Bug 817373 - Remove of a local domain on /tmp fails
Summary: Remove of a local domain on /tmp fails
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Virtualization Manager
Classification: Red Hat
Component: vdsm
Version: unspecified
Hardware: Unspecified
OS: Linux
high
high
Target Milestone: ---
: 3.3.0
Assignee: Ayal Baron
QA Contact: Haim
URL:
Whiteboard: storage
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-04-29 14:10 UTC by Daniel Paikov
Modified: 2016-02-10 16:33 UTC (History)
9 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2013-12-01 19:57:07 UTC
oVirt Team: Storage
Target Upstream Version:
scohen: Triaged+


Attachments (Terms of Use)
vdsm.log (356.13 KB, application/x-gzip)
2012-04-29 14:10 UTC, Daniel Paikov
no flags Details

Description Daniel Paikov 2012-04-29 14:10:53 UTC
Created attachment 581073 [details]
vdsm.log

It is currently possible to create local domains in /tmp (and other world-writeable dirs?). It is then impossible to remove the domains. Creation of domains in /tmp should be blocked.

Comment 2 Ayal Baron 2012-04-29 14:35:38 UTC
I'm not sure we should prevent this (we have a history of preventing things
users later on request the ability to do).
In any event, it is clear that /tmp is just an example, so it's either we need
to blacklist a series of directories (this is bound to fail as there will
always be additional directories to blacklist on one hand and some users
wanting to use blacklisted dirs on the other) or just require the directory
permissions to be explicitly set to vdsm prior to being used (with NFS domains
this was already rejected by users who had problems adding user 36 to nfs
server so set the dirs to world writeable, I wonder if we'd hit something
similar here).
In any event, sounds to me like the 'proper' thing would be to add such a list
in *engine* and simply warn the user but not prevent it.

Andy?

Comment 3 RHEL Program Management 2012-05-04 04:06:29 UTC
Since RHEL 6.3 External Beta has begun, and this bug remains
unresolved, it has been rejected as it is not proposed as
exception or blocker.

Red Hat invites you to ask your support representative to
propose this request, if appropriate and relevant, in the
next release of Red Hat Enterprise Linux.

Comment 4 Dan Kenigsberg 2012-05-21 19:30:53 UTC
Daniel, why is it impossible to remove the storage domain from /tmp?

Comment 5 Daniel Paikov 2012-05-23 09:12:01 UTC
(In reply to comment #4)
> Daniel, why is it impossible to remove the storage domain from /tmp?

It fails on the VDSM side, please refer to the logs I attached:

Thread-5714::INFO::2012-04-29 16:42:40,397::logUtils::37::dispatcher::(wrapper) Run and protect: connectStorageServer(domType=4, spUU
ID='00000000-0000-0000-0000-000000000000', conList=[{'connection': '/tmp', 'iqn': '', 'portal': '', 'user': '', 'password': '******',
 'id': '403ec0a5-795e-4c5e-acc2-6093914ac467', 'port': ''}], options=None)
Thread-5714::ERROR::2012-04-29 16:42:40,397::hsm::1899::Storage.HSM::(connectStorageServer) Could not connect to storageServer
Traceback (most recent call last):
  File "/usr/share/vdsm/storage/hsm.py", line 1896, in connectStorageServer
    conObj.connect()
  File "/usr/share/vdsm/storage/storageServer.py", line 416, in connect
    os.chmod(lnPath, 0775)
OSError: [Errno 1] Operation not permitted: '/rhev/data-center/mnt/_tmp'

Comment 7 RHEL Program Management 2012-12-14 07:44:29 UTC
This request was not resolved in time for the current release.
Red Hat invites you to ask your support representative to
propose this request, if still desired, for consideration in
the next release of Red Hat Enterprise Linux.

Comment 10 Itamar Heim 2013-12-01 19:57:07 UTC
Closing old bugs. If this issue is still relevant/important in current version, please re-open the bug.


Note You need to log in before you can comment on or make changes to this bug.