On Mon, Mar 14, 2005 at 09:58:50AM -0500, Philip R Auld wrote:
> Rumor has it that on Sun, Mar 13, 2005 at 10:51:22PM +0100 Kurt Garloff said:
> > Normally, you'd expect that only the sysadmin is able to control
> > virtual machines. This would be the result of this simple tweak.
> Which sysadmin? Dom0 sysadmin may not be the same as a vm's sysadmin.
> You would not want a VM sysadmin to be able to manage someone else's VM,
> but he may want control over his own.
The most straightforward approach would be to have dom0 sysadmin to be
the one in control of all the other domains.
Currently all dom0 users are, which is inconvenient, as machines that
are used as desktops will need to have dom0 uers.
Of course, the other domains can have their own root users. This is
not changed by restricting control connections to be originating from
ports < 1024.
Kurt Garloff <kurt@xxxxxxxxxx> [Koeln, DE]
Physics:Plasma modeling <garloff@xxxxxxxxxxxxxxxxxxx> [TU Eindhoven, NL]
Linux: SUSE Labs (Director) <garloff@xxxxxxx> [Novell Inc]
Description: PGP signature