Bug 1298094 - Pool VMs get UserVmManager role assigned automatically
Summary: Pool VMs get UserVmManager role assigned automatically
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: ovirt-engine
Version: 3.5.6
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ovirt-3.6.3
: 3.6.3
Assignee: Shmuel Melamud
QA Contact: sefi litmanovich
URL:
Whiteboard:
: 1298091 1298092 (view as bug list)
Depends On:
Blocks: 1301867
TreeView+ depends on / blocked
 
Reported: 2016-01-13 08:57 UTC by Roman Hodain
Modified: 2019-10-10 10:54 UTC (History)
12 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Previously, when a non-administrator created a virtual machine in a virtual machine pool ownership was automatically granted. This caused the virtual machine to be designated as occupied and prevented other users from taking it. Now, the ownership of virtual machines in a virtual machine pool is not granted automatically.
Clone Of:
: 1301867 (view as bug list)
Environment:
Last Closed: 2016-03-09 21:15:13 UTC
oVirt Team: Virt

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2016:0376 normal SHIPPED_LIVE Red Hat Enterprise Virtualization Manager 3.6.0 2016-03-10 01:20:52 UTC
oVirt gerrit 51875 master MERGED engine: Do not assign creator as owner to VMs from pool 2016-01-20 11:05:18 UTC
oVirt gerrit 52697 ovirt-engine-3.6 MERGED engine: Do not assign creator as owner to VMs from pool 2016-01-25 16:32:36 UTC

Description Roman Hodain 2016-01-13 08:57:27 UTC 
Description of problem:
    When a user which do not have the system permission "Manipulate Permissions" creates a pool. All the pool VMs get this user as UserVmManager.

Version-Release number of selected component (if applicable):
   RHEV-M 3.5.6

How reproducible:
   100%

Steps to Reproduce:
Create user with the following permissions:
    CREATE_VM
    EDIT_VM_PROPERTIES
    VM_BASIC_OPERATIONS
    CHANGE_VM_CD
    MIGRATE_VM
    CONNECT_TO_VM
    IMPORT_EXPORT_VM
    CONFIGURE_VM_NETWORK
    CONFIGURE_VM_STORAGE
    MOVE_VM
    MANIPULATE_VM_SNAPSHOTS
    RECONNECT_TO_VM
    CHANGE_VM_CUSTOM_PROPERTIES
    CREATE_INSTANCE
    CREATE_TEMPLATE
    EDIT_TEMPLATE_PROPERTIES
    COPY_TEMPLATE
    CONFIGURE_TEMPLATE_NETWORK
    CREATE_VM_POOL
    EDIT_VM_POOL_CONFIGURATION
    DELETE_VM_POOL
    VM_POOL_BASIC_OPERATIONS
    LOGIN
    TAG_MANAGEMENT
    BOOKMARK_MANAGEMENT
    EVENT_NOTIFICATION_MANAGEMENT
    ATTACH_DISK_PROFILE

Create pool with this user.

Actual results:
     All pool VM has the user as UserVmManager assigned

Expected results:
     There are no permissions assigned to the pool VMs
Comment 2 Roman Hodain 2016-01-13 10:21:07 UTC 
*** Bug 1298091 has been marked as a duplicate of this bug. ***
Comment 3 Roman Hodain 2016-01-13 10:21:22 UTC 
*** Bug 1298092 has been marked as a duplicate of this bug. ***
Comment 4 Michal Skrivanek 2016-01-13 16:33:22 UTC 
is that user portal or webadmin?
Comment 5 Roman Hodain 2016-01-14 08:14:01 UTC 
(In reply to Michal Skrivanek from comment #4)
> is that user portal or webadmin?

WebAdmin
Comment 6 Michal Skrivanek 2016-01-14 08:37:30 UTC 
regression introduced by bug 1232419. Such change doesn't make sense for pools where the pool creator should not own the VMs (it's a edge case when the pool creator does not actually have MANIPULATE_PERMISSIONS role)
Comment 10 sefi litmanovich 2016-01-28 13:50:31 UTC 
Verified with rhevm-3.6.3-0.1.el6.noarch according to description.
Comment 12 errata-xmlrpc 2016-03-09 21:15:13 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2016-0376.html
Note You need to log in before you can comment on or make changes to this bug.