[Bug 725170] [NEW] euca-authorize requires source-subnet to function
Scott Moser
smoser at canonical.com
Fri Feb 25 18:43:18 UTC 2011
Public bug reported:
Binary package hint: euca2ools
using the ec2-api-tools, one can do something like:
$ ec2-add-group --description=bar foogroup
GROUP foogroup bar
$ ec2-authorize foogroup -p 22
GROUP foogroup
PERMISSION foogroup ALLOWS tcp 22 22 FROM CIDR 0.0.0.0/0
$ ec2-describe-group foogroup
GROUP 950047163771 foogroup bar
PERMISSION 950047163771 foogroup ALLOWS tcp 22 22 FROM CIDR 0.0.0.0/0
Using euca2ools, the same looks like this:
$ euca-add-group --description=bar foogroup
GROUP foogroup bar
$ euca-authorize foogroup -p 22
foogroup None None tcp 22 22 None
GROUP foogroup
PERMISSION foogroup ALLOWS tcp 22 22
$ echo $?
0
$ euca-describe-groups
GROUP 950047163771 foogroup bar
Note 2 things there, a.) the command returned success b.) it did not do
anything. There is no PERMISSIOn rule now as there should be.
However, if we supply a -s/--source-subnet flag, then it works as
expected:
$ euca-authorize foogroup -p 22 --source-subnet 0.0.0.0/0
foogroup None None tcp 22 22 0.0.0.0/0
GROUP foogroup
PERMISSION foogroup ALLOWS tcp 22 22 FROM CIDR 0.0.0.0/0
$ euca-describe-groups foogroup
GROUP 950047163771 foogroup bar
PERMISSION 950047163771 foogroup ALLOWS tcp 22 22 FROM CIDR 0.0.0.0/0
I think all that is really needed is to use '0.0.0.0/0' as the source-subnet if one is not supplied.
ProblemType: Bug
DistroRelease: Ubuntu 11.04
Package: euca2ools 1.3.1-0ubuntu5
ProcVersionSignature: Ubuntu 2.6.38-1.28-generic 2.6.38-rc2
Uname: Linux 2.6.38-1-generic x86_64
Architecture: amd64
Date: Fri Feb 25 13:29:08 2011
InstallationMedia: Ubuntu 10.04 "Lucid Lynx" - Beta amd64 (20100318)
PackageArchitecture: all
ProcEnviron:
LANGUAGE=en_US:en
PATH=(custom, user)
LANG=en_US.UTF-8
LC_MESSAGES=en_US.utf8
SHELL=/bin/bash
SourcePackage: euca2ools
** Affects: euca2ools
Importance: Undecided
Status: New
** Affects: euca2ools (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug natty
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to euca2ools in ubuntu.
https://bugs.launchpad.net/bugs/725170
Title:
euca-authorize requires source-subnet to function
More information about the Ubuntu-server-bugs
mailing list