[ovirt-users] oVirt 3.5.1 user permissions

Donny Davis donny at cloudspin.me
Thu Jan 29 15:28:30 UTC 2015


Setting that login permission at the system level is why they can see everything even if they can't control it. Copy the user permission role and remove all the permissions except login to system (the last box under login) create instance, and attach to storage domains. 

Then add it to the datacenter permission set 

On Jan 29, 2015 2:02 AM, Ondra Machacek <omachace at redhat.com> wrote:
>
> If you add for example 'UserRole' on VM, then your user should login to 
> UserPortal without any problem and see his VM.
>
> On 01/29/2015 09:58 AM, Nikolai Bochev wrote:
> > Ok, but if i don't add "System" permissions to a user with "UserRole"
> > they cannot login at all ?
> >
> > On Thu, Jan 29, 2015 at 10:56 AM, Ondra Machacek <omachace at redhat.com
> > <mailto:omachace at redhat.com>> wrote:
> >
> >
> >
> >     On 01/29/2015 09:35 AM, Nikolai Bochev wrote:
> >
> >         Hello,
> >
> >         I've been running ovirt hosted engine for around a month already
> >         without
> >         any major interruptions. Last week i tied it to freeipa, to be
> >         able to
> >         give permissions to other people, but so far no success because
> >         of the
> >         following problem :
> >
> >         All users can see all VM's. I tried clearing all permission
> >         entries (
> >         leaving the admin only ) and the re-adding and it didn't help at
> >         all.
> >
> >         I am attaching a few screenshots to better describe :
> >
> >
> >
> >     The problem is that you are assigning system permissions.
> >     If you assign system permissions you have permission to whole system.
> >
> >     If you want to assign a permission to user on a specific vm(or object),
> >     you have to select the object, then click 'permissions' subtab, then
> >     click 'add', then find your user and choose the role for him.
> >
> >
> >
> >
> >         ​
> >         Most of the vm's have no permissions attached to them, but they are
> >         still visible to everyone that logs from the userpanel
> >         What am i doing wrong ?
> >
> >         Regards,
> >
> >
> >         _________________________________________________
> >         Users mailing list
> >         Users at ovirt.org <mailto:Users at ovirt.org>
> >         http://lists.ovirt.org/__mailman/listinfo/users
> >         <http://lists.ovirt.org/mailman/listinfo/users>
> >
> >
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users


More information about the Users mailing list