yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #62105
[Bug 1670978] [NEW] most of extended server attributes returned in 2.3 api versions should not require admin role
Public bug reported:
Since microverison 2.3, the responses from server creation
(https://developer.openstack.org/api-ref/compute/?expanded=create-
server-detail#id8) contains some extra attributes such as the user_data
specified to the server. These attributes are also returned in a server
GET call. However, only an admin can see these attributes.
It is acceptable that 'OS-EXT-SRV-ATTR:hostname' should be visible to
admins only. But all other attributes should be visible to a non-admin
user, especially the owner of the server.
OS-EXT-SERV-ATTR:reservation_id
OS-EXT-SERV-ATTR:launch_index
OS-EXT-SERV-ATTR:kernel_id
OS-EXT-SERV-ATTR:ramdisk_id
OS-EXT-SERV-ATTR:root_device_name
OS-EXT-SERV-ATTR:user_data
It is highly desirable for the server's owner to retrieve back the
'user_data' provided when creating the server.
To reproduce this under devstack, compare the raw responses from nova-
api using the following two commands:
openstack --os-compute-version 2.3 --os-username demo --debug server
show <your_server>
openstack --os-compute-version 2.3 --os-username admin --debug server
show <your_server
** Affects: nova
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1670978
Title:
most of extended server attributes returned in 2.3 api versions should
not require admin role
Status in OpenStack Compute (nova):
New
Bug description:
Since microverison 2.3, the responses from server creation
(https://developer.openstack.org/api-ref/compute/?expanded=create-
server-detail#id8) contains some extra attributes such as the
user_data specified to the server. These attributes are also returned
in a server GET call. However, only an admin can see these attributes.
It is acceptable that 'OS-EXT-SRV-ATTR:hostname' should be visible to
admins only. But all other attributes should be visible to a non-admin
user, especially the owner of the server.
OS-EXT-SERV-ATTR:reservation_id
OS-EXT-SERV-ATTR:launch_index
OS-EXT-SERV-ATTR:kernel_id
OS-EXT-SERV-ATTR:ramdisk_id
OS-EXT-SERV-ATTR:root_device_name
OS-EXT-SERV-ATTR:user_data
It is highly desirable for the server's owner to retrieve back the
'user_data' provided when creating the server.
To reproduce this under devstack, compare the raw responses from nova-
api using the following two commands:
openstack --os-compute-version 2.3 --os-username demo --debug server
show <your_server>
openstack --os-compute-version 2.3 --os-username admin --debug
server show <your_server
To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1670978/+subscriptions