Ubuntu
nova package

  1. Bug #1284718
  2. Comment #18

Comment 18 for bug 1284718

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to nova (master)

Reviewed: https://review.openstack.org/85189
Committed: https://git.openstack.org/cgit/openstack/nova/commit/?id=7d1b4117fda7709307a35e56625cfa7709a6b795
Submitter: Jenkins
Branch: master

commit 7d1b4117fda7709307a35e56625cfa7709a6b795
Author: Salvatore Orlando <email address hidden>
Date: Thu Apr 3 14:54:11 2014 -0700

    Require admin context for interfaces on ext network

    Currently any user can attach an interface to a neutron
    external network, if the neutron plugin supports the port
    binding extension.
    In this case, nova will create neutron ports using the admin
    client, thus bypassing neutron authZ checks for creating ports
    on external networks.

    This patch adds a check in nova to verify the API request has an
    admin context when a request for an interface is made on a
    neutron external network.

    Change-Id: I5fb0bdcbf19eb82746ea3b192c1f65899bfb3c0b
    Closes-Bug: 1284718