Bug 990144

Summary: When using non-default umask settings, rhevm-iso-uploader uploads images with incorrect permissions and VMs cannot access them
Product: Red Hat Enterprise Virtualization Manager Reporter: Chris Pelland <cpelland>
Component: ovirt-engine-iso-uploaderAssignee: Sandro Bonazzola <sbonazzo>
Status: CLOSED ERRATA QA Contact: Ilanit Stein <istein>
Severity: high Docs Contact:
Priority: high    
Version: 3.2.0CC: acathrow, adevolder, chetan, iheim, knesenko, kroberts, mgoldboi, Rhev-m-bugs, sbonazzo, yeylon
Target Milestone: ---Keywords: ZStream
Target Release: 3.2.2   
Hardware: All   
OS: Linux   
Whiteboard: integration
Fixed In Version: rhevm-iso-uploader-3.2.2-3.el6ev Doc Type: Bug Fix
Doc Text:
When using non-default umask settings (such as 077), rhevm-iso-uploader uploaded images with incorrect permissions, so virtual machines could not access the images. This has been fixed so that rhevm-iso-uploader sets the correct umask when renaming the temporary file to the destination file during upload, and prevents providing incorrect access permissions on systems with non-standard umask settings.
 Story Points: ---
Clone Of: 988146 Environment:
Last Closed: 2013-08-13 12:56:38 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 988146    
Bug Blocks:    

Description Chris Pelland 2013-07-30 13:23:24 UTC 
+++ This bug was initially created as a clone of Bug #988146 +++

Description of problem:
When using non-default umask settings (as required by government agencies), rhevm-iso-uploader uploads images with incorrect permissions and VMs cannot access them.

Version-Release number of selected component (if applicable):
RHEV 3.2

How reproducible:
Very

Steps to Reproduce:
1. Create RHEV-M with the default local ISO domain, and set umask settings as required for most government agencies. (077)
2. Use rhevm-iso-uploader to upload an ISO to the ISO domain
3. Attempt to boot VM using that ISO.

Actual results:
Virtual machine failed to boot from attached ISO CD with error message "Boot failed: Could not read from CDROM (code 0003)"

Expected results:
Successful boot

Additional info:
While we know that the non-default umask is the problem here, there are enough users in hardened/secure environments that the rhevm-iso-uploader tool should check permissions upon upload, rather than using the default umask

--- Additional comment from Sandro Bonazzola on 2013-07-29 03:18:37 EDT ---

I assume that image-uploader will be affected as well.
The strange thing is that iso-uploader sets umask for having 0660 file access mode (copy_file method).
Maybe it's not enough, since after the copy it seems that the file are renamed and that's done with system umask.
I think that it's better to totally ignore the umask and use chmod on the file to ensure it's permissions.

--- Additional comment from Sandro Bonazzola on 2013-07-29 05:57:18 EDT ---

Hi Allan, can you confirm that the issue on iso-uploader affects only uploads done through NFS and not uploads done through SSH ?

--- Additional comment from Sandro Bonazzola on 2013-07-29 06:30:37 EDT ---

(In reply to Sandro Bonazzola from comment #1)
> I think that it's better to totally ignore the umask and use chmod on the
> file to ensure it's permissions.

Can't chmod over NFS mounted domain. Will fix setting correct umask while renaming.

--- Additional comment from Sandro Bonazzola on 2013-07-29 06:40:06 EDT ---

Patch pushed on master branch for 3.3.0:

  upload: nfs: set correct umask while renaming

  set the correct umask while renaming the temporary
  file to destination file. Avoid to have incorrect
  access bits on systems with not standard umask
  (like 077)

(setting again needinfo flag, removed accidentally in previous comment)

--- Additional comment from Sandro Bonazzola on 2013-07-29 06:46:11 EDT ---

(In reply to Sandro Bonazzola from comment #1)
> I assume that image-uploader will be affected as well.

image uploader should not be affected, no renaming after file copy.

--- Additional comment from Allan Voss on 2013-07-29 12:26:23 EDT ---

(In reply to Sandro Bonazzola from comment #2)
> Hi Allan, can you confirm that the issue on iso-uploader affects only
> uploads done through NFS and not uploads done through SSH ?

I don't have a system I can reproduce this on, and the customer closed the case as soon as they discovered the permissions issue. I filed the bug because that shouldn't be normal behaviour.

--- Additional comment from Sandro Bonazzola on 2013-07-30 09:17:25 EDT ---

(In reply to Allan Voss from comment #6)
> I don't have a system I can reproduce this on, and the customer closed the
> case as soon as they discovered the permissions issue. I filed the bug
> because that shouldn't be normal behaviour.

Ok. no problem. I've checked the code and ssh upload uses chown on remote system so there can't be umask issue there.
Comment 1 Sandro Bonazzola 2013-07-30 13:39:43 UTC 
cherry-picked and pushed to 3.2 branch.
Comment 2 Sandro Bonazzola 2013-07-30 13:49:46 UTC 
patch merged on 3.2 branch http://gerrit.ovirt.org/gitweb?p=ovirt-iso-uploader.git;a=commit;h=7f6d881365ece6d6416c645b4ac38859cc93ec00
Comment 4 Ilanit Stein 2013-08-01 10:05:06 UTC 
Verified on rhevm-iso-uploader-3.2.2-3.el6ev.noarch, on rhevm sf19.1

1) install rhevm creating an iso domain
2) set umask 077
3) upload iso image with engine-iso-uploader
4) Check permission on the uploaded iso: 0640
5) Check that the vm see the iso, and starts to load it
Comment 6 errata-xmlrpc 2013-08-13 12:56:38 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1154.html