On 2011-11-08 16:16, Carlos Martín Sánchez wrote: > Hi, > > Users in the oneadmin group are authorized to perform any operation [1].
Thanks. ID USER GROUP NAME SIZE TYPE REGTIME PUB PER STAT RVMS 0 oneadmin users 10G-qcow2 0M OS 11/08 09:43:31 Yes No rdy 0 2 oneadmin users debian-6.0-a 1G OS 11/08 11:04:30 No No used 7 When I (regular user from group "users") tried to use this image (ID=2) I got error (not authorized) - so it works. Problem is that regular user could see private (not public) images from other users. Regards, Rolandas > Regards. > > [1] > http://opennebula.org/documentation:rel3.0:manage_acl#how_permission_is_granted_or_denied > -- > Carlos Martín, MSc > Project Engineer > OpenNebula - The Open Source Toolkit for Data Center Virtualization > www.OpenNebula.org | [email protected] | > @OpenNebula<http://twitter.com/opennebula><[email protected]> > > > On Tue, Nov 8, 2011 at 2:25 PM, Rolandas Naujikas < > [email protected]> wrote: > >> Hi, >> >> Why an user could access private objects from other users in the same >> group ? >> OpenNebula 3.0 documentation says opposite. >> http://opennebula.org/documentation:rel3.0:manage_users >> >> Regards, Rolandas >> >> P.S. I have images created with oneadmin and one of them public >> (published) and others - no. With regular user (in the group oneadmin) I >> can access all user oneadmin images (and create VM from them). >> The same was with the group "users". >> _______________________________________________ >> Users mailing list >> [email protected] >> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >> > _______________________________________________ Users mailing list [email protected] http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
