subject:"\[ovirt\-users\] Re\: User permission. All user can access \(start, shutdown\) all vm in User\/VM portal"

[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal

2018-07-10 Thread p . staniforth

Ouch!!! it looks like there was a change that stops you removing system 
permissions from built in group everyone, but you can add them in 4.2  which is 
unfortunate.
You may have to remove them with a dbscript.

https://bugzilla.redhat.com/show_bug.cgi?id=1366205

Paul S.
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/ZLD2EYPHXHBEZIALAIACZP3PNMEFAVQ6/

[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal

2018-07-10 Thread florentl


I tried to remove the UserRole permission but I failed.
There is this error message :
"Error while executing action : It's not allowed to remove system 
permissions assigned to built-in Everyone group".



Le 05/07/2018 à 15:52, p.stanifo...@leedsbeckett.ac.uk a écrit :
The system permissions are at the highest level so Everyone has UserRole 
for everything.

If you go into Configure then System Permissions you can remove the UserRole 
permission. The default permission for Everyone is UserProfileEditor.

Regards,
Paul S.
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/A6EQJHNVI6HQZUW7T7RRBGL56GQWA6P2/

___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/5F6HGOCIRBBVXZAJOOGGAWXWY4DCRLT3/

[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal

2018-07-05 Thread p . staniforth

The system permissions are at the highest level so Everyone has UserRole for 
everything.
If you go into Configure then System Permissions you can remove the UserRole 
permission. The default permission for Everyone is UserProfileEditor.

Regards,
   Paul S.
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/A6EQJHNVI6HQZUW7T7RRBGL56GQWA6P2/

[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal

2018-07-05 Thread Staniforth, Paul

Hi Florent,
are the permissions system or on a object 
(Datacenter,Cluster).

Regards,
 Paul S.

From: florentl 
Sent: 05 July 2018 09:29
To: users
Subject: [ovirt-users] User permission. All user can access (start, shutdown) 
all vm in User/VM portal

Hello,
There is something I don't understand in permissions.
I'm using Ovirt 4.2.3.5-1.
I created a user :

On the Administration Portal I gave him (etudiant2) the permission
UserVmManager on only one VM and nothing else. But when he logs in the
VM Portal he can view, start, stop all the VM.
I think it's because all users are member of the group Everyone and this
group has by default the UserRole. And in my config (the default/install
config) the UserRole can do Basic Operation an VM.
Moreover the UserRole is given to the group Everyone on all VM I
created, and I can't remove this permission (Remove button is greyed).
How can I make a VM "private", only visible by one user ?
  Thanks in advance,
Florent
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/DNLZESAC6XTJXMFNX4C2XULJTNRU2M5I/
To view the terms under which this email is distributed, please go to:-
http://disclaimer.leedsbeckett.ac.uk/disclaimer/disclaimer.html
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/PIETH3GM2QO567THMMOUNFTJRBAD3THN/

[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal

2018-07-05 Thread florentl


Hi Paul,
The permission I gave to the user etudiant2 was only on an object, a VM.
But the Everyone permission (UserRole) is a system permission Inherited. 
I can't remove this permission on the VM that I don't want that 
etudiant2 will be able to access.

Regards,
Florent



Le 05/07/2018 à 11:39, Staniforth, Paul a écrit :

Hi Florent,
 are the permissions system or on a object 
(Datacenter,Cluster).

Regards,
  Paul S.

From: florentl 
Sent: 05 July 2018 09:29
To: users
Subject: [ovirt-users] User permission. All user can access (start, shutdown) 
all vm in User/VM portal

Hello,
There is something I don't understand in permissions.
I'm using Ovirt 4.2.3.5-1.
I created a user :

On the Administration Portal I gave him (etudiant2) the permission
UserVmManager on only one VM and nothing else. But when he logs in the
VM Portal he can view, start, stop all the VM.
I think it's because all users are member of the group Everyone and this
group has by default the UserRole. And in my config (the default/install
config) the UserRole can do Basic Operation an VM.
Moreover the UserRole is given to the group Everyone on all VM I
created, and I can't remove this permission (Remove button is greyed).
How can I make a VM "private", only visible by one user ?
   Thanks in advance,
Florent
___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/DNLZESAC6XTJXMFNX4C2XULJTNRU2M5I/
To view the terms under which this email is distributed, please go to:-
http://disclaimer.leedsbeckett.ac.uk/disclaimer/disclaimer.html


___
Users mailing list -- users@ovirt.org
To unsubscribe send an email to users-le...@ovirt.org
Privacy Statement: https://www.ovirt.org/site/privacy-policy/
oVirt Code of Conduct: 
https://www.ovirt.org/community/about/community-guidelines/
List Archives: 
https://lists.ovirt.org/archives/list/users@ovirt.org/message/DFB4GR4JKRUOD7HW4736LQVYGIO2LOPB/

[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal

[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal

[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal

[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal

[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal

5 matches

Site Navigation

Mail list logo

Footer information