[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Finer access control framework over users, domains and operations.
Hi, Ian We understand that the implementation of the ACM on the web layer is easy.But we think that basic control tools of Xen (xm and libvirt) also need the ACM It is necessary to realize the ACM which considers users, domains and operations. We only know ways that control by the unit of users or processes. Please let us know if there are other tools or ways that realize the ACM. Thanks, Ian Jackson wrote:> Syunsuke HAYASHI writes ("[Xen-devel] Finer access control framework over users, domains and operations."): >> The current implementation exclusively allows root to control guest >> domains. Guest administrators have to switch to root so they can >> bring their own guest domains up and down. > > In most deployments this problem is addressed by the use of (for > example) a web-based management interface layered on top of the > underlying xm machinery. > > Do your users really need an structurally very similar interface to > that provided by xm or libvirt ? If so then yes maybe you will need > to write a policy-enforcing proxy but this would be a very large > amount of work and I wouldn't recommend it as an approach unless > unavoidable. _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |