[libvirt-users] Ownerships of VMs and Image files
Hello, I installed libvirt and qemu/kvm on a machine. I testet a little with those and found out that all users having an account on that machine can start every VM of every other user on the machine, in some conditions even directly access the image file on the real host. What I would like to have is that every user can only access the VMs and image files he or she created himself/herself, as long as he/she does not explicitly set other permissions. Is it possible to achieve that? Regards Christoph
On 01/07/2014 07:30 AM, Christoph Pleger wrote:
Hello,
I installed libvirt and qemu/kvm on a machine. I testet a little with those and found out that all users having an account on that machine can start every VM of every other user on the machine, in some conditions even directly access the image file on the real host. What I would like to have is that every user can only access the VMs and image files he or she created himself/herself, as long as he/she does not explicitly set other permissions. Is it possible to achieve that?
Sounds like a job for ACL (access control list): http://libvirt.org/acl.html -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
participants (2)
-
Christoph Pleger -
Eric Blake