On 10/12/12 16:06, Moti Asayag wrote:

Hi,

When creating a new data-center, a management network is created for it. By default the created management network is defined as VM network.

I'd like to consult from permissions perspective, what is the preferred permission settings for that network.

The network is defined as management network, therefore it is designed be used by VMs.

I think you meant that the management network is marked by default as a VM network and therefor is available for usage within the VMs.

However, the admin should grant permissions on that networks to the target users (which one might find tedious).

I'm in favor of keeping this behavior, I think that by default the management network should not be available to users unless explicitly a permission was added by the admin.

We can grant permission on that network to 'everyone' with role 'NetworkUser', but in case the admin doesn't meant this network to be used, the permission should be removed.

In 'Add Logical Network' dialog I've added a new checkbox to allow granting 'everyone' a role for using that network ('NetworkUser'). We can embrace same method in 'Add Data-Center' dialog.

That's an interesting option I'd wait with adding this until we get some feedback from the users on the usage of network permissions.

Thoughts ?

Thanks, Moti _______________________________________________ Engine-devel mailing list Engine-devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-devel