yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #01881
[Bug 1163161] [NEW] nova quota-update can update quota for a non-exist tenant
*** This bug is a security vulnerability ***
You have been subscribed to a public security bug:
Test procedure:
1. check the tenant of your openstack
[root@sco-svt opt]# keystone tenant-list
+----------------------------------+---------+---------+
| id | name | enabled |
+----------------------------------+---------+---------+
| 26df64cc1d2d4df4b04a8acd0f86cf15 | service | true |
| 84ca1c4ffb8d4aa9918d41e5fce642a7 | admin | true |
+----------------------------------+---------+---------+
2. run nova quota-update to update a quota for a non-exist tenant.
nova quota-update --instance 40 --cores 40 --ram 409600 --volumes 160 --floating-ips 100 diaojuan
[root@sco-svt opt]# nova quota-show diaojuan
+-----------------------------+--------+
| Property | Value |
+-----------------------------+--------+
| cores | 40 |
| floating_ips | 100 |
| gigabytes | 1000 |
| injected_file_content_bytes | 10240 |
| injected_files | 5 |
| instances | 40 |
| metadata_items | 128 |
| ram | 409600 |
| volumes | 160 |
+-----------------------------+--------+
3. Expected result: the update will failed Because diaojuan is not the
exist tenant-id.
Actual result: it can be successfully executed.
** Affects: nova
Importance: Undecided
Status: New
** Tags: management openstack quota
--
nova quota-update can update quota for a non-exist tenant
https://bugs.launchpad.net/bugs/1163161
You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Compute (nova).