[Engine-devel] Creating New Data-Center and Permission on Network
Livnat Peer
lpeer at redhat.com
Sun Dec 16 09:51:15 UTC 2012
On 10/12/12 16:06, Moti Asayag wrote:
> Hi,
>
> When creating a new data-center, a management network is created for it.
> By default the created management network is defined as VM network.
>
> I'd like to consult from permissions perspective, what is the preferred
> permission settings for that network.
>
> The network is defined as management network, therefore it is designed
> be used by VMs.
I think you meant that the management network is marked by default as a
VM network and therefor is available for usage within the VMs.
> However, the admin should grant permissions on that
> networks to the target users (which one might find tedious).
>
I'm in favor of keeping this behavior, I think that by default the
management network should not be available to users unless explicitly a
permission was added by the admin.
> We can grant permission on that network to 'everyone' with role
> 'NetworkUser', but in case the admin doesn't meant this network to be
> used, the permission should be removed.
>
> In 'Add Logical Network' dialog I've added a new checkbox to allow
> granting 'everyone' a role for using that network ('NetworkUser').
> We can embrace same method in 'Add Data-Center' dialog.
>
That's an interesting option I'd wait with adding this until we get some
feedback from the users on the usage of network permissions.
> Thoughts ?
>
> Thanks,
> Moti
> _______________________________________________
> Engine-devel mailing list
> Engine-devel at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/engine-devel
>
More information about the Devel
mailing list