[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-users] Access Control solution for Xen?

To: xen-users <xen-users@xxxxxxxxxxxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxx
From: Ozan Safi <ozansafi@xxxxxxxxx>
Date: Wed, 8 Dec 2010 11:54:48 +0100
Cc:
Delivery-date: Wed, 08 Dec 2010 02:56:48 -0800
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; b=PjF7WR+Yk1kVrJ5pMU1dFZPiRUrk25f36oz+/g04BKkqBgBFfRUG32Zv6GUi1umXV7 Y0HwApliJI5dqKechB0vMLvOxBpF4JDu4vYT/5mlW+aTkNkrTO/S/qhgqVvg9DDwglZK OjWUxDUOAKuo72FzibJFhYSBqOtBPA+tM/2Fc=
List-id: Xen user discussion <xen-users.lists.xensource.com>

Hi,

Is anyone aware of an open-source solution (CLI or webGUI) that can restrict access to users based on their roles?

For instance, I want to limit what role X can do to just list their own VMs and restart or shut it down.

I've thought of implementing this by putting an access control module inside the Xend code which would interact with some sort of mapping between users, roles, and what they can do. Would it be a better idea to instead do this in libxenlight which is a layer down? (I want to enforce access control as close as possible to the hypervisor)

Ozan

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Prev by Date: [Xen-devel] DSN: failed (Mail System Error - Returned Mail)
Next by Date: Re: [Xen-devel] [PATCH 13/13] Nested Virtualization: hap-on-hap
Previous by thread: [Xen-devel] DSN: failed (Mail System Error - Returned Mail)
Next by thread: [Xen-devel] [PATCH] xen: gntdev: move use of GNTMAP_contains_pte next to the map_op
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.