On Wed, Nov 23, 2011 at 06:17:46PM +0100, Michal Privoznik wrote: > Hi all, > > I'd like to implement this new feature for libvirt. However, I think we > should settle down on design first. My biggest concern is choosing the > right level on on which ACLs will be implemented. Should be interested > only in (user, API), or with more granularity (user, API, API's parameters)? > Or should we take the RBAC path? > How should we even identify and authorize users? > > My initial though is to create framework which can be used then to > implement ACLs on any level we want. My $.02 is that this has the potential to be such a huge project that we need to come up with a design that lets us bite off as much as we want at one time, leaving the rest of libvirt's functionality operating as it always has. So, for example, we could start by creating an ACL that would let a particular user boot and shutdown but not edit a VM; later when we wanted to let particular users connect to the VM's console, we could implement that, and so on. It needs to be done in a consistent way so that future additions are clearly slotted into the existing design. Dave > What's our opinion? > > Michal > > -- > libvir-list mailing list > libvir-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/libvir-list -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list