restricting users to only power control of VMs

restricting users to only power control of VMs

[Iordan Iordanov]

Hi,

As the subject suggests, we are wondering whether there is any way to 
restrict certain classes of users from performing any action other than 
powering a VM up and down, and resetting it?

If this can't be done with KVM, does anybody have suggestions on how 
this can be accomplished? The only way I can think of is with a setuid 
binary that can only start VMs and send reset and shutdown commands to 
its monitor socket. However, this does seem hackish and can be insecure 
if it's not written perfectly.

Cheers,
Iordan

Re: restricting users to only power control of VMs

[Avi Kivity]

On 06/08/2011 09:10 PM, Iordan Iordanov wrote:
> Hi,
>
> As the subject suggests, we are wondering whether there is any way to 
> restrict certain classes of users from performing any action other 
> than powering a VM up and down, and resetting it?
>
> If this can't be done with KVM, does anybody have suggestions on how 
> this can be accomplished? The only way I can think of is with a setuid 
> binary that can only start VMs and send reset and shutdown commands to 
> its monitor socket. However, this does seem hackish and can be 
> insecure if it's not written perfectly.

It's a job for the management layer; I think it should be easy to script 
libvirt to do this.

-- 
error compiling committee.c: too many arguments to function

Re: restricting users to only power control of VMs

[Iordan Iordanov]

Hi Avi,

On 06/09/11 04:14, Avi Kivity wrote:
> On 06/08/2011 09:10 PM, Iordan Iordanov wrote:
>> As the subject suggests, we are wondering whether there is any way to
>> restrict certain classes of users from performing any action other
>> than powering a VM up and down, and resetting it?

snip...

>
> It's a job for the management layer; I think it should be easy to script
> libvirt to do this.
>

I read the documentation of libvirt, and out of the box, I don't see how 
this can be "configured". So, I understand your reply as meaning that we 
need to write a program that uses the libvirt API to control this? If I 
haven't understood properly, can you please correct me?

Thanks!
Iordan

Re: restricting users to only power control of VMs

[Avi Kivity]

On 06/22/2011 12:45 AM, Iordan Iordanov wrote:
>
>>
>> It's a job for the management layer; I think it should be easy to script
>> libvirt to do this.
>>
>
> I read the documentation of libvirt, and out of the box, I don't see 
> how this can be "configured". So, I understand your reply as meaning 
> that we need to write a program that uses the libvirt API to control this?

Yes.

-- 
error compiling committee.c: too many arguments to function