[Bug 898583] [NEW] nova_sudoers allow unused commands
Thierry Carrez
thierry.carrez+lp at gmail.com
Thu Dec 1 11:19:51 UTC 2011
Public bug reported:
While working on nova-rootwrap I noticed that the currently packaged
nova_sudoers file allows the nova user to run as root commands that are
not called from nova code. Those should be checked and cleaned up:
/sbin/ifconfig,
/sbin/iptables,
/sbin/pvcreate, (mentioned twice)
/sbin/vgcreate, (mentioned twice)
/usr/bin/virsh, (used, but as non-root)
/usr/sbin/vblade-persist,
/sbin/aoe-discover,
/bin/aoe-stat,
/sbin/vconfig,
/usr/bin/socat,
** Affects: nova (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to nova in Ubuntu.
https://bugs.launchpad.net/bugs/898583
Title:
nova_sudoers allow unused commands
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nova/+bug/898583/+subscriptions
More information about the Ubuntu-server-bugs
mailing list