Maybe I wrong but when I tryed the 1. method. I could create template
and change permissions but I could not deploy it with other user than
oneadmin.
2012-05-07 23:06 keltezéssel, Ruben S. Montero írta:
Hi,
You can either
1.- Create the templates with oneadmin and set the permissions so
everybody or a set of users can use it (this way the template is
considered secure). This can be done with onetemplate chmod or setting
up an ACL for more complex sharing needs.
2.- Remove CONTEXT/FILES as a VM_RESTRICTED_ATTR in oned.conf so
making FILES a valid attribute for every one.
Cheers
Ruben
On Mon, May 7, 2012 at 6:10 PM, Andreas Calvo<[email protected]> wrote:
As per redmine issue http://dev.opennebula.org/issues/1159 , it seems
that only oneadmin templates are not being checked.
In my scenario, users should be able to create their own templates (or
copy from oneadmin's) and fire up instances accessing CONTEXT/FILES.
I've granted:
15 @101 --N------ * u---
22 @101 -H------- * -m--
23 @101 V--I-T--- @101 umac
25 @101 V--I-T--- * ---c
But when a user creates it's own template and tries to start it, it
complains about restricted attributes in CONTEXT/FILES.
Is it correct to do it that way?
Thanks
_______________________________________________
Users mailing list
[email protected]
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
_______________________________________________
Users mailing list
[email protected]
http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
