On 07.06.2012 09:37, Sam Wilson wrote:
Hi List,
I am trying to provide a solution using KVM on RHEL for a number of
technical staff sharing server resources. We would like to be able to
"restrict" a number of guests from certain users to follow the
principle of least privilege.
So in short, is there a way of defining access to individual guests
via libvirt / polkit or is read only / read write the best we can
expect for the foreseeable future?
For now, the only users separation available is RO/RW access.
However, we are working on more complex RBAC. There have been posted
several patches as proof-of-concept:
http://www.redhat.com/archives/libvir-list/2012-January/msg00907.html
Michal