On 06/08/2011 09:10 PM, Iordan Iordanov wrote:
Hi,
As the subject suggests, we are wondering whether there is any way to
restrict certain classes of users from performing any action other
than powering a VM up and down, and resetting it?
If this can't be done with KVM, does anybody have suggestions on how
this can be accomplished? The only way I can think of is with a setuid
binary that can only start VMs and send reset and shutdown commands to
its monitor socket. However, this does seem hackish and can be
insecure if it's not written perfectly.
It's a job for the management layer; I think it should be easy to script
libvirt to do this.
--
error compiling committee.c: too many arguments to function
--
To unsubscribe from this list: send the line "unsubscribe kvm" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
