Bug 1203298
| Summary: | User options "qpid.file_size" and "qpid.file_count" are always blocked by ACL rules | ||
|---|---|---|---|
| Product: | Red Hat Enterprise MRG | Reporter: | Petra Svobodová <psvobodo> |
| Component: | Release_Notes | Assignee: | Scott Mumford <smumford> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Petr Matousek <pematous> |
| Severity: | medium | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | Development | CC: | iboverma, jross, mmurray, pematous, smumford, zkraus |
| Target Milestone: | 3.2 | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Known Issue | |
| Doc Text: |
ACL limit properties "filemaxsizelowerlimit" and "filemaxsizeupperlimit" were not honored for "qpid.file_size". Similarly, "filemaxcountlowerlimit" and "filemaxcountupperlimit" were not honored for the "qpid.file_count" option. Both options are no longer supported with LinearStore, and should not be used.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-10-13 13:00:57 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Options removed from MCIG, release note added, content approved. -> VERIFIED |
Description of problem: Setting ACL limit properties "filemaxsizelowerlimit" and "filemaxsizeupperlimit" have no effect on ACL result to allow or deny setting user option "qpid.file_size" and similarly "filemaxcountlowerlimit" and "filemaxcountupperlimit" have no effect on ACL result of "qpid.file_count" option. So these options should be obsolete, the user should be informed about this by a warning in the broker log or by another way. Version-Release number of selected component (if applicable): qpid-cpp-0.30-7 How reproducible: 100% Steps to Reproduce: 1. Create an ACL file "/etc/qpid/qpidd.acl": acl allow all create queue paging=true filemaxsizelowerlimit=1 filemaxsizeupperlimit=100 acl allow all consume acl allow all access acl allow all bind acl allow guest@QPID all all acl deny all all 2. Configure the broker (modify the "/etc/qpid/qpidd.conf" file): data-dir=/var/lib/qpidd log-to-file=/var/lib/qpidd/qpidd.log acl-file=/etc/qpid/qpidd.acl auth=yes log-enable=trace+ port=5672 3. Restart the broker: "service qpidd restart" 4. Try to create a queue: qpid-receive -a "q;{create:always,node:{type:queue,x-declare:{arguments:{'qpid.file_size': 5}}}}" Actual results: The queue is not created; an "ACL unauthorized access" exception is raised. No warning about obsolete ACL rules is generated in the broker log. Expected results: The queue should be created (if the "qpid.file_size" option is still supported) or a warning about obsolete user option and ACL limit property should be generated.