[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] ACL for DomUs

On Wed, May 02, 2007 at 10:46:37AM +0200, Reinhard Brandst?dter wrote:

> > This looks pretty promising and of course I had to try it immediately.

  :)

> The reason for this behavior was that the user using the xen-shell didn't 
> have 
> rights to read the /etc/xen directory. with the right permissions xen-shell 
> shows the available machines.

  I'll add a check to make sure that is reported accurately at startup.

> 1.) either make xen-shell aware of wildcards. If a domU 'name=' contains 
> any %d in the xen config, all VMs that match are added to the user's access 
> list.

  That seems like it would be less general than I'd like.

> 2.) everytime a domain is created and its name is based on a wildcard create 
> a 'dummy' xen config file that only contains the resulting domain name and 
> the xen_shell attribute. e.g. for me that would be:
> 
> /etc/xen/apache-1
> name = "apache-1"
> xen_shell = 'apacheadm'

  That is the solution I'd propose since it fits your usage, and
 requires no changes from me!

Steve
-- 
# Commercial Debian GNU/Linux Support
http://www.linux-administration.org/


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.