding more resources), we
> could do it without having to remember to set permissions manually.
> Let me know what you think.
> Cheers,
> gary
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130402/b0feb640/attachment-0002.htm>

More information about the Users mailing list