#openlmi: OpenLMI (2013-11-04)

Meeting started by sgallagh at 14:01:17 UTC (full logs).

Meeting summary

    1. Meetings are recorded and will be posted on www.openlmi.org. Opinions expressed do not necessarily reflect the reviews of the participant's employer. (sgallagh, 14:01:40)

  2. Roll Call (sgallagh, 14:01:49)
    1. Attendance: Stephen Gallagher, Russ Doty, Klaus Kämpf, Praveen Paladugu, Jan Safranek, Radek Novacek, Tomas Smetana (sgallagh, 14:04:36)

  3. Follow-ups (sgallagh, 14:04:52)
    1. praveen_pk: For publishing the BMC information, we worked out the initial model, and we should be good to start working on it (sgallagh, 14:08:32)
    2. https://lists.fedorahosted.org/pipermail/openlmi-devel/2013-November/001858.html (sgallagh, 14:11:10)
    3. In Dell's system, the user identity is passed to each individual provider for access-control determination. It is not performed by the CIMOM. (sgallagh, 14:12:01)
    4. Attendance: Stef Walter (sgallagh, 14:18:45)

  4. Requirements of access control (sgallagh, 14:22:41)
    1. rdoty: A system administrator should have full root access to the system. (sgallagh, 14:23:00)
    2. stefw: being able to see stuff, but not change stuff through an openlmi provider (sgallagh, 14:23:23)
    3. stefw: monitor a system vs. configure it (sgallagh, 14:23:34)
    4. OpenPegasus has very limited trinary access control right now (user whitelist): No access, Read-Only and Read-Write on a user in a namespace (sgallagh, 14:24:03)
    5. ACTION: praveen_pk to attempt to recruit Dell access-control representation (sgallagh, 14:29:49)
    6. https://raw.github.com/cockpit-project/cockpit/master/doc/cockpit-transport.png (stefw, 14:35:23)
    7. All agree that proper auditing is necessary (sgallagh, 14:53:05)
    8. Much debate as to the level of access-control that is sufficient vs. complete. (sgallagh, 14:53:22)
    9. rdoty My take is that system administrators need full access (with auditing) (sgallagh, 14:53:50)
    10. rdoty Other users, especially monitoring, may get by with restricted access (sgallagh, 14:54:00)
    11. rdoty I don't see a real use case for "allow this user the ability to configure storage but not see network configuration details" (sgallagh, 14:54:12)
    12. Auditing will be the primary agenda item for next week's meeting (sgallagh, 15:01:27)


Meeting ended at 15:02:00 UTC (full logs).

Action items

  1. praveen_pk to attempt to recruit Dell access-control representation


Action items, by person

  1. praveen_pk
    1. praveen_pk to attempt to recruit Dell access-control representation


People present (lines said)

  1. sgallagh (89)
  2. stefw (72)
  3. rdoty (49)
  4. kkaempf (14)
  5. praveen_pk (8)
  6. jsafrane (7)
  7. zodbot (5)
  8. fche (2)
  9. tsmetana (2)
  10. rnovacek (1)


Generated by MeetBot 0.1.4.