action #121729
closed
coordination #121726: [epic] Get management access to o3/osd and other QE related VMs
[timeboxed:10h][research] Find out what libvirt can do to provide access only to a single VM for users/groups
Added by okurz over 1 year ago.
Updated 10 months ago.
- Status changed from New to In Progress
- Assignee set to okurz
- Target version changed from future to Ready
Picking this up in preparation for #132149
I researched on multiple pages including
all I found are a lot of different ways how to support authenticating with libvirtd not needing user accounts or root on the hypervisor host but nothing really about restricting access to individual machines. The best I could think of is allowing ssh logins of non-privileged users and then use a customized sudo config to only allow selected calls like "virsh console ariel"
- Status changed from In Progress to Resolved
Also available in: Atom
PDF