[lxc-devel] [lxd/master] Prevent deleting or renaming the default profile

monstermunchkin on Github Mon, 16 Jul 2018 09:48:44 -0700

The following pull request was submitted through Github.
It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/4796


This e-mail was sent by the LXC bot, direct replies will not reach the author
unless they happen to be subscribed to this list.

=== Description (from pull-request) ===
This resolves #4791

From 8f09930193ad3ab0f31f79b1b3100be80f44ffee Mon Sep 17 00:00:00 2001
From: Thomas Hipp <[email protected]>
Date: Mon, 16 Jul 2018 12:51:21 +0200
Subject: [PATCH 1/4] doc: Note that default profile cannot be deleted/renamed

Signed-off-by: Thomas Hipp <[email protected]>
---
 doc/profiles.md | 2 ++
 doc/rest-api.md | 4 ++++
 2 files changed, 6 insertions(+)

diff --git a/doc/profiles.md b/doc/profiles.md
index 08d1eb9ae..9d08916e6 100644
--- a/doc/profiles.md
+++ b/doc/profiles.md
@@ -10,6 +10,8 @@ the profiles.
 
 If not present, LXD will create a `default` profile.
 
+The `default` profile cannot be renamed or removed.
+
 The `default` profile is set for any new container created which doesn't
 specify a different profiles list.
 
diff --git a/doc/rest-api.md b/doc/rest-api.md
index 3c8d2f98e..54ac383c9 100644
--- a/doc/rest-api.md
+++ b/doc/rest-api.md
@@ -2209,6 +2209,8 @@ the renamed resource.
 
 Renaming to an existing name must return the 409 (Conflict) HTTP code.
 
+Attempting to rename the `default` profile will return the 403 (Forbidden) 
HTTP code.
+
 ### DELETE
  * Description: remove a profile
  * Authentication: trusted
@@ -2222,6 +2224,8 @@ Input (none at present):
 
 HTTP code for this should be 202 (Accepted).
 
+Attempting to delete the `default` profile will return the 403 (Forbidden) 
HTTP code.
+
 ## `/1.0/storage-pools`
 ### GET
  * Description: list of storage pools

From de48fec83f715b3158a94a31f5739e2dba1d3cb7 Mon Sep 17 00:00:00 2001
From: Thomas Hipp <[email protected]>
Date: Mon, 16 Jul 2018 16:40:24 +0200
Subject: [PATCH 2/4] doc,shared: Add API extension for permanent default
 profile

Signed-off-by: Thomas Hipp <[email protected]>
---
 doc/api-extensions.md | 3 +++
 shared/version/api.go | 1 +
 2 files changed, 4 insertions(+)

diff --git a/doc/api-extensions.md b/doc/api-extensions.md
index 96b8f0b67..e371ce596 100644
--- a/doc/api-extensions.md
+++ b/doc/api-extensions.md
@@ -551,3 +551,6 @@ This adds a new core.debug\_address config option to start 
a debugging HTTP serv
 
 That server currently includes a pprof API and replaces the old
 cpu-profile, memory-profile and print-goroutines debug options.
+
+## persistent\_default\_profile
+This prevents the `default` profile from being renamed or deleted.
diff --git a/shared/version/api.go b/shared/version/api.go
index 323e6cf5d..9a631c760 100644
--- a/shared/version/api.go
+++ b/shared/version/api.go
@@ -115,6 +115,7 @@ var APIExtensions = []string{
        "container_protection_delete",
        "unix_priv_drop",
        "pprof_http",
+       "persistent_default_profile",
 }
 
 // APIExtensionsCount returns the number of available API extensions.

From 983d874199980e930d1046715937c352db3f83e2 Mon Sep 17 00:00:00 2001
From: Thomas Hipp <[email protected]>
Date: Mon, 16 Jul 2018 16:40:48 +0200
Subject: [PATCH 3/4] lxd: Prevent renaming/deletion of the default profile

Signed-off-by: Thomas Hipp <[email protected]>
---
 lxd/profiles.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/lxd/profiles.go b/lxd/profiles.go
index 5cb6bf963..c0d387817 100644
--- a/lxd/profiles.go
+++ b/lxd/profiles.go
@@ -9,6 +9,7 @@ import (
        "strings"
 
        "github.com/gorilla/mux"
+       "github.com/pkg/errors"
 
        lxd "github.com/lxc/lxd/client"
        "github.com/lxc/lxd/lxd/cluster"
@@ -291,6 +292,10 @@ func profilePatch(d *Daemon, r *http.Request) Response {
 func profilePost(d *Daemon, r *http.Request) Response {
        name := mux.Vars(r)["name"]
 
+       if name == "default" {
+               return Forbidden(errors.New("The 'default' profile cannot be 
renamed"))
+       }
+
        req := api.ProfilePost{}
        if err := json.NewDecoder(r.Body).Decode(&req); err != nil {
                return BadRequest(err)
@@ -327,6 +332,10 @@ func profilePost(d *Daemon, r *http.Request) Response {
 func profileDelete(d *Daemon, r *http.Request) Response {
        name := mux.Vars(r)["name"]
 
+       if name == "default" {
+               return Forbidden(errors.New("The 'default' profile cannot be 
deleted"))
+       }
+
        _, err := doProfileGet(d.State(), name)
        if err != nil {
                return SmartError(err)

From 0e454484afb6577ce09ee4cfcdb66199f65b3153 Mon Sep 17 00:00:00 2001
From: Thomas Hipp <[email protected]>
Date: Mon, 16 Jul 2018 18:46:22 +0200
Subject: [PATCH 4/4] test: Test default profile renaming/deletion

Signed-off-by: Thomas Hipp <[email protected]>
---
 test/includes/check.sh | 13 ++++++++++++-
 test/includes/lxd.sh   |  7 +++++++
 test/suites/basic.sh   |  4 ++++
 3 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/test/includes/check.sh b/test/includes/check.sh
index cf83b5f0b..015c98c5a 100644
--- a/test/includes/check.sh
+++ b/test/includes/check.sh
@@ -26,9 +26,20 @@ check_empty() {
 }
 
 check_empty_table() {
+    # The profiles table will never be empty since the `default` profile cannot
+    # be deleted.
+    if [ "$2" == 'profiles' ]; then
+        if [ -n "$(sqlite3 "${1}" "SELECT * FROM ${2} WHERE name != 
'default';")" ]; then
+          echo "DB table ${2} is not empty, content:"
+          sqlite3 "${1}" "SELECT * FROM ${2} WHERE name != 'default';"
+          return 1
+        fi
+        return 0
+    fi
+
     if [ -n "$(sqlite3 "${1}" "SELECT * FROM ${2};")" ]; then
         echo "DB table ${2} is not empty, content:"
         sqlite3 "${1}" "SELECT * FROM ${2};"
-        false
+        return 1
     fi
 }
diff --git a/test/includes/lxd.sh b/test/includes/lxd.sh
index 826b7f978..3f589cc07 100644
--- a/test/includes/lxd.sh
+++ b/test/includes/lxd.sh
@@ -164,6 +164,13 @@ kill_lxd() {
             lxc profile delete "${profile}" --force-local || true
         done
 
+        # Delete all devices of the default profile since the profile itself
+        # cannot be deleted.
+        echo "==> Deleting all devices of the default profile"
+        for device in $(lxc profile device list default --force-local); do
+            lxc profile device remove default "${device}" --force-local || true
+        done
+
         echo "==> Deleting all storage pools"
         for storage in $(lxc storage list --force-local | tail -n+3 | grep "^| 
" | cut -d' ' -f2); do
             lxc storage delete "${storage}" --force-local || true
diff --git a/test/suites/basic.sh b/test/suites/basic.sh
index e7822f7dc..8b17846fe 100644
--- a/test/suites/basic.sh
+++ b/test/suites/basic.sh
@@ -477,4 +477,8 @@ test_basic_usage() {
 
   lxc stop foo --force || true
   ! lxc list | grep -q foo || false
+
+  # Test renaming/deletion of the default profile
+  lxc profile rename default foobar 2>&1 | grep -q "Error: The 'default' 
profile cannot be renamed"
+  lxc profile delete default 2>&1 | grep -q "Error: The 'default' profile 
cannot be deleted"
 }

_______________________________________________
lxc-devel mailing list
[email protected]
http://lists.linuxcontainers.org/listinfo/lxc-devel

[lxc-devel] [lxd/master] Prevent deleting or renaming the default profile

Reply via email to