Confused about permissions

E

ejc317

Member
Oct 18, 2012
263
0
16
What is the difference between the permissions under datacenter and the permissions in a pool?

I want to give a user access to his VM and ability to backup / restore

So i create a user and assign him to a group and then under the pool i give him permission to the pool. However, when I log in as the user, I only see summary hardware and options and don't see the storage in the pool
 
So if I click the VM and add the user as PVEVMUser directly, he can see backup.

However, if I add the VM to a pool and add that user to the pool, he can't see the "Backup menu" - seems like the pool is not inheriting permissions?

Also, we created an NFS share of "templates" - but when users try to restore those, it says permission check failed - how do we give users access to all these templates? We can give them read only access to everything on here I guess.

The scenario is

VM --> iscsi SAN storage
NFS store --> templates

Let them restore templates to their vm
 
Last edited:
Please can you create an example configuration for me, so that I can reproduce the behavior here. I need the contents of /etc/pve/user.cfg
 
dietmar said:
Please can you create an example configuration for me, so that I can reproduce the behavior here. I need the contents of /etc/pve/user.cfg
Click to expand...

user:PL-C-Test@pve:1:0:::::
user:root@pam:1:0:::::

group:Staff:::
group:Clients:PL-C-Test@pve::

pool:PL-C-RESOURCE-POOL::106,101,100,407:PL-C-SAN-BACKUP,PL-C-Backup,PL-C-SAN-S$
pool:Test-Client:::PL-C-SAN,PL-C-Backup,PL-C-SAN-Share,PL-C-SAN-NODES:

acl:1:/Clients:@Clients:PVEVMUser:
acl:1:/Staff:@Staff:PVEVMAdmin:
acl:1:/pool/Test-Client:PL-C-Test@pve:PVEDatastoreUser,PVEVMUser:
acl:1:/storage/local:@Staff:PVEVMAdmin:


PL-C-Backup is for backups and to restore
PL-C-SAN-Share is NFSShare for templates
PL-C-SAN-NODES is LVM for the iscsi target PL-C-SAN
 
You must log in or register to reply here.
Top Bottom