sudo in sunstone
|Category:||Core & System|
It would be nice if it were possible to change user in sunstone - ie., to provide a superuser password (such as a user in oneadmin) and then be able to switch user to a different user.
This would be useful when performing actions on behalf of a user, such as launching a vm. (This would also be useful for troubleshooting what another user sees when they sign in.)
This would also be useful for limiting privileges during normal use - ie., when just launching a test vm, do that as a non-privileged user but then have the ability to provide credentials again and sudo to a privileged account in oneadmin group for administering other vms.
#2 Updated by Ruben S. Montero about 4 years ago
- Tracker changed from Request to Backlog
- Target version set to Release 5.4
I'm thinking that probably the new group-bound tokens may be used to implement this. The 5.2 tokens works for a group (equivalent to egid for unix process). Maybe we could extend the token to include a eid, so if you have (admin rights on the user) you can produce a token with his identity. Any operation using this token will be as it was performed by the user.