OpenStack Shared File Systems Service (Manila)

HNAS driver doesnt update access level for rules from managed shares

Bug #1660401 reported by Alyson
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OpenStack Shared File Systems Service (Manila)
Fix Released
Medium
Alyson
OpenStack Shared File Systems Service (Manila) ocata-rc1 "RC1"

Bug Description

HNAS driver maintains all rules from a CIFS share when its being managed. If we try to add a rule that already exists, but with another access level, it just logs "user already allowed" and return success. So, manila will show an access level that is different from the one in backend.

To reproduce:

1 - Managing share S1 with rule for "user123" with access "Read Only":
$ manila manage --name S1 --share-type hitachi ubuntu@HITACHI#HITACHI cifs \\\\172.24.49.26\\77c7384f-3850-43a6-b8e3-e61b13d0980a

2 - Trying to add rule for "user123" with access "Read&Write":
$ manila access-allow S1 user user123

3 - Listing rules:
$ manila access-list S1
+-------------------+-------------+-----------+--------------+--------+------------+
| id | access_type | access_to | access_level | state | access_key |
+-------------------+-------------+-----------+--------------+--------+------------+
| 22f6-...-a7a1c1ec | user | user123 | rw | active | None |
+-------------------+-------------+-----------+--------------+--------+------------+

But in backend, "user123" is with old rule - "ro".
It can be observed only with CIFS share, since NFS rules are always updated.

Rodrigo Barbieri (rodrigo-barbieri2010)
Changed in manila:
importance: Undecided → Medium
milestone: none → ocata-rc1
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to manila (master)

Fix proposed to branch: master
Review: https://review.openstack.org/427096

Changed in manila:
assignee: nobody → Alyson (alyson-rodrigues-rosa)
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to manila (master)

Reviewed: https://review.openstack.org/427096
Committed: https://git.openstack.org/cgit/openstack/manila/commit/?id=f1a6b1ca7a9aedbaa921dc0f3f76fa404338150e
Submitter: Jenkins
Branch: master

commit f1a6b1ca7a9aedbaa921dc0f3f76fa404338150e
Author: Alyson Rosa <email address hidden>
Date: Tue Jan 31 08:28:08 2017 -0200

    HNAS: avoid mismatch access level for managed shares

    A CIFS managed share can contain some rules added in backend, and when
    we try to add an already existent rule through manila, but with
    different access level, the driver will return success with message
    "user already allowed". So, manila will show an access level for this
    rule that is different from the one in backend. This behaviour does
    not apply to NFS shares.

    In this case, it will call an update access rule for CIFS shares to
    assure that rules in backend and in manila are always with same access
    level.

    Change-Id: I3c97ff7a5fee241685d54ac4cf7269ed55f1f602
    Closes-bug: #1660401

Changed in manila:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/manila 4.0.0.0rc1

This issue was fixed in the openstack/manila 4.0.0.0rc1 release candidate.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.