Re: [libvirt] ACLs for libvirt
On Wed, Nov 23, 2011 at 06:17:46PM +0100, Michal Privoznik wrote:
Hi all,
I'd like to implement this new feature for libvirt. However, I think we
should settle down on design first. My biggest concern is choosing the
right level on on which ACLs will be implemented. Should be interested
only in (user, API), or with more granularity (user, API, API's parameters)?
Or should we take the RBAC path?
How should we even identify and authorize users?
My initial though is to create framework which can be used then to
implement ACLs on any level we want.
My $.02 is that this has the potential to be such a huge project that
we need to come up with a design that lets us bite off as much as we
want at one time, leaving the rest of libvirt's functionality
operating as it always has. So, for example, we could start by
creating an ACL that would let a particular user boot and shutdown but
not edit a VM; later when we wanted to let particular users connect to
the VM's console, we could implement that, and so on. It needs to be
done in a consistent way so that future additions are clearly slotted
into the existing design.
Dave
What's our opinion?
Michal
--
libvir-list mailing list
libvir-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list