[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal
Ouch!!! it looks like there was a change that stops you removing system permissions from built in group everyone, but you can add them in 4.2 which is unfortunate. You may have to remove them with a dbscript. https://bugzilla.redhat.com/show_bug.cgi?id=1366205 Paul S. ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/ZLD2EYPHXHBEZIALAIACZP3PNMEFAVQ6/
[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal
I tried to remove the UserRole permission but I failed. There is this error message : "Error while executing action : It's not allowed to remove system permissions assigned to built-in Everyone group". Le 05/07/2018 à 15:52, p.stanifo...@leedsbeckett.ac.uk a écrit : The system permissions are at the highest level so Everyone has UserRole for everything. If you go into Configure then System Permissions you can remove the UserRole permission. The default permission for Everyone is UserProfileEditor. Regards, Paul S. ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/A6EQJHNVI6HQZUW7T7RRBGL56GQWA6P2/ ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/5F6HGOCIRBBVXZAJOOGGAWXWY4DCRLT3/
[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal
The system permissions are at the highest level so Everyone has UserRole for everything. If you go into Configure then System Permissions you can remove the UserRole permission. The default permission for Everyone is UserProfileEditor. Regards, Paul S. ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/A6EQJHNVI6HQZUW7T7RRBGL56GQWA6P2/
[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal
Hi Florent, are the permissions system or on a object (Datacenter,Cluster). Regards, Paul S. From: florentl Sent: 05 July 2018 09:29 To: users Subject: [ovirt-users] User permission. All user can access (start, shutdown) all vm in User/VM portal Hello, There is something I don't understand in permissions. I'm using Ovirt 4.2.3.5-1. I created a user : On the Administration Portal I gave him (etudiant2) the permission UserVmManager on only one VM and nothing else. But when he logs in the VM Portal he can view, start, stop all the VM. I think it's because all users are member of the group Everyone and this group has by default the UserRole. And in my config (the default/install config) the UserRole can do Basic Operation an VM. Moreover the UserRole is given to the group Everyone on all VM I created, and I can't remove this permission (Remove button is greyed). How can I make a VM "private", only visible by one user ? Thanks in advance, Florent ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/DNLZESAC6XTJXMFNX4C2XULJTNRU2M5I/ To view the terms under which this email is distributed, please go to:- http://disclaimer.leedsbeckett.ac.uk/disclaimer/disclaimer.html ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/PIETH3GM2QO567THMMOUNFTJRBAD3THN/
[ovirt-users] Re: User permission. All user can access (start, shutdown) all vm in User/VM portal
Hi Paul, The permission I gave to the user etudiant2 was only on an object, a VM. But the Everyone permission (UserRole) is a system permission Inherited. I can't remove this permission on the VM that I don't want that etudiant2 will be able to access. Regards, Florent Le 05/07/2018 à 11:39, Staniforth, Paul a écrit : Hi Florent, are the permissions system or on a object (Datacenter,Cluster). Regards, Paul S. From: florentl Sent: 05 July 2018 09:29 To: users Subject: [ovirt-users] User permission. All user can access (start, shutdown) all vm in User/VM portal Hello, There is something I don't understand in permissions. I'm using Ovirt 4.2.3.5-1. I created a user : On the Administration Portal I gave him (etudiant2) the permission UserVmManager on only one VM and nothing else. But when he logs in the VM Portal he can view, start, stop all the VM. I think it's because all users are member of the group Everyone and this group has by default the UserRole. And in my config (the default/install config) the UserRole can do Basic Operation an VM. Moreover the UserRole is given to the group Everyone on all VM I created, and I can't remove this permission (Remove button is greyed). How can I make a VM "private", only visible by one user ? Thanks in advance, Florent ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/DNLZESAC6XTJXMFNX4C2XULJTNRU2M5I/ To view the terms under which this email is distributed, please go to:- http://disclaimer.leedsbeckett.ac.uk/disclaimer/disclaimer.html ___ Users mailing list -- users@ovirt.org To unsubscribe send an email to users-le...@ovirt.org Privacy Statement: https://www.ovirt.org/site/privacy-policy/ oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/users@ovirt.org/message/DFB4GR4JKRUOD7HW4736LQVYGIO2LOPB/