F20 Self Contained Change: Role based access control with libvirt
Daniel P. Berrange
berrange at redhat.com
Mon Jul 15 16:09:33 UTC 2013
On Mon, Jul 15, 2013 at 10:06:30AM -0600, Kevin Fenzi wrote:
> On Mon, 15 Jul 2013 12:00:35 +0200
> Jaroslav Reznik <jreznik at redhat.com> wrote:
>
> > = Proposed Self Contained Change: Role based access control with
> > libvirt = https://fedoraproject.org/wiki/Changes/Virt_ACLs
> >
> > Change owner(s): Daniel P. Berrange <berrange at redhat.com>, Cole
> > Robinson <crobinso at redhat.com>
> >
> > Allow role based access control with libvirt.
> >
> > == Detailed description ==
> > Libvirt role based access control will allow fine grained access
> > control like 'user FOO can only start/stop/pause vm BAR', but for all
> > libvirt APIs and objects.
> >
> > == Scope ==
> > Proposal owners:
> > * 90% of the work is already in rawhide
> > * Documentation needs to be written
> >
> > Other developers: N/A (not a System Wide Change)
> > Release engineering: N/A (not a System Wide Change)
> > Policies and guidelines: N/A (not a System Wide Change)
>
> How do you set these policies? Is there a command/gui/interface? Or a
> text file? Or ?
It is done via the standard PolicyKit javascript auth rules files
> I can't seem to see any docs off the change page off hand.
The docs have not been written yet. That's out of the outstanding work
items to be done for F20.
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the devel
mailing list