Hi Bypassing the template checks for oneadmin (and oneadmin group) templates is in 3.4, Are you trying with this version?
Cheers Ruben On Tue, May 8, 2012 at 9:07 AM, Guba Sándor <[email protected]> wrote: > Maybe I wrong but when I tryed the 1. method. I could create template and > change permissions but I could not deploy it with other user than oneadmin. > > 2012-05-07 23:06 keltezéssel, Ruben S. Montero írta: > >> Hi, >> >> You can either >> >> 1.- Create the templates with oneadmin and set the permissions so >> everybody or a set of users can use it (this way the template is >> considered secure). This can be done with onetemplate chmod or setting >> up an ACL for more complex sharing needs. >> >> 2.- Remove CONTEXT/FILES as a VM_RESTRICTED_ATTR in oned.conf so >> making FILES a valid attribute for every one. >> >> Cheers >> >> Ruben >> >> On Mon, May 7, 2012 at 6:10 PM, Andreas Calvo<[email protected]> >> wrote: >>> >>> As per redmine issue http://dev.opennebula.org/issues/1159 , it seems >>> that only oneadmin templates are not being checked. >>> In my scenario, users should be able to create their own templates (or >>> copy from oneadmin's) and fire up instances accessing CONTEXT/FILES. >>> >>> I've granted: >>> 15 @101 --N------ * u--- >>> 22 @101 -H------- * -m-- >>> 23 @101 V--I-T--- @101 umac >>> 25 @101 V--I-T--- * ---c >>> >>> But when a user creates it's own template and tries to start it, it >>> complains about restricted attributes in CONTEXT/FILES. >>> >>> Is it correct to do it that way? >>> >>> Thanks >>> >>> _______________________________________________ >>> Users mailing list >>> [email protected] >>> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org >> >> >> > > _______________________________________________ > Users mailing list > [email protected] > http://lists.opennebula.org/listinfo.cgi/users-opennebula.org -- Ruben S. Montero, PhD Project co-Lead and Chief Architect OpenNebula - The Open Source Solution for Data Center Virtualization www.OpenNebula.org | [email protected] | @OpenNebula _______________________________________________ Users mailing list [email protected] http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
