[one-users] about ACL
Valerio Schiavoni
valerio.schiavoni at gmail.com
Thu Jun 13 01:16:00 PDT 2013
Hello,
i'm running OpenNebula 4.0.1, freshly installed, and I'd like to implement
the following use-case ACL-wise: when users login through the sunstone
interface, they should see if other VMs are currently running and on which
hosts. Clearly, on VMs owned by other users (even if in the same group), no
managing actions should be allowed.
This is the current set of ACL rules installed ( i believe these are the
default ones):
ID USER RES_VHNIUTGDCO RID OPE_UMAC
0 @1 V-NI-T---- * ---c
11 @1 -H-------- * um--
16 * ---------O * ---c
If I add this: "@1 VM/* USE" , all users can see all other users' VMs but
all actions seem to be available (at least through the web interface).
Is this scenario supported somehow?
Thanks,
Valerio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20130613/25eb23fe/attachment-0001.htm>
More information about the Users
mailing list