From Fedora Project Wiki

< Features

Revision as of 10:31, 15 July 2009 by Markmc (talk | contribs) (move to f13)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)



Configuration of fine grained authorization for remote virtual machine management services.


Current status

  • Targeted release: 13
  • Last updated: 2009-07-15
  • Percentage of completion: 0%

Detailed Description

Previous Fedora releases have added encryption and authentication support to the libvirt daemon/client and VNC server/client asssociated with Xen and KVM. Any user who authenticates successfully will have access to all the capabilities. This feature is intended to allow configuration of authorization information, to allow users to be restricted in what capabilities they can use.

Benefit to Fedora

More flexible deployment of virtual machine services and the ability to delegate administrative tasks to users without giving full access to management capabilities.


This work will mostly take place in libvirt.

The libvirtd daemon already has simple whitelists for authorizing users of the libvirt RPC service. It is an all or nothing capability though. In addition it needs to be possible to authorization individual users to use individual VNC servers.

How To Test


User Experience



The impact should be contained to the libvirt package

Contingency Plan

Maintain current level of functionality. No backup plan required



Release Notes


Comments and Discussion