Open gandalfk7 opened 8 years ago
Message from @alinefm in ML:
It is working as designed! On Kimchi, only users with root access (sudo ALL) can create virtual machines.
Once the virtual machine is created, you can give an normal user access to it by changing the virtual machine permission configuration. For that, go to Edit virtual machine > Permission tab and add users/groups you want to grant access to manage that specific virtual machine."
Ginger plugin can manager system's users, by creating a new user in one of the following profiles: Regular, Regular (No shell), Virt User and Administrator. The first two profiles, create normal users with no permissions to use/manage virtual machines.
A 'Virt User' user is added to system's kvm group and, in theory, this gives the user the ability to use/manage virtual machines in the system (able to user virsh, virt-install, virt-manager for example). An 'Administrator' user has sudo enabled in the system.
IMO, we can submit an RFC to make 'Virt User's be able to:
the RFC, as proposed, suits perfectly our use case.
I think the best, in term of user permission granularity, would be adding this feature as a choiche for the admin when creating the users. Keep in mind that I am proposing this without knowing the technical efforts needed for this change, and not knowing if it could be implemented as a "checkbox" or if it would need a new user profile.
Hi, I have a problem when a user tries to create a Guest: When in "Virtualization" --> "Guests" I click "+ Add a Guest" nothing happens. The hover of the button is: "javascript:void(0);", same thing happens with the buttons "Add a Storage" and "Add a Network".
I already tried to add my test user "banana" to the groups
With the test user "banana" I am able to install a vm via virt-install @without issues, the groups which banana is member are:
When the user is assigned a VM, he can do whatever he pleases with it, even delete it, but cannot create a new VM.
With the root user we can do everything without a problem (and it's working wonderfully!).
Our versions:
This issue has been opened following a mail sent to kimchi-users, as suggested by @pvital Thanks! Matteo