[libvirt-users] selective virsh host permissions
Martin Kletzander
mkletzan at redhat.com
Tue Oct 20 08:49:05 UTC 2015
On Mon, Oct 19, 2015 at 01:10:15PM -0400, Jamie Fargen wrote:
>As a Systems Administrator, I would like to grant permissions to a certain
>VM using unix groups. In this example there is a hypervisor with VMs
>A,B,C,D and there is a group called fortadmins. The solution I am searching
>forI would just allow fortadmins to use libvirt/virsh commands on VM D.
>
>Does libvirt/virsh provide any way to easily accomplish this goal?
>
There are ACLs for that and libvirt has currently a polkit driver. So
if you have and are using PolicyKit, you are only few steps away from
setting this whole thing up. There are various links that might help
you with it:
https://libvirt.org/acl.html
https://libvirt.org/aclpolkit.html
Then there is an example rule file in our git tree that was recently
enhanced:
https://libvirt.org/git/?p=libvirt.git;a=blob_plain;f=examples/polkit/libvirt-acl.rules;hb=HEAD
HTH,
Martin
>
>
>Regards,
>Jamie Ian Fargen
>_______________________________________________
>libvirt-users mailing list
>libvirt-users at redhat.com
>https://www.redhat.com/mailman/listinfo/libvirt-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvirt-users/attachments/20151020/f0aff767/attachment.sig>
More information about the libvirt-users
mailing list