Users can not terminate own VMs
|Category:||Core & System|
|Affected Versions:||OpenNebula 5.4|
If user is not a member of oneadmin group, he can not create a VM with admin rights for the owner and can not terminate own VMs, created by himself. The problems seems to be caused of improper working UMASK for non-oneadmin users.
To reproduce the problem:
1) $ oneuser create test test --group users
2) $ oneuser umask test 017
3) $ oneuser show test -x | grep UMASK # note Umask is set correctly <UMASK><![CDATA017]></UMASK>
4) In Sunstone login as user test
5) create new VM instance
6) check VM permissions:
$ onevm show <VM_ID> -x | grep OWNER_
Note <OWNER_A>0</OWNER_A> owner does not have admin permission
7) try to terminate VM in sunstone as user test. Error is returned:
[one.vm.action] User  : Not authorized to perform ADMIN VM .
Tested on 5.4.1. Not tested on earlier versions.