Wednesday, 2016-12-07

« Tuesday, 2016-12-06 Index Thursday, 2016-12-08 »
*** yuanying_ has joined #openstack-security00:03
*** yuanying has quit IRC00:06
*** yuanying_ has quit IRC00:07
*** lamt has quit IRC00:14
*** nkinder has quit IRC00:29
*** diazjf has joined #openstack-security00:39
*** bpokorny has quit IRC00:59
*** bpokorny has joined #openstack-security01:00
*** hongbin has quit IRC01:00
*** yuanying has joined #openstack-security01:04
*** bpokorny_ has joined #openstack-security01:04
*** dave-mccowan has joined #openstack-security01:04
*** bpokorny has quit IRC01:06
*** jamielennox is now known as jamielennox|away01:07
*** Trident has joined #openstack-security01:09
*** lamt has joined #openstack-security01:11
*** liujiong has joined #openstack-security01:21
*** jamielennox|away is now known as jamielennox01:21
*** hanchao has joined #openstack-security01:24
hanchaohello guardians, don't know if this is an security issue that I found in openstack. The thing that I found was once an user is nominated as an admin of a project, this user will have full admin access of everything, even out of his/her project. The more horrible thing is that he/she can even remove the real admin of the whole cloud. Are there anything wrong of my use case? Or anyone who can explain me the reason behind i01:29
*** bpokorny has joined #openstack-security01:56
*** knangia has joined #openstack-security01:59
*** bpokorny_ has quit IRC01:59
*** bpokorny has quit IRC02:01
*** browne has quit IRC02:33
*** xin9972 has quit IRC02:36
*** yuanying has quit IRC02:58
*** diazjf has quit IRC03:09
*** browne has joined #openstack-security03:21
*** dave-mccowan has quit IRC03:25
*** dave-mccowan has joined #openstack-security03:28
openstackgerritKhanak Nangia proposed openstack/syntribos: Adding new tests for Syntribos in the tests doc  https://review.openstack.org/40783103:33
openstackgerritKhanak Nangia proposed openstack/syntribos: Adding new tests for Syntribos in the tests doc  https://review.openstack.org/40783103:36
*** browne has quit IRC03:37
*** yuanying has joined #openstack-security03:43
*** yuanying has quit IRC03:48
*** yuanying has joined #openstack-security03:49
*** yuanying has quit IRC03:53
*** dave-mccowan has quit IRC04:06
*** yuanying has joined #openstack-security04:40
*** diazjf has joined #openstack-security05:04
*** yuanying has quit IRC05:13
*** yuanying has joined #openstack-security05:13
*** hyakuhei has quit IRC05:14
*** Ryan_Lane_ has joined #openstack-security05:14
*** fyxim has quit IRC05:14
*** DuncanT_ has joined #openstack-security05:15
*** DuncanT has quit IRC05:15
*** Ryan_Lane has quit IRC05:15
*** Ryan_Lane_ is now known as Ryan_Lane05:16
*** DuncanT_ is now known as DuncanT05:16
*** jamielennox has quit IRC05:16
*** fyxim has joined #openstack-security05:18
*** jamielennox has joined #openstack-security05:31
*** hyakuhei has joined #openstack-security05:31
*** knangia has quit IRC05:54
*** diazjf has quit IRC06:01
*** markvoelker has quit IRC06:05
*** markvoelker has joined #openstack-security06:05
*** knangia has joined #openstack-security06:08
*** markvoelker has quit IRC06:10
*** JAHoagie has joined #openstack-security06:30
openstackgerritKhanak Nangia proposed openstack/syntribos: Fixing nits in the test-anatomy document  https://review.openstack.org/40787206:31
openstackgerritKhanak Nangia proposed openstack/syntribos: Adding new tests for Syntribos in the tests doc  https://review.openstack.org/40783106:47
*** yuanying has quit IRC07:05
*** markvoelker has joined #openstack-security07:06
*** markvoelker has quit IRC07:10
*** jamielennox is now known as jamielennox|away07:11
*** shohel has joined #openstack-security07:11
*** yuanying has joined #openstack-security07:17
*** rcernin has joined #openstack-security07:34
*** pcaruana has joined #openstack-security07:41
*** markvoelker has joined #openstack-security08:07
*** yuanying has quit IRC08:08
*** markvoelker has quit IRC08:11
*** zul has quit IRC08:18
*** zul has joined #openstack-security08:32
*** JAHoagie has quit IRC08:52
*** yuanying has joined #openstack-security08:59
*** markvoelker has joined #openstack-security09:07
*** markvoelker has quit IRC09:12
*** shohel has quit IRC09:17
openstackgerritOpenStack Proposal Bot proposed openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/40798109:53
*** markvoelker has joined #openstack-security10:08
*** markvoelker has quit IRC10:13
*** liujiong has quit IRC10:25
*** DuncanT has quit IRC10:33
*** DuncanT has joined #openstack-security10:33
*** Serlex has joined #openstack-security10:38
*** knangia has quit IRC11:04
*** openstackgerrit has quit IRC11:32
*** shohel has joined #openstack-security11:41
*** hyakuhei has quit IRC11:51
*** hyakuhei has joined #openstack-security11:51
*** hyakuhei has quit IRC11:51
*** hyakuhei has joined #openstack-security11:51
*** markvoelker has joined #openstack-security12:09
*** dave-mccowan has joined #openstack-security12:10
*** markvoelker has quit IRC12:15
*** edmondsw_ has joined #openstack-security12:26
*** edmondsw_ has quit IRC12:50
*** lamt has quit IRC13:01
*** markvoelker has joined #openstack-security13:12
*** markvoelker has quit IRC13:16
*** markvoelker has joined #openstack-security13:19
*** openstackgerrit has joined #openstack-security13:29
openstackgerritOpenStack Proposal Bot proposed openstack/anchor: Updated from global requirements  https://review.openstack.org/38055413:29
*** knangia has joined #openstack-security13:41
*** lamt has joined #openstack-security13:41
*** bnname has joined #openstack-security13:48
*** rcernin has quit IRC13:49
*** hanchao has quit IRC13:50
*** rcernin has joined #openstack-security13:51
*** shohel has quit IRC13:53
*** shohel has joined #openstack-security13:58
*** shohel has quit IRC14:02
*** lamt has quit IRC14:03
*** lamt has joined #openstack-security14:06
*** _elmiko is now known as elmiko14:08
*** shohel has joined #openstack-security14:17
*** gouthamr has joined #openstack-security14:37
*** bnname has left #openstack-security14:41
openstackgerritMerged openstack/security-doc: Updated from openstack-manuals  https://review.openstack.org/40798114:51
*** nkinder has joined #openstack-security14:57
*** bnname has joined #openstack-security15:00
*** bnname has quit IRC15:00
*** liverpooler has quit IRC15:05
*** liverpooler has joined #openstack-security15:05
*** hongbin has joined #openstack-security15:07
*** JAHoagie has joined #openstack-security15:11
*** nkinder has quit IRC15:17
*** dave-mccowan has quit IRC15:23
*** nkinder has joined #openstack-security15:30
*** dave-mccowan has joined #openstack-security15:41
*** xin9972 has joined #openstack-security15:45
*** JAHoagie has quit IRC15:51
*** shohel has quit IRC16:03
*** knangia has quit IRC16:04
*** bnname has joined #openstack-security16:15
*** pcaruana has quit IRC16:18
*** rcernin has quit IRC16:19
*** bnname has quit IRC16:30
*** bpokorny has joined #openstack-security16:37
*** bpokorny has quit IRC16:38
*** bpokorny has joined #openstack-security16:38
unrahuldotplus:  just gave a workflow.. should be merged in a few mins :)16:46
openstackgerritMerged openstack/syntribos: Respect cli args for initialization check  https://review.openstack.org/40721716:52
dotplusunrahul: yup, merged. thanks.16:55
*** diazjf has joined #openstack-security16:57
*** browne has joined #openstack-security16:58
unrahulthank you dotplus  for the contribution17:02
*** bpokorny has quit IRC17:02
*** bpokorny has joined #openstack-security17:02
dotplushopefully, there will be more interesting patches later. Would you be interested in an Ansible role? Would that be something reasonable to include in openstack/syntribos directly? or would that be better located elsewhere?17:04
*** mdong has joined #openstack-security17:07
*** bpokorny has quit IRC17:07
unrahulIn what way.. dotplus  ?17:09
unrahulAnsible that is*17:09
*** bpokorny has joined #openstack-security17:10
*** rcernin has joined #openstack-security17:11
*** bpokorny_ has joined #openstack-security17:14
*** knangia has joined #openstack-security17:14
dotplusI'm writing an Ansible role that deploys syntribos and a playbook for Jenkins to run it against a test cluster as part of our release process (or even as a gate job).17:15
*** bpokorny has quit IRC17:17
openstackgerritKhanak Nangia proposed openstack/syntribos: Adding new tests for Syntribos in the tests doc  https://review.openstack.org/40783117:31
*** dhellmann has quit IRC17:33
unrahulyup that would be very valuable to syntribos dotplus , we see that as a feature that syntribos needs17:34
unrahuldotplus:17:34
*** vds has quit IRC17:34
unrahulmdong: xin9972 vinaypotluri knangia ^17:35
*** gouthamr has quit IRC17:37
*** gouthamr has joined #openstack-security17:38
openstackgerritMerged openstack/syntribos: Fixing nits in the test-anatomy document  https://review.openstack.org/40787217:40
dotplusunrahul: is there a bug for this yet?17:43
*** JAHoagie has joined #openstack-security17:54
*** diazjf has quit IRC17:56
*** bpokorny_ has quit IRC17:59
*** bpokorny has joined #openstack-security17:59
*** vds has joined #openstack-security18:00
*** dhellmann has joined #openstack-security18:00
*** bpokorny has quit IRC18:04
*** cleong has joined #openstack-security18:06
*** vds has quit IRC18:11
*** dhellmann has quit IRC18:15
unrahulnop18:15
unrahulthis would be more of a blueprint rather than a bug18:15
unrahulWe could start a blueprint if we all feel it's a value add and a new feature, in this case I think it is, at https://blueprints.launchpad.net/syntribos/18:16
unrahulmdong:  what do you think about dotplus proposal on Ansible roles and playbook for  jenkins for syntribos18:17
*** Serlex has quit IRC18:41
*** austin987 has quit IRC18:56
*** bnname has joined #openstack-security18:58
*** bnname_ has joined #openstack-security19:08
*** bpokorny has joined #openstack-security19:10
*** bpokorny has quit IRC19:10
*** bpokorny has joined #openstack-security19:11
*** bnname has quit IRC19:12
*** diazjf has joined #openstack-security19:28
*** gouthamr has quit IRC19:30
*** gouthamr has joined #openstack-security19:33
*** bpokorny has quit IRC19:41
*** bpokorny has joined #openstack-security19:41
*** bpokorny has quit IRC19:45
*** diazjf has quit IRC19:48
*** bpokorny has joined #openstack-security19:49
*** diazjf has joined #openstack-security19:49
*** lamt has quit IRC19:49
*** dhellmann_ has joined #openstack-security19:52
mdongsorry unrahul, just saw this. But I completely agree with you, this is great! dotplus, I’d be especially interested in any feedback for features/fixes that we could do to make it as easy as possible to do this19:57
unrahul+2 mdong19:59
*** dhellmann_ is now known as dhellmann19:59
*** vds has joined #openstack-security20:06
sigmavirusunrahul: dotplus so you'd run syntribos against an active cluster?20:14
unrahulyes sigmavirus20:15
sigmavirusI mean I could understand if you wanted to test a set of known things against an active/production cluster, but I'm not sure you want to fuzz one of those and I'm further uncertain you want the ansible role in the repository with the code20:16
sigmavirusAt the very least, openstack convention is for operations tooling for a project to live elsewhere20:16
sigmavirusBut I know the syntribos project likes going against the grain and doing its own thing20:17
unrahul:) sigmavirus  , well we dont intend to go against conventions, the idea to make modificaiton if needed to syntribos  to enable it be part of a gate job (in the future) , such as may be an junit type output formatter etc20:18
sigmavirusthe openstack gate uses subunit, not junit. They're two different things20:18
sigmavirusJUnit formatted output would be more useful for folks running Jenkins (like dotplus) and is definitely valuable though20:18
unrahulWe have just started talking about the  the Ansible roles and other things, so I don't think we would be merging something to syntribos that need not be there.20:19
*** ccneill has joined #openstack-security20:31
*** gouthamr has quit IRC20:32
dotpluswell, I haven't finished working on the role for $employer yet, let alone cleaned it up, generalized it, etc. to make it suitable for inclusion upstream. So you have a while to think about where/whether you want it:)20:35
*** bnname_ has quit IRC20:45
*** bnname has joined #openstack-security20:46
*** lamt has joined #openstack-security20:46
*** bpokorny has quit IRC20:59
*** bpokorny has joined #openstack-security21:00
*** bpokorny has quit IRC21:04
openstackgerritKhanak Nangia proposed openstack/syntribos: Adding new tests for Syntribos in the tests doc  https://review.openstack.org/40783121:12
*** cleong has quit IRC21:19
*** diazjf has quit IRC21:38
*** jamielennox|away is now known as jamielennox21:49
*** bpokorny has joined #openstack-security21:52
*** singlethink has joined #openstack-security21:53
*** diazjf has joined #openstack-security21:55
*** bpokorny has quit IRC22:06
*** bpokorny has joined #openstack-security22:07
*** dave-mccowan has quit IRC22:09
*** bpokorny has quit IRC22:11
*** diazjf has quit IRC22:16
*** diazjf has joined #openstack-security22:30
*** rcernin has quit IRC22:48
*** ayoung has quit IRC22:48
*** lamt has quit IRC22:48
*** bpokorny has joined #openstack-security22:49
*** browne has quit IRC22:53
*** ccneill has quit IRC22:54
*** ccneill has joined #openstack-security22:58
*** bnname has quit IRC23:01
*** nkinder has quit IRC23:10
*** diazjf has quit IRC23:12
*** bpokorny has quit IRC23:16
*** bpokorny has joined #openstack-security23:16
*** bpokorny has quit IRC23:20
*** bpokorny has joined #openstack-security23:20
*** mdong has quit IRC23:23
*** bnname has joined #openstack-security23:26
*** jamielennox is now known as jamielennox|away23:27
*** elmiko is now known as _elmiko23:27
*** jamielennox|away is now known as jamielennox23:28
*** browne has joined #openstack-security23:41
*** ccneill has quit IRC23:42
*** bnname has quit IRC23:57
*** bnname has joined #openstack-security23:58
« Tuesday, 2016-12-06 Index Thursday, 2016-12-08 »

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!