[ovirt-users] extra permissions required to start VM via ovirt-shell?

Derek Atkins derek at ihtfp.com
Wed Nov 9 21:49:15 UTC 2016


Hi,

I created a user and a new user role, VmStarter, that has two permissions:
  System -> Configure System -> Login Permissions
  VM -> Basic Operations -> Run VM

I assigned this new user to this role at the data center.

If I login to the user portal with this user I get a screen with all
my VMs, and if a VM is down I can click on the "run" button and it will
start.  If a machine is running I cannot click on the stop button (well,
I can, but I get a permission denied error, which is expected).  So it
sounds like everything is working.

Now I want to use ovirt-shell to do the same thing.  I can login just
fine using this user's credentials, and I get connected.  However when I
execute the command to start a VM:

  [oVirt shell (connected)]# action vm vm-0 start

I get this error:

  ==================================== ERROR =================================
  status: 400
  reason: Bad Request
  detail: query execution failed due to insufficient permissions.
  ============================================================================

This seems to imply I'm missing a permission.  But I have no idea what
permission I'm missing.  I haven't found anything in the engine log that
would help me.

Any ideas what's wrong and (more importantly) how to fix it?

Thanks,

-derek

-- 
       Derek Atkins                 617-623-3745
       derek at ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant



More information about the Users mailing list