The DHCP port belongs to the tenant, which is therefore entitles to see
it.
Deployers wishing to prevent that MIGHT configure policies to remove network
ports from responses.
This is possible in theory, even if I would strongly advise against as this
kind of settings end up making openstack applications not portable across
deployments.
** Changed in: neutron
Status: In Progress => Won't Fix
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1267310
Title:
port-list should not list the dhcp ports for normal user
Status in OpenStack Neutron (virtual network service):
Won't Fix
Bug description:
with non-admin user, I can list the dhcp port, and If I tried to
update the fixed ips of these dhcp ports, it does not reflect to
dhcpagent at all, I mean the nic device's ip in the dhcp namesapce.
So I think we should not allow normal user to view the dhcp port at the first
place.
[root@controller ~]# neutron port-list
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips
|
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
| 1a5a2236-9b66-4b6d-953d-664fad6be3bb | | fa:16:3e:cf:52:b3 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.3"}
|
| 381e244e-4012-4a49-83d3-f252fa4e41a1 | | fa:16:3e:cf:94:bd |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.7"}
|
| 3bba05d3-10ec-49f1-9335-1103f791584b | | fa:16:3e:fe:aa:6f |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.6"}
|
| 939d5696-0780-40c6-a626-a9a9df933553 | | fa:16:3e:c7:5b:73 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.4"}
|
| ad89d303-9e8c-43bb-a029-b341340a92bb | | fa:16:3e:21:6d:98 |
{"subnet_id": "c8e59b09-60d3-4996-8692-02334ee0e658", "ip_address":
"192.168.230.3"} |
| cb350109-39d3-444c-bc33-538c22415171 | | fa:16:3e:f4:d3:e8 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.5"}
|
| d1e79c7c-d500-475f-8e21-2c1958f0a136 | | fa:16:3e:2d:c7:a1 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.1"}
|
| ddc076f6-16aa-4f12-9745-2ac27dd5a38a | | fa:16:3e:e0:04:44 |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.8"}
|
| f2a4df5c-e719-46cc-9bdb-bf9771a2c205 | | fa:16:3e:01:73:5e |
{"subnet_id": "e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.2"}
|
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
[root@controller ~]# neutron port-show 1a5a2236-9b66-4b6d-953d-664fad6be3bb
+-----------------------+---------------------------------------------------------------------------------+
| Field | Value
|
+-----------------------+---------------------------------------------------------------------------------+
| admin_state_up | True
|
| allowed_address_pairs |
|
| device_id |
dhcpd3377d3c-a0d1-5d71-9947-f17125c357bb-20f45603-b76a-4a89-9674-0127e39fc895
|
| device_owner | network:dhcp
|
| extra_dhcp_opts |
|
| fixed_ips | {"subnet_id":
"e38cf289-3b4b-4684-90e0-d44d2ee1cb90", "ip_address": "10.0.1.3"} |
| id | 1a5a2236-9b66-4b6d-953d-664fad6be3bb
|
| mac_address | fa:16:3e:cf:52:b3
|
| name |
|
| network_id | 20f45603-b76a-4a89-9674-0127e39fc895
|
| security_groups |
|
| status | ACTIVE
|
| tenant_id | c8a625a4c71b401681e25e3ad294b255
|
+-----------------------+---------------------------------------------------------------------------------+
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1267310/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : yahoo-eng-team@lists.launchpad.net
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
