Bug 817373
Summary: | Remove of a local domain on /tmp fails | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Virtualization Manager | Reporter: | Daniel Paikov <dpaikov> | ||||
Component: | vdsm | Assignee: | Ayal Baron <abaron> | ||||
Status: | CLOSED WONTFIX | QA Contact: | Haim <hateya> | ||||
Severity: | high | Docs Contact: | |||||
Priority: | high | ||||||
Version: | unspecified | CC: | abaron, amureini, bazulay, hateya, iheim, jkt, lpeer, scohen, yeylon | ||||
Target Milestone: | --- | Flags: | scohen:
Triaged+
|
||||
Target Release: | 3.3.0 | ||||||
Hardware: | Unspecified | ||||||
OS: | Linux | ||||||
Whiteboard: | storage | ||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2013-12-01 19:57:07 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | Storage | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
I'm not sure we should prevent this (we have a history of preventing things users later on request the ability to do). In any event, it is clear that /tmp is just an example, so it's either we need to blacklist a series of directories (this is bound to fail as there will always be additional directories to blacklist on one hand and some users wanting to use blacklisted dirs on the other) or just require the directory permissions to be explicitly set to vdsm prior to being used (with NFS domains this was already rejected by users who had problems adding user 36 to nfs server so set the dirs to world writeable, I wonder if we'd hit something similar here). In any event, sounds to me like the 'proper' thing would be to add such a list in *engine* and simply warn the user but not prevent it. Andy? Since RHEL 6.3 External Beta has begun, and this bug remains unresolved, it has been rejected as it is not proposed as exception or blocker. Red Hat invites you to ask your support representative to propose this request, if appropriate and relevant, in the next release of Red Hat Enterprise Linux. Daniel, why is it impossible to remove the storage domain from /tmp? (In reply to comment #4) > Daniel, why is it impossible to remove the storage domain from /tmp? It fails on the VDSM side, please refer to the logs I attached: Thread-5714::INFO::2012-04-29 16:42:40,397::logUtils::37::dispatcher::(wrapper) Run and protect: connectStorageServer(domType=4, spUU ID='00000000-0000-0000-0000-000000000000', conList=[{'connection': '/tmp', 'iqn': '', 'portal': '', 'user': '', 'password': '******', 'id': '403ec0a5-795e-4c5e-acc2-6093914ac467', 'port': ''}], options=None) Thread-5714::ERROR::2012-04-29 16:42:40,397::hsm::1899::Storage.HSM::(connectStorageServer) Could not connect to storageServer Traceback (most recent call last): File "/usr/share/vdsm/storage/hsm.py", line 1896, in connectStorageServer conObj.connect() File "/usr/share/vdsm/storage/storageServer.py", line 416, in connect os.chmod(lnPath, 0775) OSError: [Errno 1] Operation not permitted: '/rhev/data-center/mnt/_tmp' This request was not resolved in time for the current release. Red Hat invites you to ask your support representative to propose this request, if still desired, for consideration in the next release of Red Hat Enterprise Linux. Closing old bugs. If this issue is still relevant/important in current version, please re-open the bug. |
Created attachment 581073 [details] vdsm.log It is currently possible to create local domains in /tmp (and other world-writeable dirs?). It is then impossible to remove the domains. Creation of domains in /tmp should be blocked.