yahoo-eng-team team mailing list archive
-
yahoo-eng-team team
-
Mailing list archive
-
Message #85296
[Bug 1917469] [NEW] non-admins can delete in-use images
Public bug reported:
Hello everyone,
we have an issue in the following (simplified) setup:
* we have an user which is uploading images. This user only has default member rights and is not an admin
* the user is uploading new versions of the images regularly
* the user tries to delete previous versions of the images to clean up space. Some of the deletes fail if the image is still in use
* the user then disables such images to ensure that no new instances are spawned from it
When the user now tries to delete such disabled image they will always
succeed. Independent if the image is acutally in use or not. The
deletion only happens on the Database of glance. The image is still
present in ceph.
Note that this issue does not happen if an admin tries to delete the
disabled image. Then the image is correctly checked if it's still in
use.
Some general information regarding the environment:
* Openstack release queens
* ceph as a backend of cinder and glance
* show_image_direct_url is enabled to allow direct clones
In order to reproduce the issue the following steps are necessary (please run with a non-admin user):
[root@openstackclient-5fc7564495-vstnc /]# openstack image create --file img.raw testimage
+------------------+---------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------------+---------------------------------------------------------------------------------------------------------------+
| checksum | 01e7d1515ee776be3228673441d449e6 |
| container_format | bare |
| created_at | 2021-03-02T14:09:38Z |
| disk_format | raw |
| file | /v2/images/b8a48536-4b46-4a7b-b0ed-2e818ace11a2/file |
| id | b8a48536-4b46-4a7b-b0ed-2e818ace11a2 |
| min_disk | 0 |
| min_ram | 0 |
| name | testimage |
| owner | 4e6fb48327204e94b0021d17f1544e08 |
| properties | direct_url='rbd://2a38b93e-cfd9-403c-b5fd-6fa26a58898e/glance-pool/b8a48536-4b46-4a7b-b0ed-2e818ace11a2/snap' |
| protected | False |
| schema | /v2/schemas/image |
| size | 117440512 |
| status | active |
| tags | |
| updated_at | 2021-03-02T14:09:44Z |
| virtual_size | None |
| visibility | shared |
+------------------+---------------------------------------------------------------------------------------------------------------+
[root@openstackclient-5fc7564495-vstnc /]# openstack volume create
--image b8a48536-4b46-4a7b-b0ed-2e818ace11a2 --size 10 testvol
[root@openstackclient-5fc7564495-vstnc /]# openstack image delete b8a48536-4b46-4a7b-b0ed-2e818ace11a2
Failed to delete image with name or ID 'b8a48536-4b46-4a7b-b0ed-2e818ace11a2': 409 Conflict: Image b8a48536-4b46-4a7b-b0ed-2e818ace11a2 could not be deleted because it is in use: The image cannot be deleted because it is in use through the backend store outside of Glance. (HTTP 409)
Failed to delete 1 of 1 images.
[root@openstackclient-5fc7564495-vstnc /]# openstack image set
--deactivate b8a48536-4b46-4a7b-b0ed-2e818ace11a2
[root@openstackclient-5fc7564495-vstnc /]# openstack image delete
b8a48536-4b46-4a7b-b0ed-2e818ace11a2
[root@openstackclient-5fc7564495-vstnc /]# openstack image show b8a48536-4b46-4a7b-b0ed-2e818ace11a2
Could not find resource b8a48536-4b46-4a7b-b0ed-2e818ace11a2
The issue seems to also effect newer glance releases.
A fix is being developed at: https://review.opendev.org/c/openstack/glance/+/772872
** Affects: glance
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Glance.
https://bugs.launchpad.net/bugs/1917469
Title:
non-admins can delete in-use images
Status in Glance:
New
Bug description:
Hello everyone,
we have an issue in the following (simplified) setup:
* we have an user which is uploading images. This user only has default member rights and is not an admin
* the user is uploading new versions of the images regularly
* the user tries to delete previous versions of the images to clean up space. Some of the deletes fail if the image is still in use
* the user then disables such images to ensure that no new instances are spawned from it
When the user now tries to delete such disabled image they will always
succeed. Independent if the image is acutally in use or not. The
deletion only happens on the Database of glance. The image is still
present in ceph.
Note that this issue does not happen if an admin tries to delete the
disabled image. Then the image is correctly checked if it's still in
use.
Some general information regarding the environment:
* Openstack release queens
* ceph as a backend of cinder and glance
* show_image_direct_url is enabled to allow direct clones
In order to reproduce the issue the following steps are necessary (please run with a non-admin user):
[root@openstackclient-5fc7564495-vstnc /]# openstack image create --file img.raw testimage
+------------------+---------------------------------------------------------------------------------------------------------------+
| Field | Value |
+------------------+---------------------------------------------------------------------------------------------------------------+
| checksum | 01e7d1515ee776be3228673441d449e6 |
| container_format | bare |
| created_at | 2021-03-02T14:09:38Z |
| disk_format | raw |
| file | /v2/images/b8a48536-4b46-4a7b-b0ed-2e818ace11a2/file |
| id | b8a48536-4b46-4a7b-b0ed-2e818ace11a2 |
| min_disk | 0 |
| min_ram | 0 |
| name | testimage |
| owner | 4e6fb48327204e94b0021d17f1544e08 |
| properties | direct_url='rbd://2a38b93e-cfd9-403c-b5fd-6fa26a58898e/glance-pool/b8a48536-4b46-4a7b-b0ed-2e818ace11a2/snap' |
| protected | False |
| schema | /v2/schemas/image |
| size | 117440512 |
| status | active |
| tags | |
| updated_at | 2021-03-02T14:09:44Z |
| virtual_size | None |
| visibility | shared |
+------------------+---------------------------------------------------------------------------------------------------------------+
[root@openstackclient-5fc7564495-vstnc /]# openstack volume create
--image b8a48536-4b46-4a7b-b0ed-2e818ace11a2 --size 10 testvol
[root@openstackclient-5fc7564495-vstnc /]# openstack image delete b8a48536-4b46-4a7b-b0ed-2e818ace11a2
Failed to delete image with name or ID 'b8a48536-4b46-4a7b-b0ed-2e818ace11a2': 409 Conflict: Image b8a48536-4b46-4a7b-b0ed-2e818ace11a2 could not be deleted because it is in use: The image cannot be deleted because it is in use through the backend store outside of Glance. (HTTP 409)
Failed to delete 1 of 1 images.
[root@openstackclient-5fc7564495-vstnc /]# openstack image set
--deactivate b8a48536-4b46-4a7b-b0ed-2e818ace11a2
[root@openstackclient-5fc7564495-vstnc /]# openstack image delete
b8a48536-4b46-4a7b-b0ed-2e818ace11a2
[root@openstackclient-5fc7564495-vstnc /]# openstack image show b8a48536-4b46-4a7b-b0ed-2e818ace11a2
Could not find resource b8a48536-4b46-4a7b-b0ed-2e818ace11a2
The issue seems to also effect newer glance releases.
A fix is being developed at: https://review.opendev.org/c/openstack/glance/+/772872
To manage notifications about this bug go to:
https://bugs.launchpad.net/glance/+bug/1917469/+subscriptions
