[Bug 725170] Re: euca-authorize requires source-subnet to function

Mitch Garnaat 725170 at bugs.launchpad.net
Fri Feb 25 21:06:18 UTC 2011 

Thanks.  I'll merge this in on my side.

Where are you guys with the Natty release?  Is that imminent?  I've been
working on lots of changes to euca2ools.  Refactoring the code, adding
support for things like tags and filters, fixing lots of long-standing bugs,
etc.  I suspect all of this is much too late for natty but just wanted to
give you a heads up.  I'll probably be merging these changes to our
euca2ools-main sometime over the next two weeks.

Mitch

On Fri, Feb 25, 2011 at 3:54 PM, Scott Moser <smoser at canonical.com>
wrote:

> Mitch,
>  I've just pulled this into the ubuntu euca2ools package.  You can pull the
> patch from
>
> http://bazaar.launchpad.net/~ubuntu-virt/ubuntu/natty/euca2ools/natty/view/head:/debian/patches/authorize-add-default-source-subnet.patch
>
> ** Changed in: euca2ools
>       Status: New => Confirmed
>
> --
> You received this bug notification because you are a member of
> Eucalyptus Maintainers, which is the registrant for euca2ools.
> https://bugs.launchpad.net/bugs/725170
>
> Title:
>  euca-authorize requires source-subnet to function
>
> Status in Euca2ools:
>   Confirmed
> Status in “euca2ools” package in Ubuntu:
>  Fix Released
>
> Bug description:
>  Binary package hint: euca2ools
>
>  using the ec2-api-tools, one can do something like:
>   $ ec2-add-group --description=bar foogroup
>   GROUP   foogroup bar
>   $ ec2-authorize foogroup -p 22
>   GROUP       foogroup
>   PERMISSION  foogroup ALLOWS   tcp   22 22 FROM  CIDR  0.0.0.0/0
>   $ ec2-describe-group foogroup
>   GROUP 950047163771   foogroup bar
>   PERMISSION  950047163771   foogroup ALLOWS   tcp   22 22 FROM  CIDR
> 0.0.0.0/0
>
>  Using euca2ools, the same looks like this:
>   $ euca-add-group --description=bar foogroup
>   GROUP foogroup bar
>   $ euca-authorize foogroup -p 22
>   foogroup None None tcp 22 22 None
>   GROUP foogroup
>   PERMISSION  foogroup ALLOWS   tcp   22 22
>   $ echo $?
>   0
>   $ euca-describe-groups
>   GROUP   950047163771   foogroup bar
>
>  Note 2 things there, a.) the command returned success b.) it did not
>  do anything.  There is no PERMISSIOn rule now as there should be.
>
>  However, if we supply a -s/--source-subnet flag, then it works as
>  expected:
>
>   $ euca-authorize foogroup -p 22 --source-subnet 0.0.0.0/0
>   foogroup None None tcp 22 22 0.0.0.0/0
>   GROUP foogroup
>   PERMISSION  foogroup ALLOWS   tcp   22 22 FROM  CIDR  0.0.0.0/0
>   $ euca-describe-groups foogroup
>   GROUP   950047163771   foogroup bar
>   PERMISSION  950047163771   foogroup ALLOWS   tcp   22 22 FROM  CIDR
> 0.0.0.0/0
>
>
>  I think all that is really needed is to use '0.0.0.0/0' as the
> source-subnet if one is not supplied.
>
>  ProblemType: Bug
>  DistroRelease: Ubuntu 11.04
>  Package: euca2ools 1.3.1-0ubuntu5
>  ProcVersionSignature: Ubuntu 2.6.38-1.28-generic 2.6.38-rc2
>  Uname: Linux 2.6.38-1-generic x86_64
>  Architecture: amd64
>  Date: Fri Feb 25 13:29:08 2011
>  InstallationMedia: Ubuntu 10.04 "Lucid Lynx" - Beta amd64 (20100318)
>  PackageArchitecture: all
>  ProcEnviron:
>   LANGUAGE=en_US:en
>   PATH=(custom, user)
>   LANG=en_US.UTF-8
>   LC_MESSAGES=en_US.utf8
>   SHELL=/bin/bash
>  SourcePackage: euca2ools
>

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to euca2ools in ubuntu.
https://bugs.launchpad.net/bugs/725170

Title:
  euca-authorize requires source-subnet to function

More information about the Ubuntu-server-bugs mailing list