Canonical Juju

  1. Bug #1663506
  2. Activity log

Activity log for bug #1663506

Date Who What changed Old value New value Message
2017-02-10 08:13:28 Christopher Lee bug added bug
2017-02-10 14:29:19 Horacio Durán juju: assignee Horacio Durán (hduran-8)
2017-02-10 14:30:55 Curtis Hovey juju: importance Critical High
2017-02-10 14:30:58 Curtis Hovey juju: status New Triaged
2017-02-10 14:32:49 Curtis Hovey tags permissions regression permissions regression status
2017-02-10 18:49:29 Curtis Hovey tags permissions regression status ci permissions status
2017-02-10 19:04:00 Curtis Hovey juju: milestone 2.1-rc1
2017-02-10 19:14:46 Curtis Hovey juju: milestone 2.1.0
2017-02-10 19:17:50 Curtis Hovey description Given a superuser admin who creates a user, if that user add-models a model the admin is able to list the model (using juju list-models) but is unable to show the status of the model (get: ERROR permission denied (unauthorized access)). To reproduce: # As admin $ juju bootstrap --constraints mem=2G lxd/localhost listmodelstest $ juju add-user newuser1 -c listmodelstest User "newuser1" added Please send this command to newuser1: ... snip ... $ juju grant newuser1 addmodel -c listmodelstest # Now as new user $ JUJU_DATA=/tmp/newuserstuff juju register ... snip ... $ JUJU_DATA=/tmp/newuserstuff juju add-model mysweetmodel $ JUJU_DATA=/tmp/newuserstuff juju list-models Controller: listmodelstest Model Cloud/Region Status Access Last connection mysweetmodel* localhost/localhost available admin never connected # Back as admin $ juju list-models -c listmodelstest Controller: listmodelstest Model Cloud/Region Status Machines Cores Access Last connection controller localhost/localhost available 1 - admin just now default localhost/localhost available 0 - admin 11 hours ago newuser1/mysweetmodel localhost/localhost available 0 - never connected $ juju show-status -m listmodelstest:newuser1/mysweetmodel ERROR permission denied (unauthorized access) As seen at http://reports.vapour.ws/releases/issue/57eacb31749a5646c50f38f9 Given a superuser admin who creates a user, if that user add-models a model the admin is able to list the model (using juju list-models) but is unable to show the status of the model (get: ERROR permission denied (unauthorized access)). To reproduce: # As admin $ juju bootstrap --constraints mem=2G lxd/localhost listmodelstest $ juju add-user newuser1 -c listmodelstest User "newuser1" added Please send this command to newuser1:  ... snip ... $ juju grant newuser1 addmodel -c listmodelstest # Now as new user $ JUJU_DATA=/tmp/newuserstuff juju register ... snip ... $ JUJU_DATA=/tmp/newuserstuff juju add-model mysweetmodel $ JUJU_DATA=/tmp/newuserstuff juju list-models Controller: listmodelstest Model Cloud/Region Status Access Last connection mysweetmodel* localhost/localhost available admin never connected # Back as admin $ juju list-models -c listmodelstest Controller: listmodelstest Model Cloud/Region Status Machines Cores Access Last connection controller localhost/localhost available 1 - admin just now default localhost/localhost available 0 - admin 11 hours ago newuser1/mysweetmodel localhost/localhost available 0 - never connected $ juju show-status -m listmodelstest:newuser1/mysweetmodel ERROR permission denied (unauthorized access)
2017-02-11 01:13:07 Horacio Durán juju: status Triaged Fix Committed
2017-02-22 23:06:36 Curtis Hovey juju: status Fix Committed Fix Released