[one-users] OpenNebula 3.2 Strange behavior of chown

Carlos Martín Sánchez cmartin at opennebula.org
Wed Jan 25 07:04:28 PST 2012 

Hi Akihiko,

Thanks for your great feedback and your step by step instructions to
reproduce the bug.
This is now solved in the repo, see [1].

Cheers!

[1] http://dev.opennebula.org/issues/1087
--
Carlos Martín, MSc
Project Engineer
OpenNebula - The Open Source Toolkit for Data Center Virtualization
www.OpenNebula.org | cmartin at opennebula.org |
@OpenNebula<http://twitter.com/opennebula><cmartin at opennebula.org>


On Wed, Jan 25, 2012 at 10:16 AM, Akihiko Ota <skywalker.37th at gmail.com>wrote:

> Hi,
>
> I have built OpenNebula 3.2 on CentOS 5.7(x86_64) from
> opennebula-3.2.0.tar.gz according to documentation [1],[2]. And I am
> using ruby-1.9.3-p0 built from source instead of CentOS 5.7 RPM.
>
> I have changed image and network resource's owner from oneadmin to
> user "testuser" once, and brought back owner to oneadmin. But now,
> testuser still can use those resources.
>
> 1. for example, I have following image and network:
>
> (image)
> [oneadmin at frontend ~]$ oneimage list
>  ID USER     GROUP    NAME            SIZE TYPE          REGTIME PER STAT
>  RVMS
>   0 oneadmin oneadmin test              5G   OS   01/25 14:08:37  No  rdy
>     0
>
> (network)
> [oneadmin at frontend ~]$ onevnet list
>  ID USER     GROUP    NAME              TYPE BRIDGE  LEASES
>   1 oneadmin oneadmin defaultpriv          R    br0       0
>
> 2. change owner from oneadmin to someone (here, testuser):
>
> (image)
> [oneadmin at frontend ~]$ oneimage chown 0 testuser
> [oneadmin at frontend ~]$ oneimage list
>  ID USER     GROUP    NAME            SIZE TYPE          REGTIME PER STAT
>  RVMS
>   0 testuser oneadmin test              5G   OS   01/25 14:08:37  No  rdy
>     0
> [oneadmin at frontend ~]$ oneimage show 0
> IMAGE 0 INFORMATION
> ID             : 0
> NAME           : test
> USER           : testuser
> GROUP          : oneadmin
> ...
> PERMISSIONS
> OWNER          : um-
> GROUP          : ---
> OTHER          : ---
> ...
>
> (network)
> [oneadmin at frontend ~]$ onevnet chown 1 testuser
> [oneadmin at frontend ~]$ onevnet list
>  ID USER     GROUP    NAME              TYPE BRIDGE  LEASES
>   1 testuser oneadmin defaultpriv          R    br0       0
> [oneadmin at frontend ~]$ onevnet show 1
> VIRTUAL NETWORK 1 INFORMATION
> ID             : 1
> NAME           : defaultpriv
> USER           : testuser
> GROUP          : oneadmin
> ...
> PERMISSIONS
> OWNER          : um-
> GROUP          : ---
> OTHER          : ---
>
> 3. Bring back owner to oneadmin:
>
> (image)
> [oneadmin at frontend ~]$ oneimage chown 0 oneadmin
> [oneadmin at frontend ~]$ oneimage list
>  ID USER     GROUP    NAME            SIZE TYPE          REGTIME PER STAT
>  RVMS
>   0 oneadmin oneadmin test              5G   OS   01/25 14:08:37  No  rdy
>     0
> [oneadmin at frontend ~]$ oneimage show 0
> IMAGE 0 INFORMATION
> ID             : 0
> NAME           : test
> USER           : oneadmin
> GROUP          : oneadmin
> ...
> PERMISSIONS
> OWNER          : um-
> GROUP          : ---
> OTHER          : ---
> ...
>
> (network)
> [oneadmin at frontend ~]$ onevnet chown 1 oneadmin
> [oneadmin at frontend ~]$ onevnet list
>  ID USER     GROUP    NAME              TYPE BRIDGE  LEASES
>   1 oneadmin oneadmin defaultpriv          R    br0       0
> [oneadmin at frontend ~]$ onevnet show 1
> VIRTUAL NETWORK 1 INFORMATION
> ID             : 1
> NAME           : defaultpriv
> USER           : oneadmin
> GROUP          : oneadmin
> ...
> PERMISSIONS
> OWNER          : um-
> GROUP          : ---
> OTHER          : ---
> ...
>
> 4. testuser still can use image and network by resource's NAME(not ID).
>
> [ascadm at frontend]% cat ~/.one/one_auth
> testuser:********
> [ascadm at frontend]% oneuser list
>  ID GROUP    NAME            AUTH
>          PASSWORD
>   2 users    testuser        core
> ****************************************
>
> [ascadm at frontend]% cat default.one
> NAME   = "default"
> CPU    = 8
> VCPU   = 8
> MEMORY = 22528
> OS     = [ boot = "hd", arch = "x86_64" ]
> DISK   = [ IMAGE = "test", BUS = virtio ]
> NIC    = [ NETWORK = "defaultpriv", model = "virtio" ]
>
> [ascadm at frontend]% onevnet list
>  ID USER     GROUP    NAME              TYPE BRIDGE  LEASES
> [ascadm at frontend]% oneimage list
>  ID USER     GROUP    NAME            SIZE TYPE          REGTIME PER STAT
>  RVMS
> [ascadm at frontend]% onevm create default.one
> ID: 8
> [ascadm at frontend]% onevm list
>    ID USER     GROUP    NAME         STAT CPU     MEM        HOSTNAME
>       TIME
>     8 testuser users    default      runn   0      0K       asccmp054
> 00 00:03:10
>
> It seems that resource's owner backs to testuser temporarily.
>
> [ascadm at frontend]% onevnet list
>  ID USER     GROUP    NAME              TYPE BRIDGE  LEASES
>   1 testuser oneadmin defaultpriv          R    br0       3
> [ascadm at frontend]% oneimage list
>  ID USER     GROUP    NAME            SIZE TYPE          REGTIME PER STAT
>  RVMS
>   0 testuser oneadmin test              5G   OS   01/25 14:08:37  No used
>     3
>
>
> DB backend is sqlite.
> Is this chown issue?
>
> [1] http://opennebula.org/documentation:rel3.2:compile
> [2] http://opennebula.org/documentation:rel3.2:build_deps
>
> Thanks,
>
> --
> Akihiko Ota
> _______________________________________________
> Users mailing list
> Users at lists.opennebula.org
> http://lists.opennebula.org/listinfo.cgi/users-opennebula.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opennebula.org/pipermail/users-opennebula.org/attachments/20120125/35b80865/attachment-0002.htm>

More information about the Users mailing list