Backlog #4807
sudo in sunstone
| Status: | Pending | Start date: | 09/20/2016 | |
|---|---|---|---|---|
| Priority: | Sponsored | Due date: | ||
| Assignee: | - | % Done: | 0% | |
| Category: | Core & System | |||
| Target version: | - |
Description
It would be nice if it were possible to change user in sunstone - ie., to provide a superuser password (such as a user in oneadmin) and then be able to switch user to a different user.
This would be useful when performing actions on behalf of a user, such as launching a vm. (This would also be useful for troubleshooting what another user sees when they sign in.)
This would also be useful for limiting privileges during normal use - ie., when just launching a test vm, do that as a non-privileged user but then have the ability to provide credentials again and sudo to a privileged account in oneadmin group for administering other vms.
History
#1
Updated by Ruben S. Montero almost 5 years ago
- Tracker changed from Feature to Request
#2
Updated by Ruben S. Montero almost 5 years ago
- Tracker changed from Request to Backlog
- Target version set to Release 5.4
I'm thinking that probably the new group-bound tokens may be used to implement this. The 5.2 tokens works for a group (equivalent to egid for unix process). Maybe we could extend the token to include a eid, so if you have (admin rights on the user) you can produce a token with his identity. Any operation using this token will be as it was performed by the user.
#3
Updated by Ruben S. Montero over 4 years ago
- Category set to Core & System
- Priority changed from Normal to High
- Target version deleted (
Release 5.4)
#4
Updated by OpenNebula Systems Support Team over 4 years ago
- Priority changed from High to Sponsored