Bug 970516
| Summary: | Monitor command acl_add can't insert before last list element | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Markus Armbruster <armbru> | |
| Component: | qemu-kvm | Assignee: | Markus Armbruster <armbru> | |
| Status: | CLOSED ERRATA | QA Contact: | Virtualization Bugs <virt-bugs> | |
| Severity: | unspecified | Docs Contact: | Markus Armbruster <armbru> | |
| Priority: | unspecified | |||
| Version: | 6.4 | CC: | acathrow, bsarathy, chayang, juzhang, lnovich, mazhang, michen, mkenneth, qzhang, sradvan, virt-maint | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | qemu-kvm-0.12.1.2-2.390.el6 | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 990615 (view as bug list) | Environment: | ||
| Last Closed: | 2013-11-21 06:58:50 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 990615 | |||
Providing qa_qck+ Proposed upstream fix: http://lists.nongnu.org/archive/html/qemu-devel/2013-06/msg02921.html Upstream commit 4999f3a8a6009de05ba82e58e723277917f16254 Reproduce this bug on qemu-kvm-0.12.1.2-2.376.el6.x86_64
[root@localhost qemu-kvm-376]# rpm -qa |grep qemu
gpxe-roms-qemu-0.9.7-6.10.el6.noarch
qemu-kvm-tools-0.12.1.2-2.376.el6.x86_64
qemu-kvm-0.12.1.2-2.376.el6.x86_64
qemu-kvm-debuginfo-0.12.1.2-2.376.el6.x86_64
qemu-img-0.12.1.2-2.376.el6.x86_64
Steps to Reproduce:
1. /usr/libexec/qemu-kvm -nodefaults -S -vnc :0,acl,sasl -monitor stdio
2. Monitor commands:
acl_show vnc.username
acl_add vnc.username drei allow
acl_show vnc.username
acl_add vnc.username zwei allow 1
acl_show vnc.username
acl_add vnc.username eins allow 1
acl_show vnc.username
Actual results:
[root@localhost ~]# /usr/libexec/qemu-kvm -nodefaults -S -vnc :0,acl,sasl -monitor stdio
QEMU 0.12.1 monitor - type 'help' for more information
(qemu) acl_show vnc.username
policy: deny
(qemu) acl_add vnc.username drei allow
acl: added rule at position 1
(qemu) acl_show vnc.username
policy: deny
1: allow drei
(qemu) acl_add vnc.username zwei allow 1
acl: added rule at position 2
(qemu) acl_show vnc.username
policy: deny
1: allow drei
2: allow zwei
(qemu) acl_add vnc.username eins allow 1
acl: added rule at position 1
(qemu) acl_show vnc.username
policy: deny
1: allow eins
2: allow drei
3: allow zwei
(qemu)
Expected results:
The second acl_add inserts at position 1, with final result
policy: deny
1: allow eins
2: allow zwei
3: allow drei
Verify this bug on qemu-kvm-0.12.1.2-2.400.el6.x86_64 .
Steps to Reproduce:
1. /usr/libexec/qemu-kvm -nodefaults -S -vnc :0,acl,sasl -monitor stdio
2. Monitor commands:
acl_show vnc.username
acl_add vnc.username drei allow
acl_show vnc.username
acl_add vnc.username zwei allow 1
acl_show vnc.username
acl_add vnc.username eins allow 1
acl_show vnc.username
Actual results:
[root@localhost ~]# /usr/libexec/qemu-kvm -nodefaults -S -vnc :0,acl,sasl -monitor stdio
QEMU 0.12.1 monitor - type 'help' for more information
(qemu) acl_show vnc.username
policy: deny
(qemu) acl_add vnc.username drei allow
acl: added rule at position 1
(qemu) acl_show vnc.username
policy: deny
1: allow drei
(qemu) acl_add vnc.username zwei allow 1
acl: added rule at position 1
(qemu) acl_show vnc.username
policy: deny
1: allow zwei
2: allow drei
(qemu) acl_add vnc.username eins allow 1
acl: added rule at position 1
(qemu) acl_show vnc.username
policy: deny
1: allow eins
2: allow zwei
3: allow drei
(qemu)
So this bug has been fixed.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-1553.html |
Description of problem: When you ask acl_add to insert a rule before the last rule in the list, it appends to the list instead. How reproducible: Always Steps to Reproduce: 1. qemu-kvm -nodefaults -S -vnc :0,acl,sasl -monitor stdio 2. Monitor commands: acl_show vnc.username acl_add vnc.username drei allow acl_show vnc.username acl_add vnc.username zwei allow 1 acl_show vnc.username acl_add vnc.username eins allow 1 acl_show vnc.username Actual results: (qemu) acl_show vnc.username policy: deny (qemu) acl_add vnc.username drei allow acl: added rule at position 1 (qemu) acl_show vnc.username policy: deny 1: allow drei (qemu) acl_add vnc.username zwei allow 1 acl: added rule at position 2 (qemu) acl_show vnc.username policy: deny 1: allow drei 2: allow zwei (qemu) acl_add vnc.username eins allow 1 acl: added rule at position 1 (qemu) acl_show vnc.username policy: deny 1: allow eins 2: allow drei 3: allow zwei Expected results: The second acl_add inserts at position 1, with final result policy: deny 1: allow eins 2: allow zwei 3: allow drei Additional info: Upstream misbehaves the same. Root cause is an off-by-one in qemu_acl_insert(): when index == acl->nentries, it appends instead of inserting before the last list element.