Friday, 2020-09-25

« Thursday, 2020-09-24 Index Saturday, 2020-09-26 »
*** baojg has quit IRC00:10
*** baojg has joined #openstack-meeting00:11
*** armax has quit IRC00:14
*** yasufum has quit IRC00:15
*** yasufum has joined #openstack-meeting00:19
*** jmasud has quit IRC00:29
*** yasufum has quit IRC00:29
*** gyee has quit IRC00:56
*** baojg has quit IRC00:57
*** baojg has joined #openstack-meeting00:58
*** Lucas_Gray has quit IRC01:05
*** tdasilva_ has quit IRC01:07
*** tdasilva_ has joined #openstack-meeting01:08
*** yasufum has joined #openstack-meeting01:08
*** Liang__ has joined #openstack-meeting01:25
*** baojg has quit IRC01:26
*** jmasud has joined #openstack-meeting01:41
*** jmasud has quit IRC01:43
*** jamesmcarthur has joined #openstack-meeting01:49
*** jamesmcarthur has quit IRC01:59
*** yasufum has quit IRC02:02
*** lhinds has quit IRC02:02
*** jamesmcarthur has joined #openstack-meeting02:03
*** lhinds has joined #openstack-meeting02:03
*** jamesmcarthur has quit IRC02:10
*** yasufum has joined #openstack-meeting02:13
*** rcernin has quit IRC02:26
*** rcernin has joined #openstack-meeting02:50
*** rcernin has quit IRC02:57
*** rcernin has joined #openstack-meeting02:59
*** rcernin has quit IRC02:59
*** rcernin has joined #openstack-meeting03:00
*** rbudden has joined #openstack-meeting03:03
*** baojg has joined #openstack-meeting03:26
*** psachin has joined #openstack-meeting03:36
*** yasufum has quit IRC03:37
*** jamesmcarthur has joined #openstack-meeting03:38
*** yasufum has joined #openstack-meeting03:43
*** Lucas_Gray has joined #openstack-meeting03:57
*** Liang__ has quit IRC04:31
*** Liang__ has joined #openstack-meeting04:32
*** evrardjp has quit IRC04:33
*** evrardjp has joined #openstack-meeting04:33
*** psahoo has joined #openstack-meeting04:48
*** ociuhandu has joined #openstack-meeting05:01
*** zbr|pto has quit IRC05:07
*** njohnston has quit IRC05:09
*** ociuhandu has quit IRC05:10
*** bnemec has quit IRC05:10
*** rbudden has quit IRC05:24
*** rbudden has joined #openstack-meeting05:24
*** psahoo_ has joined #openstack-meeting05:25
*** rbudden has joined #openstack-meeting05:25
*** jamesmcarthur has quit IRC05:28
*** psahoo has quit IRC05:29
*** ricolin has quit IRC05:45
*** hyunsikyang__ has joined #openstack-meeting05:52
*** hyunsikyang has quit IRC05:56
*** slaweq has joined #openstack-meeting06:22
*** ralonsoh has joined #openstack-meeting06:30
*** slaweq has quit IRC06:33
*** dklyle has quit IRC06:37
*** viks____ has joined #openstack-meeting06:37
*** Lucas_Gray has quit IRC06:47
*** zbr has joined #openstack-meeting06:49
*** slaweq has joined #openstack-meeting06:52
*** whoami-rajat__ has joined #openstack-meeting07:07
*** rcernin has quit IRC07:39
*** tosky has joined #openstack-meeting07:43
*** yamamoto has quit IRC07:55
*** yamamoto has joined #openstack-meeting07:56
*** yamamoto has quit IRC07:57
*** yamamoto has joined #openstack-meeting08:04
*** yamamoto has quit IRC08:04
*** yamamoto has joined #openstack-meeting08:05
*** yamamoto has quit IRC08:10
*** moguimar has joined #openstack-meeting08:10
*** lpetrut has joined #openstack-meeting08:23
*** yamamoto has joined #openstack-meeting08:33
*** baojg has quit IRC08:51
*** moguimar has quit IRC08:52
*** e0ne has joined #openstack-meeting08:52
*** baojg has joined #openstack-meeting08:52
*** Lucas_Gray has joined #openstack-meeting09:11
*** ociuhandu has joined #openstack-meeting09:28
*** rcernin has joined #openstack-meeting09:38
*** yamamoto has quit IRC09:45
*** yamamoto has joined #openstack-meeting10:08
*** rcernin has quit IRC10:10
*** yamamoto has quit IRC10:11
*** Liang__ has quit IRC10:14
*** apetrich has joined #openstack-meeting10:26
*** yamamoto has joined #openstack-meeting10:46
*** yasufum has quit IRC10:50
*** yamamoto has quit IRC10:54
*** yasufum has joined #openstack-meeting11:30
*** yamamoto has joined #openstack-meeting11:32
*** yamamoto has quit IRC11:37
*** rcernin has joined #openstack-meeting11:42
*** raildo has joined #openstack-meeting11:52
*** Lucas_Gray has quit IRC12:02
*** rfolco|ruck has joined #openstack-meeting12:05
*** yasufum has quit IRC12:06
*** yasufum has joined #openstack-meeting12:12
*** yasufum has quit IRC12:13
*** moguimar has joined #openstack-meeting12:27
*** njohnston has joined #openstack-meeting12:29
*** yamamoto has joined #openstack-meeting12:40
*** gmann is now known as gmann_pto12:41
*** yamamoto has quit IRC12:47
*** Lucas_Gray has joined #openstack-meeting13:06
*** mbuil has quit IRC13:07
*** mbuil has joined #openstack-meeting13:07
*** TrevorV has joined #openstack-meeting13:20
*** Lucas_Gray has quit IRC13:21
*** rcernin has quit IRC13:21
*** hemna has quit IRC13:25
*** hemna has joined #openstack-meeting13:25
*** TrevorV has quit IRC13:26
*** Lucas_Gray has joined #openstack-meeting13:28
*** Lucas_Gray has quit IRC13:33
*** rbudden has joined #openstack-meeting13:34
*** masahito has joined #openstack-meeting13:37
*** tdasilva_ has quit IRC13:39
*** tdasilva_ has joined #openstack-meeting13:40
*** jgriffith has quit IRC13:41
*** TrevorV has joined #openstack-meeting13:45
*** Lucas_Gray has joined #openstack-meeting13:52
*** yamamoto has joined #openstack-meeting13:59
*** mlavalle has joined #openstack-meeting13:59
slaweq#startmeeting neutron_drivers14:00
openstackMeeting started Fri Sep 25 14:00:23 2020 UTC and is due to finish in 60 minutes.  The chair is slaweq. Information about MeetBot at http://wiki.debian.org/MeetBot.14:00
openstackUseful Commands: #action #agreed #help #info #idea #link #topic #startvote.14:00
*** openstack changes topic to " (Meeting topic: neutron_drivers)"14:00
openstackThe meeting name has been set to 'neutron_drivers'14:00
mlavalleo/14:00
slaweqwelcome after pretty long break on the drivers meeting14:01
slaweq:)14:01
yamamotohi14:01
amotokihi14:01
mlavallenothing wrong with that. we are supposed to meet when the community needs it. no need to meet for the sake of meeting14:01
haleybhi14:02
slaweqmlavalle: I know, that's why I was cancelling it so many times recently :)14:02
njohnstono/14:02
slaweqralonsoh: are You around?14:02
slaweqwe are almost all here already14:02
ralonsohsorry yes14:02
slaweqok, now we are all there14:03
slaweq:)14:03
slaweqok, so lets start14:03
slaweqas I wrote in the email yesterday night, we don't have any new (or updated) rfe to discuss today14:03
slaweqbut I wanted to talk about one bug related to policy.json14:03
slaweqhttps://bugs.launchpad.net/neutron/+bug/189593314:04
openstackLaunchpad bug 1895933 in neutron "Admin user can do anything without the control of policy.json" [Medium,Confirmed]14:04
slaweqbasically in neutron it is like it's in the bug description, so we are checking if user is admin and then don't check anything else from the policy file14:04
amotokisorry for not replying this. I was busy for internal stuffs.....14:05
slaweqand I wanted to ask You if You think it is a bug which we should fix, or maybe it's like that in all projects and we should keep it like it's now14:05
amotokiIIRC we handled 'admin' role specially so we skipped admin check14:05
slaweqamotoki: np14:05
amotokibut I believe it is time to honor policy check.14:05
ralonsohbut the default behaviour will be the current one, correct?14:06
slaweqralonsoh: I think so14:06
slaweqby default admin should be able to do everything14:07
slaweqbut operator should IMHO be able to control that too14:07
amotokiagree14:07
amotokiat now, role admin and elevated context are considered same but perhaps we need to distinguish these two.14:08
ralonsohyeah, that's a good point14:09
ralonsohwe should use elevated one internally only when needed, but should not be the same as admin14:09
ralonsoh(could be an opportunity to clean up some parts of the code using admin indiscriminately)14:09
amotokiralonsoh: +114:10
amotokipolicy check provides RBAC at the API level. Internal accesses with elevated context is a different thing.14:11
slaweqso it seems that at least me, ralonsoh and amotoki agree that this is an improvement which we should do in our code14:14
ralonsohyes14:15
slaweqanyone else has got any thougts about that?14:15
mlavalleI'm in agreement14:15
yamamoto+114:15
njohnstonso does that mean we need to reevaluate places where we use context.is_admin to see if this is a case where we need elevated context or actual admin role?14:15
mlavallethe question is what we do next14:16
slaweqnjohnston: I think so14:16
amotokiIMHO the first step would be to improve the behavior reported in this bug (address scope)14:17
slaweqmlavalle: I think I will open BP to track progress on that, and we will need some volunteer(s) to make progress on that14:17
njohnstonlike here: https://opendev.org/openstack/neutron/src/branch/master/neutron/policy.py#L434-L43714:17
mlavalleslaweq: +114:18
njohnstonslaweq: +114:18
ralonsoh+114:18
amotokislaweq: +114:18
*** dklyle has joined #openstack-meeting14:18
slaweqnjohnston: place which You pointed to is exactly the "culprit" of the whole issue IMO14:18
slaweqso this has to be removed14:19
slaweqand we should validate policy even if context.is_admin14:19
*** masahito has quit IRC14:19
amotokiwe may need to revisit the condition of is_admin=true too14:19
slaweqok, so I think we all agreed on what to do with this bug and on the next steps plan14:21
slaweqI will sum this up in the LP's comment today14:22
slaweqand I will create BP for this14:22
slaweqand basically that's all what I had for today14:22
slaweqdo You have maybe anything else You want to discuss today?14:22
mlavallenot from me14:23
njohnstonno thanks14:23
amotokinothing from me14:23
ralonsohno thanks14:23
haleybnot from me14:24
yamamotono14:24
slaweqok, so thx for attending14:24
slaweqhave a great weekend and see You all next week14:24
slaweqo/14:24
slaweq#endmeeting14:25
ralonsohbye!14:25
*** openstack changes topic to "OpenStack Meetings || https://wiki.openstack.org/wiki/Meetings/"14:25
amotokio/14:25
openstackMeeting ended Fri Sep 25 14:24:59 2020 UTC.  Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)14:25
openstackMinutes:        http://eavesdrop.openstack.org/meetings/neutron_drivers/2020/neutron_drivers.2020-09-25-14.00.html14:25
openstackMinutes (text): http://eavesdrop.openstack.org/meetings/neutron_drivers/2020/neutron_drivers.2020-09-25-14.00.txt14:25
yamamotogood night14:25
openstackLog:            http://eavesdrop.openstack.org/meetings/neutron_drivers/2020/neutron_drivers.2020-09-25-14.00.log.html14:25
mlavalleo/14:25
njohnstono/14:25
*** mlavalle has quit IRC14:32
*** jamesmcarthur has joined #openstack-meeting14:32
*** mlavalle has joined #openstack-meeting14:33
*** slaweq has quit IRC14:37
*** armax has joined #openstack-meeting14:41
*** Lucas_Gray has quit IRC14:42
*** slaweq has joined #openstack-meeting14:44
*** psahoo_ has quit IRC14:48
*** dklyle has quit IRC15:13
*** dklyle has joined #openstack-meeting15:14
*** thiago__ has joined #openstack-meeting15:31
*** tdasilva_ has quit IRC15:33
*** moguimar has quit IRC15:43
*** lpetrut has quit IRC15:48
*** yamamoto has quit IRC15:51
*** gyee has joined #openstack-meeting15:55
*** ralonsoh has quit IRC16:11
*** apetrich has quit IRC16:13
*** apetrich has joined #openstack-meeting16:19
*** ociuhandu has quit IRC16:41
*** e0ne has quit IRC16:45
*** andrebeltrami has joined #openstack-meeting16:47
*** TrevorV has quit IRC17:10
*** abhishekk is now known as abhishekk|away17:27
*** jamesmcarthur has quit IRC18:02
*** jamesmcarthur has joined #openstack-meeting18:12
*** ociuhandu has joined #openstack-meeting18:33
*** psachin has quit IRC18:34
*** ociuhandu has quit IRC18:41
*** dklyle has quit IRC18:41
*** dklyle has joined #openstack-meeting18:42
*** jamesmcarthur has quit IRC18:55
*** jamesmcarthur has joined #openstack-meeting18:56
*** jamesmcarthur has quit IRC18:59
*** jamesmcarthur has joined #openstack-meeting18:59
*** thiago__ has quit IRC19:13
*** thiago__ has joined #openstack-meeting19:14
*** thiago__ has quit IRC19:16
*** thiago__ has joined #openstack-meeting19:17
*** tdasilva_ has joined #openstack-meeting19:31
*** thiago__ has quit IRC19:33
*** whoami-rajat__ has quit IRC19:54
*** jamesmcarthur has quit IRC19:59
*** jamesmcarthur has joined #openstack-meeting20:02
*** Lucas_Gray has joined #openstack-meeting20:02
*** jamesmcarthur has quit IRC20:04
*** jamesmcarthur has joined #openstack-meeting20:05
*** jamesmcarthur has quit IRC20:16
*** baojg has quit IRC20:47
*** baojg has joined #openstack-meeting20:48
*** jamesmcarthur has joined #openstack-meeting20:52
*** slaweq has quit IRC20:54
*** rfolco|ruck has quit IRC20:58
*** jamesmcarthur has quit IRC21:15
*** jamesmcarthur has joined #openstack-meeting21:47
*** apetrich has quit IRC21:49
*** yamamoto has joined #openstack-meeting22:12
*** Lucas_Gray has quit IRC22:26
*** Lucas_Gray has joined #openstack-meeting22:26
*** yamamoto has quit IRC22:45
*** yamamoto has joined #openstack-meeting22:56
*** tosky has quit IRC22:58
*** rfolco|ruck has joined #openstack-meeting23:02
*** jamesmcarthur has quit IRC23:03
*** jamesmcarthur has joined #openstack-meeting23:03
*** Lucas_Gray has quit IRC23:06
*** mlavalle has quit IRC23:07
*** jamesmcarthur has quit IRC23:21
*** baojg has quit IRC23:21
*** baojg has joined #openstack-meeting23:22
*** jamesmcarthur has joined #openstack-meeting23:22
*** rfolco|ruck has quit IRC23:29
*** yamamoto has quit IRC23:32
*** yamamoto has joined #openstack-meeting23:33
*** yamamoto has quit IRC23:33
*** jamesmcarthur has quit IRC23:44
*** jamesmcarthur has joined #openstack-meeting23:47
*** jamesmcarthur has quit IRC23:51
*** jamesmcarthur has joined #openstack-meeting23:53
*** jamesmcarthur has quit IRC23:54
*** jamesmcarthur has joined #openstack-meeting23:56
*** jamesmcarthur has quit IRC23:57
*** ricolin_ has joined #openstack-meeting23:57
« Thursday, 2020-09-24 Index Saturday, 2020-09-26 »

Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!