Features/VirtAuthorization

From FedoraProject

< Features(Difference between revisions)
Jump to: navigation, search
(move to f13)
(move to f13)
 
Line 9: Line 9:
  
 
== Current status ==
 
== Current status ==
* Targeted release: [[Releases/12 | 12 ]]
+
* Targeted release: [[Releases/13|13]]
* Last updated: (DATE)
+
* Last updated: 2009-07-15
 
* Percentage of completion: 0%
 
* Percentage of completion: 0%
  

Latest revision as of 10:31, 15 July 2009

Contents

[edit] VirtuAuthorization

[edit] Summary

Configuration of fine grained authorization for remote virtual machine management services.

[edit] Owner

[edit] Current status

  • Targeted release: 13
  • Last updated: 2009-07-15
  • Percentage of completion: 0%

[edit] Detailed Description

Previous Fedora releases have added encryption and authentication support to the libvirt daemon/client and VNC server/client asssociated with Xen and KVM. Any user who authenticates successfully will have access to all the capabilities. This feature is intended to allow configuration of authorization information, to allow users to be restricted in what capabilities they can use.

[edit] Benefit to Fedora

More flexible deployment of virtual machine services and the ability to delegate administrative tasks to users without giving full access to management capabilities.

[edit] Scope

This work will mostly take place in libvirt.

The libvirtd daemon already has simple whitelists for authorizing users of the libvirt RPC service. It is an all or nothing capability though. In addition it needs to be possible to authorization individual users to use individual VNC servers.

[edit] How To Test

TBD

[edit] User Experience

TDB

[edit] Dependencies

The impact should be contained to the libvirt package

[edit] Contingency Plan

Maintain current level of functionality. No backup plan required

[edit] Documentation

TBD

[edit] Release Notes

TBD

[edit] Comments and Discussion