<div dir="ltr">Hi,<div><br></div><div>That workflow may work, but sounds a bit convoluted.</div><div>Could you elaborate a bit more about your use case?</div><div><br></div><div>The way we designed it, the chown operation is meant to be performed by an administrative account, like oneadmin, or a group/vdc admin.</div>
<div><br></div><div>This is because in a multi-tenancy environment regular users should not be aware of all the other users in the system.</div><div>And allowing them to freely change a resource's owner poses some concerns: quotas, billing, security, etc.</div>
<div><br></div><div>On the technical side, the chown operation requires VM:MANAGE + USER:MANAGE [1]. The users drop-down will show all the users that the logged account can list, i.e. has USER:USE permissions.</div><div>
<br>
</div><div>Regards.</div><div><br></div><div>[1] <a href="http://opennebula.org/documentation:rel4.2:api#onevm">http://opennebula.org/documentation:rel4.2:api#onevm</a><br></div><div><br></div></div><div class="gmail_extra">
<br clear="all"><div><div dir="ltr">--<br>Join us at <a href="http://opennebulaconf.com" target="_blank">OpenNebulaConf2013</a> in Berlin, 24-26 September, 2013<br>--<div>Carlos Martín, MSc<br>Project Engineer<br>OpenNebula - The Open-source Solution for Data Center Virtualization<div>
<span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="http://www.OpenNebula.org" target="_blank">www.OpenNebula.org</a> | <a href="mailto:cmartin@opennebula.org" target="_blank">cmartin@opennebula.org</a> | <a href="http://twitter.com/opennebula" target="_blank">@OpenNebula</a></span><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="mailto:cmartin@opennebula.org" style="color:rgb(42,93,176)" target="_blank"></a></span></div>
</div></div></div>
<br><br><div class="gmail_quote">On Thu, Aug 29, 2013 at 3:20 PM, Liu, Guang Jun (Gene) <span dir="ltr"><<a href="mailto:Gene.Liu@alcatel-lucent.com" target="_blank">Gene.Liu@alcatel-lucent.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<div>Hi Carlos,<br>
<br>
The current process of changing ownership of a VM is like this:<br>
1. The current owner of the VM grant the admin permission<br>
2. The new user "pull" the ownership privilege<br>
<br>
The reason of this is that only the current user id is listed in
the pull-up list. (The actual owner-to-be can not be chosen by
current owner)<br>
<br>
I am not sure if this is the design by default. I would think
"push" ownership privilege making more sense.<br>
<br>
Thanks,<br>
<br>
Gene<div><div class="h5"><br>
On 13-08-27 04:08 PM, Liu, Guang Jun (Gene) wrote:<br>
</div></div></div><div><div class="h5">
<blockquote type="cite">
<div>HI Carlos,<br>
<br>
Thank you very much for your reply! Yes, its a little bit tricky
but the configuration you specified works. <br>
<pre cols="72">Gene</pre>
On 13-08-27 05:44 AM, Carlos Martín Sánchez wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hi,
<div><br>
</div>
<div>I assume you edited the users view [1] to enable the
VM.chown action. There is a tricky configuration here: the
drop-down list of users is filled by the Users tab, so you
need to enable the users-tab attribute.</div>
<div><br>
</div>
<div>Regards.</div>
<div><br>
</div>
<div>[1] <a href="http://opennebula.org/documentation:rel4.2:suns_views" target="_blank">http://opennebula.org/documentation:rel4.2:suns_views</a><br>
</div>
<div class="gmail_extra"> <br clear="all">
<div>
<div dir="ltr">--<br>
Join us at <a href="http://opennebulaconf.com" target="_blank">OpenNebulaConf2013</a>
in Berlin, 24-26 September, 2013<br>
--
<div>Carlos Martín, MSc<br>
Project Engineer<br>
OpenNebula - The Open-source Solution for Data Center
Virtualization
<div> <span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"><a href="http://www.OpenNebula.org" target="_blank">www.OpenNebula.org</a>
| <a href="mailto:cmartin@opennebula.org" target="_blank">cmartin@opennebula.org</a> | <a href="http://twitter.com/opennebula" target="_blank">@OpenNebula</a></span><span style="border-collapse:collapse;color:rgb(136,136,136);font-family:arial,sans-serif;font-size:13px"></span></div>
</div>
</div>
</div>
<br>
<br>
<div class="gmail_quote">On Mon, Aug 26, 2013 at 3:55 PM,
Liu, Guang Jun (Gene) <span dir="ltr"><<a href="mailto:Gene.Liu@alcatel-lucent.com" target="_blank">Gene.Liu@alcatel-lucent.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi
there,<br>
<br>
>From sunstone, when a normal user (not in admin
group) tried to "change<br>
owner", there is always empty list of new user. Anyone
experienced the<br>
same issue? I wonder if it's a software bug or
configuration related?<br>
<br>
Thanks<br>
<br>
Gene<br>
<br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.opennebula.org" target="_blank">Users@lists.opennebula.org</a><br>
<a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a><br>
</blockquote>
</div>
<br>
</div>
</div>
</blockquote>
<br>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
Users mailing list
<a href="mailto:Users@lists.opennebula.org" target="_blank">Users@lists.opennebula.org</a>
<a href="http://lists.opennebula.org/listinfo.cgi/users-opennebula.org" target="_blank">http://lists.opennebula.org/listinfo.cgi/users-opennebula.org</a>
</pre>
</blockquote>
<br>
</div></div></div>
</blockquote></div><br></div>