[ovirt-users] Ovirt 4.2 Bug with Permissons on the Vm Portal?
Latchezar Filtchev
Latcho at aubg.bg
Wed Jan 17 20:22:57 UTC 2018
Dear oVirt-ers,
Here are my steps to upgrade oVirt 4.1.8 (Active Directory connected) to 4.2 and results:
1. oVirt 4.1.8 (This version is reached by several upgrades starting from oVirt 3.6)
- engine - dedicated machine
- Data center A/2 clusters - Cluster 1/2 virtualization hosts - cluster 2/1 virtualization host. Data center is used only by 1 Active Directory user - this user is not SuperUser and can create and manage virtual machines;
- Data center B /1 cluster - Cluster 1/2 virtualization hosts. Data center is used by several Active directory users (Non SuperUser) - every user can create virtual machines. User can see only own machines in VM portal.
2. oVirt 4.2 - observation after upgrade:
- Virtual machines disappeared in VM portal. All virtual machines are visible in Admin portal. Granting SuperUser role to particular user brings back all virtual machines in VM portal and every user can see all virtual machines. After removing SuperUser role - virtual machines are not visible in VM portal. I still cannot find permissions combination so every user can see only own machines. I found quite inconvenient in my use case scenario to discontinue adding disk to newly created virtual machine in VM portal.
3. oVirt 4.2.1 - pre release - pretty much the same behavior.
Any comment or advice will be appreciated.
Thank you!
Best,
Latcho
-----Original Message-----
From: users-bounces at ovirt.org [mailto:users-bounces at ovirt.org] On Behalf Of Giorgio Biacchi
Sent: Wednesday, January 17, 2018 2:33 PM
To: Michal Skrivanek
Cc: users at ovirt.org
Subject: Re: [ovirt-users] Ovirt 4.2 Bug with Permissons on the Vm Portal?
On 01/12/2018 05:53 PM, Michal Skrivanek wrote:
>
>
>> On 12 Jan 2018, at 12:27, Giorgio Biacchi <giorgio at di.unimi.it
>> <mailto:giorgio at di.unimi.it>> wrote:
>>
>> It's the same for me also.
>>
>> Ovirt is connected to FreeIPA this time, so it seems not to be bound
>> to a specific AAA engine extension.
>>
>> Do we have to submit a new bug on bugzilla??
>
> Looks like https://github.com/oVirt/ovirt-web-ui/issues/460 ?
> Somehow it diappeared in recent 4.2.1 builds, can you check that by
> any chance on your setup too?
I just enabled Ovirt Release Pre repo and updated to 4.2.1.1-1.el7 but the problem still is present. I've done a test, as a user I created a Vm, the Vm is visible from Vm Portal. From the admin portal I removed the UserVmManager permission on that Vm. From the Vm Portal the Vm go away. So far so good.
Then I re added the previously removed permission to the Vm but the Vm do not appears in the Vm portal once I log back in as a normal user.
Thanks
>
> Thanks,
> michal
>
>>
>> Regards
>>
>> On 01/11/2018 02:04 PM, Latchezar Filtchev wrote:
>>> Hi Guys,
>>> The same here. Upgrade 4.1.8 to 4.2. oVirt connected to Active Directory.
>>> User cannot see machines in VM portal. Still playing with permissions.
>>> Any ideas?
>>> Thank you!
>>> Best,
>>> Latcho
>>> *From:*users-bounces at ovirt.org <mailto:users-bounces at ovirt.org>
>>> [mailto:users-bounces at ovirt.org] *On Behalf Of *Thomas Fecke
>>> *Sent:* Monday, January 08, 2018 3:17 PM
>>> *To:* users at ovirt.org <mailto:users at ovirt.org>
>>> *Subject:* [ovirt-users] Ovirt 4.2 Bug with Permissons on the Vm Portal?
>>> Hello Guys,
>>> i recently upgrade to 4.2
>>> We used the User Portal before. Every User could see his__ VM´s,
>>> every Admin just could see his VM´s ( User View ).
>>> After the Update:
>>> Admin´s can see every VM in VM Portal The Users can´t see Vm´s
>>> anymore. The Portal is Empty. Role “UserVMManager”
>>> is set.
>>> We tested some Scenarios: If the User create a new Virtual Machine,
>>> it is shown in the VM Portal. When he log out and in again -> VM is
>>> gone in his View Admin View: The VM was created, Permission where
>>> set. Everything seems to be good.
>>> Any Ideas? Thanks Guys__
>>> _______________________________________________
>>> Users mailing list
>>> Users at ovirt.org <mailto:Users at ovirt.org>
>>> http://lists.ovirt.org/mailman/listinfo/users
>>
>> --
>> gb
>>
>> PGP Key: http://pgp.mit.edu/
>> Primary key fingerprint: C510 0765 943E EBED A4F2 69D3 16CC DC90 B9CB
>> 0F34 _______________________________________________
>> Users mailing list
>> Users at ovirt.org <mailto:Users at ovirt.org>
>> http://lists.ovirt.org/mailman/listinfo/users
>>
>>
>
--
gb
PGP Key: http://pgp.mit.edu/
Primary key fingerprint: C510 0765 943E EBED A4F2 69D3 16CC DC90 B9CB 0F34 _______________________________________________
Users mailing list
Users at ovirt.org
http://lists.ovirt.org/mailman/listinfo/users
More information about the Users
mailing list