Hi Akihiko,
Thanks for your great feedback and your step by step instructions to
reproduce the bug.
This is now solved in the repo, see [1].
Cheers!
[1] http://dev.opennebula.org/issues/1087
--
Carlos Martín, MSc
Project Engineer
OpenNebula - The Open Source Toolkit for Data Center Virtualization
www.OpenNebula.org | cmar...@opennebula.org |
@OpenNebulahttp://twitter.com/opennebulacmar...@opennebula.org
On Wed, Jan 25, 2012 at 10:16 AM, Akihiko Ota skywalker.3...@gmail.comwrote:
Hi,
I have built OpenNebula 3.2 on CentOS 5.7(x86_64) from
opennebula-3.2.0.tar.gz according to documentation [1],[2]. And I am
using ruby-1.9.3-p0 built from source instead of CentOS 5.7 RPM.
I have changed image and network resource's owner from oneadmin to
user testuser once, and brought back owner to oneadmin. But now,
testuser still can use those resources.
1. for example, I have following image and network:
(image)
[oneadmin@frontend ~]$ oneimage list
ID USER GROUPNAMESIZE TYPE REGTIME PER STAT
RVMS
0 oneadmin oneadmin test 5G OS 01/25 14:08:37 No rdy
0
(network)
[oneadmin@frontend ~]$ onevnet list
ID USER GROUPNAME TYPE BRIDGE LEASES
1 oneadmin oneadmin defaultpriv Rbr0 0
2. change owner from oneadmin to someone (here, testuser):
(image)
[oneadmin@frontend ~]$ oneimage chown 0 testuser
[oneadmin@frontend ~]$ oneimage list
ID USER GROUPNAMESIZE TYPE REGTIME PER STAT
RVMS
0 testuser oneadmin test 5G OS 01/25 14:08:37 No rdy
0
[oneadmin@frontend ~]$ oneimage show 0
IMAGE 0 INFORMATION
ID : 0
NAME : test
USER : testuser
GROUP : oneadmin
...
PERMISSIONS
OWNER : um-
GROUP : ---
OTHER : ---
...
(network)
[oneadmin@frontend ~]$ onevnet chown 1 testuser
[oneadmin@frontend ~]$ onevnet list
ID USER GROUPNAME TYPE BRIDGE LEASES
1 testuser oneadmin defaultpriv Rbr0 0
[oneadmin@frontend ~]$ onevnet show 1
VIRTUAL NETWORK 1 INFORMATION
ID : 1
NAME : defaultpriv
USER : testuser
GROUP : oneadmin
...
PERMISSIONS
OWNER : um-
GROUP : ---
OTHER : ---
3. Bring back owner to oneadmin:
(image)
[oneadmin@frontend ~]$ oneimage chown 0 oneadmin
[oneadmin@frontend ~]$ oneimage list
ID USER GROUPNAMESIZE TYPE REGTIME PER STAT
RVMS
0 oneadmin oneadmin test 5G OS 01/25 14:08:37 No rdy
0
[oneadmin@frontend ~]$ oneimage show 0
IMAGE 0 INFORMATION
ID : 0
NAME : test
USER : oneadmin
GROUP : oneadmin
...
PERMISSIONS
OWNER : um-
GROUP : ---
OTHER : ---
...
(network)
[oneadmin@frontend ~]$ onevnet chown 1 oneadmin
[oneadmin@frontend ~]$ onevnet list
ID USER GROUPNAME TYPE BRIDGE LEASES
1 oneadmin oneadmin defaultpriv Rbr0 0
[oneadmin@frontend ~]$ onevnet show 1
VIRTUAL NETWORK 1 INFORMATION
ID : 1
NAME : defaultpriv
USER : oneadmin
GROUP : oneadmin
...
PERMISSIONS
OWNER : um-
GROUP : ---
OTHER : ---
...
4. testuser still can use image and network by resource's NAME(not ID).
[ascadm@frontend]% cat ~/.one/one_auth
testuser:
[ascadm@frontend]% oneuser list
ID GROUPNAMEAUTH
PASSWORD
2 userstestusercore
[ascadm@frontend]% cat default.one
NAME = default
CPU= 8
VCPU = 8
MEMORY = 22528
OS = [ boot = hd, arch = x86_64 ]
DISK = [ IMAGE = test, BUS = virtio ]
NIC= [ NETWORK = defaultpriv, model = virtio ]
[ascadm@frontend]% onevnet list
ID USER GROUPNAME TYPE BRIDGE LEASES
[ascadm@frontend]% oneimage list
ID USER GROUPNAMESIZE TYPE REGTIME PER STAT
RVMS
[ascadm@frontend]% onevm create default.one
ID: 8
[ascadm@frontend]% onevm list
ID USER GROUPNAME STAT CPU MEMHOSTNAME
TIME
8 testuser usersdefault runn 0 0K asccmp054
00 00:03:10
It seems that resource's owner backs to testuser temporarily.
[ascadm@frontend]% onevnet list
ID USER GROUPNAME TYPE BRIDGE LEASES
1 testuser oneadmin defaultpriv Rbr0 3
[ascadm@frontend]% oneimage list
ID USER GROUPNAMESIZE TYPE REGTIME PER STAT
RVMS
0 testuser oneadmin test 5G OS 01/25 14:08:37 No used
3
DB backend is sqlite.
Is this chown issue?
[1] http://opennebula.org/documentation:rel3.2:compile
[2] http://opennebula.org/documentation:rel3.2:build_deps
Thanks,
--
Akihiko Ota