Public bug reported:
with non-admin user, I can list the dhcp port, and If I tried to update
the fixed ips of these dhcp ports, it does not reflect to dhcpagent at
all, I mean the nic device's ip in the dhcp namesapce.
So I think we should not allow normal user to view the dhcp port at the first
place.
[root@controller ~]# neutron port-list
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips
|
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
| 1a5a2236-9b66-4b6d-953d-664fad6be3bb | | fa:16:3e:cf:52:b3 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.3"}
|
| 381e244e-4012-4a49-83d3-f252fa4e41a1 | | fa:16:3e:cf:94:bd |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.7"}
|
| 3bba05d3-10ec-49f1-9335-1103f791584b | | fa:16:3e:fe:aa:6f |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.6"}
|
| 939d5696-0780-40c6-a626-a9a9df933553 | | fa:16:3e:c7:5b:73 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.4"}
|
| ad89d303-9e8c-43bb-a029-b341340a92bb | | fa:16:3e:21:6d:98 |
{"subnet_id": "c8e59b09-60d3-4996-8692-02334ee0e658", "ip_address":
"192.168.230.3"} |
| cb350109-39d3-444c-bc33-538c22415171 | | fa:16:3e:f4:d3:e8 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.5"}
|
| d1e79c7c-d500-475f-8e21-2c1958f0a136 | | fa:16:3e:2d:c7:a1 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.1"}
|
| ddc076f6-16aa-4f12-9745-2ac27dd5a38a | | fa:16:3e:e0:04:44 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.8"}
|
| f2a4df5c-e719-46cc-9bdb-bf9771a2c205 | | fa:16:3e:01:73:5e |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.2"}
|
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
[root@controller ~]# neutron port-show 1a5a2236-9b66-4b6d-953d-664fad6be3bb
+-----------------------+---------------------------------------------------------------------------------+
| Field | Value
|
+-----------------------+---------------------------------------------------------------------------------+
| admin_state_up | True
|
| allowed_address_pairs |
|
| device_id |
dhcpd3377d3c-a0d1-5d71-9947-f17125c357bb-20f45603-b76a-4a89-9674-0127e39fc895
|
| device_owner | network:dhcp
|
| extra_dhcp_opts |
|
| fixed_ips | {"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90",
"ip_address": "10.0.1.3"} |
| id | 1a5a2236-9b66-4b6d-953d-664fad6be3bb
|
| mac_address | fa:16:3e:cf:52:b3
|
| name |
|
| network_id | 20f45603-b76a-4a89-9674-0127e39fc895
|
| security_groups |
|
| status | ACTIVE
|
| tenant_id | c8a625a4c71b401681e25e3ad294b255
|
+-----------------------+---------------------------------------------------------------------------------+
** Affects: neutron
Importance: High
Assignee: yong sheng gong (gongysh)
Status: New
** Tags: l3-ipam-dhcp
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1267310
Title:
port-list should not list the dhcp ports for normal user
Status in OpenStack Neutron (virtual network service):
New
Bug description:
with non-admin user, I can list the dhcp port, and If I tried to
update the fixed ips of these dhcp ports, it does not reflect to
dhcpagent at all, I mean the nic device's ip in the dhcp namesapce.
So I think we should not allow normal user to view the dhcp port at the first
place.
[root@controller ~]# neutron port-list
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips
|
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
| 1a5a2236-9b66-4b6d-953d-664fad6be3bb | | fa:16:3e:cf:52:b3 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.3"}
|
| 381e244e-4012-4a49-83d3-f252fa4e41a1 | | fa:16:3e:cf:94:bd |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.7"}
|
| 3bba05d3-10ec-49f1-9335-1103f791584b | | fa:16:3e:fe:aa:6f |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.6"}
|
| 939d5696-0780-40c6-a626-a9a9df933553 | | fa:16:3e:c7:5b:73 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.4"}
|
| ad89d303-9e8c-43bb-a029-b341340a92bb | | fa:16:3e:21:6d:98 |
{"subnet_id": "c8e59b09-60d3-4996-8692-02334ee0e658", "ip_address":
"192.168.230.3"} |
| cb350109-39d3-444c-bc33-538c22415171 | | fa:16:3e:f4:d3:e8 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.5"}
|
| d1e79c7c-d500-475f-8e21-2c1958f0a136 | | fa:16:3e:2d:c7:a1 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.1"}
|
| ddc076f6-16aa-4f12-9745-2ac27dd5a38a | | fa:16:3e:e0:04:44 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.8"}
|
| f2a4df5c-e719-46cc-9bdb-bf9771a2c205 | | fa:16:3e:01:73:5e |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.2"}
|
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
[root@controller ~]# neutron port-show 1a5a2236-9b66-4b6d-953d-664fad6be3bb
+-----------------------+---------------------------------------------------------------------------------+
| Field | Value
|
+-----------------------+---------------------------------------------------------------------------------+
| admin_state_up | True
|
| allowed_address_pairs |
|
| device_id |
dhcpd3377d3c-a0d1-5d71-9947-f17125c357bb-20f45603-b76a-4a89-9674-0127e39fc895
|
| device_owner | network:dhcp
|
| extra_dhcp_opts |
|
| fixed_ips | {"subnet_id":
"e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.3"} |
| id | 1a5a2236-9b66-4b6d-953d-664fad6be3bb
|
| mac_address | fa:16:3e:cf:52:b3
|
| name |
|
| network_id | 20f45603-b76a-4a89-9674-0127e39fc895
|
| security_groups |
|
| status | ACTIVE
|
| tenant_id | c8a625a4c71b401681e25e3ad294b255
|
+-----------------------+---------------------------------------------------------------------------------+
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1267310/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
