Xen project Mailing List

Re: [Xen-API] User Based Access Control

To: Shiva Bhanujan <sxb075@xxxxxxxxx>

From: Thomas Sanders <thomas.sanders@xxxxxxxxxx>

Date: Wed, 25 Feb 2015 14:16:10 +0000

Accept-language: en-GB, en-US

Cc: "xen-api@xxxxxxxxxxxxxxxxxxxx" <xen-api@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Wed, 25 Feb 2015 14:16:20 +0000

List-id: User and development list for XCP and XAPI <xen-api.lists.xen.org>

Thread-index: AQHQUPM+wuzo/SOQ8kWa2OrRiIBczZ0BNcKAgAApi7A=

Thread-topic: [Xen-API] User Based Access Control

Cloudstack/Cloudplatform does something like this. XenServer itself doesn't have the necessary information in the datamodel: a VM doesn't have an "owner". Therefore XenServer's existing RBAC feature can't do what you want at present. It might be less work to add the feature to XenServer than to implement it by writing new gateway software that mediates between the users and XenServer... but it sounds as if Olivier is adding it to his existing gateway/mediator software Xen-Orchestra. > -----Original Message----- > From: xen-api-bounces@xxxxxxxxxxxxx [mailto:xen-api-bounces@xxxxxxxxxxxxx] > On Behalf Of Olivier Lambert > Sent: 25 February 2015 12:12 PM > To: Shiva Bhanujan > Cc: xen-api@xxxxxxxxxxxxxxxxxxxx > Subject: Re: [Xen-API] User Based Access Control > > Hi, > > https://xen-orchestra.com/blog/xo-4-x-starts-to-show-up/ > > It actually works and we are in closed Beta so far. I will create a > small video to show you how it works. > > Should be out to the end of the month. > > Regards, > > > Olivier. > > On Wed, Feb 18, 2015 at 7:55 PM, Shiva Bhanujan <sxb075@xxxxxxxxx> wrote: > > Hello, > > > > I'm trying to figure out if we can have a mechanism such that when user A > > creates a VM, or a network or any object from dom0, another user B would > not > > have any access to objects created by user A. Is there such a mechanism > > available? > > > > I've looked at the RBAC mechanism in PAM, and Xen Orchestra, but I doubt > if > > they address this need. Is anybody aware of anything that might satisfy > > this need? > > > > Regards, > > Shiva > > > > > > _______________________________________________ > > Xen-api mailing list > > Xen-api@xxxxxxxxxxxxx > > http://lists.xen.org/cgi-bin/mailman/listinfo/xen-api > > > > _______________________________________________ > Xen-api mailing list > Xen-api@xxxxxxxxxxxxx > http://lists.xen.org/cgi-bin/mailman/listinfo/xen-api _______________________________________________ Xen-api mailing list Xen-api@xxxxxxxxxxxxx http://lists.xen.org/cgi-bin/mailman/listinfo/xen-api

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.