Question about ACLs

esfreire · September 8, 2015, 10:12am

Hi,

We are trying to restrict what users/groups can see/use/manage.

I am seeing now that all the groups can see the “Files & Kernels” created by other groups, therefore, i would like to know what ACL we must create in order to the group only can see the “Files & Kernels” created by its group. After reading the documentation, I don’t have clear which is the affected resource or subset to which we need to apply the ACL, I think it should be “images” but I already have restricted this and I am still seeing the "Files & Kernels"
from other groups.

Probably, we also need to delete some old ACLs and create new ones.

Thanks in advance,
Esteban

cmartin · September 8, 2015, 3:01pm

Hi,

The resource to manage files visibility is indeed IMAGE. If users are seeing files that they shouldn’t it can be because of:

The resource permissions (chmod)
The user may be in secondary groups
There is another more permissive acl rule

You can read more here:
http://docs.opennebula.org/4.12/administration/users_and_groups/manage_acl.html#how-permission-is-granted-or-denied

Topic		Replies	Views
Group admin rights Community Support	8	1150	October 7, 2016
VM based Access Control Lists Development	2	1034	August 18, 2015
ACLs for Templates restricted to Groups. Need help understanding Community Support	5	344	November 7, 2019
Question about: ACL vs ACL Community Support	13	1913	June 25, 2015
Allowing users group permission to migrate VMs General	1	331	August 25, 2021

Question about ACLs

Related topics