proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-07-27 09:25:25 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

add more privileges, improve docs

Browse Source
This commit is contained in:
Dietmar Maurer 2012-02-01 13:26:21 +01:00
parent a23cec1f94
commit c0fead8c98
2 changed files with 28 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
PVE/AccessControl.pm
View File

@ -548,9 +548,16 @@ my $privgroups = {
VM => { VM => {
root => [], root => [],
admin => [ admin => [
'VM.Modify', 'VM.Config.Disk',
'VM.Config.CDROM',
'VM.Config.CPU',
'VM.Config.Memory',
'VM.Config.Network',
'VM.Config.HWType',
'VM.Config.Options', # covers all other things
'VM.Allocate', 'VM.Allocate',
'VM.Migrate', 'VM.Migrate',
'VM.Monitor',
], ],
user => [ user => [
'VM.Console', 'VM.Console',

23
README
View File

@ -64,6 +64,13 @@ group:
user_list: list of login names user_list: list of login names
comment: a more verbose description comment: a more verbose description
pool:
pool_name: the name of the pool
comment: a more verbose description
vm_list: list of VMs associated with the pool
storage_list: list of storage IDs associated with the pool
privileges: privileges:
defines rights required to execute actions or read defines rights required to execute actions or read
@ -73,8 +80,20 @@ privileges:
VM.Migrate: migrate VM to alternate server on cluster VM.Migrate: migrate VM to alternate server on cluster
VM.PowerMgmt: power management (start, stop, reset, shutdown, ...) VM.PowerMgmt: power management (start, stop, reset, shutdown, ...)
VM.Console: console access to VM VM.Console: console access to VM
VM.Monitor: access to VM monitor (kvm)
VM.Audit: view VM config VM.Audit: view VM config
VM.Modify: modify VM config
VM.Config.XXX: modify VM config
VM.Config.Disk: add/modify/delete Disks
VM.Config.CDROM: eject/change CDROM
VM.Config.CPU: modify CPU settings
VM.Config.Memory: modify Memory settings
VM.Config.Network: add/modify/delete Network devices
VM.Config.HWType: modify emulated HW type
VM.Config.Options: modify any other VM configuration
Pool.Allocate: create/remove/modify a pool.
Datastore.Allocate: create/remove/modify a data store. Datastore.Allocate: create/remove/modify a data store.
Datastore.AllocateSpace: allocate space on a datastore Datastore.AllocateSpace: allocate space on a datastore
@ -93,14 +112,12 @@ privileges:
VM.Create: create new VM to server inventory VM.Create: create new VM to server inventory
VM.Remove: remove VM from inventory VM.Remove: remove VM from inventory
VM.MemoryModify: modify memory associated with VM
VM.AddNewDisk: add new disk to VM VM.AddNewDisk: add new disk to VM
VM.AddExistingDisk: add an existing disk to VM VM.AddExistingDisk: add an existing disk to VM
VM.DiskModify: modify disk space for associated VM VM.DiskModify: modify disk space for associated VM
VM.UseRawDevice: associate a raw device with VM VM.UseRawDevice: associate a raw device with VM
VM.PowerOn: power on VM VM.PowerOn: power on VM
VM.PowerOff: power off VM VM.PowerOff: power off VM
VM.ConfigureCD: assign a device/image file to VM
VM.CpuModify: modify number of CPUs associated with VM VM.CpuModify: modify number of CPUs associated with VM
VM.CpuCyclesModify: modify CPU cycles for VM VM.CpuCyclesModify: modify CPU cycles for VM
VM.NetworkAdd: add network device to VM VM.NetworkAdd: add network device to VM