Hi,
Tue Sep 10 14:32:48 2013 [ImM][E]: cp: Not allowed to copy images from
/var/lib/one/ /etc/one/ /var/lib/one/
The dir /var/lib/one is a restricted dir, and OpenNebula won't allow you to
copy images from there. Otherwise, you could copy the DB or other
authentication files. That's why it
Hi Carlos,
I appreciate the security issues. I'm just wondering why
/var/lib/one/datastores is not a safe directory by default given it is
the default location for datastores?
Regards,
Gerry
On 11/09/2013 11:51, Carlos Martín Sánchez wrote:
Hi,
Tue Sep 10 14:32:48 2013
Hi,
On Wed, Sep 11, 2013 at 1:06 PM, Gerry O'Brien ge...@scss.tcd.ie wrote:
Hi Carlos,
I appreciate the security issues. I'm just wondering why
/var/lib/one/datastores is not a safe directory by default given it is the
default location for datastores?
Oneadmin's home /var/lib/one is
Hi,
By using /datastores instead of /var/lib/one/datastores, have I
opened a security hole?
On 11/09/2013 12:51, Carlos Martín Sánchez wrote:
Hi,
On Wed, Sep 11, 2013 at 1:06 PM, Gerry O'Brien ge...@scss.tcd.ie wrote:
Hi Carlos,
I appreciate the security issues. I'm just
Well, yes. If I register a new image with the path
/datastores/0/vmid/deployment.0 I could get your vnc password, for
example. Or if I point it to the context cdrom image, I could get some
variables that may contain important information. And, of course, I could
copy one of your images or running
Hi,
I get the following error when trying to create an image from a
QCOW2 file:Error copying image in the datastore: Not allowed to
copy image file /var/lib/one/datastores/1/DELETEME.qcow2
Below are the commands I use to create the QCOW2 file before trying
to create the image
Hi,
This seems to be a general issue not specific to QCOW2. For the
moment I've solved the issue by mounting the datastores (which are NFS
exports for a filestore) on the root partition at /datastores and
created a symlink form /var/lib/one/datatstore to /datastores.
Is this