debian/0000775000000000000000000000000013150075161007167 5ustar debian/glance-api.glance-api.upstart0000775000000000000000000000042612542123512014615 0ustar description "Glance API server" author "Soren Hansen " start on runlevel [2345] stop on runlevel [!2345] respawn exec start-stop-daemon --start --chuid glance \ --chdir /var/lib/glance --name glance-api \ --exec /usr/bin/glance-api debian/control0000664000000000000000000001245512542123512010577 0ustar Source: glance Section: net Priority: extra Maintainer: Ubuntu OpenStack Build-Depends: debhelper (>= 7.0.50), python-all (>= 2.6), sqlite3 Build-Depends-Indep: curl, python-anyjson (>= 0.3.3), python-boto (>= 2.4.0), python-cinderclient (>= 1:1.0.4), python-crypto (>= 2.6), python-eventlet (>= 0.13.0), python-fixtures (>= 0.3.12), python-greenlet (>= 0.3.2), python-httplib2, python-iso8601, python-jsonschema (>= 1.3.0), python-keystoneclient (>= 1:0.3.0), python-kombu (>= 2.4.8), python-lxml (>= 2.3), python-migrate, python-mox, python-openssl, python-oslo.config (>= 1:1.2.0), python-oslosphinx, python-oslo.messaging, python-oslo.vmware, python-passlib, python-paste, python-pastedeploy, python-pbr (>= 0.5.21), python-psutil, python-requests (>= 1.1), python-routes, python-suds, python-six (>= 1.5.2), python-setuptools, python-sphinx, python-sqlalchemy-ext | python-sqlalchemy (>= 0.8.2), python-swiftclient (>= 1:1.2), python-testtools (>= 0.9.32), python-webob (>= 1.2.3), python-xattr, testrepository Standards-Version: 3.9.4 XS-Python-Version: >= 2.6 Homepage: http://launchpad.net/glance Vcs-Browser: http://bazaar.launchpad.net/~ubuntu-server-dev/glance/icehouse/files Vcs-Bzr: https://code.launchpad.net/~ubuntu-server-dev/glance/icehouse XS-Testsuite: autopkgtest Package: python-glance Architecture: all Section: python Depends: python-anyjson (>= 0.3.3), python-boto (>= 2.4.0), python-cinderclient (>= 1:1.0.4), python-crypto (>= 2.6), python-eventlet (>= 0.13.0), python-greenlet (>= 0.3.2), python-httplib2, python-iso8601, python-jsonschema (>= 1.3.0), python-keystoneclient (>= 1:0.3.0), python-kombu (>= 2.4.8), python-lxml (>= 2.3), python-migrate, python-openssl, python-oslo.config (>= 1:1.2.0a3), python-passlib, python-paste, python-pastedeploy, python-routes, python-six (>= 1.5.2), python-sqlalchemy-ext | python-sqlalchemy (>= 0.8.2), python-swiftclient (>= 1:1.2), python-webob (>= 1.2.3), ${misc:Depends}, ${python:Depends} Provides: ${python:Provides} XB-Python-Version: ${python:Versions} Description: OpenStack Image Registry and Delivery Service - Python library The Glance project provides an image registration and discovery service and an image delivery service. These services are used in conjunction by Nova to deliver images from object stores, such as OpenStack's Swift service, to Nova's compute nodes. . This package contains the Python libraries. Package: glance Architecture: all Section: python Depends: glance-api (= ${source:Version}), glance-registry (= ${source:Version}), ${misc:Depends}, ${python:Depends} Suggests: python-ceph Description: OpenStack Image Registry and Delivery Service - Daemons The Glance project provides an image registration and discovery service and an image delivery service. These services are used in conjunction by Nova to deliver images from object stores, such as OpenStack's Swift service, to Nova's compute nodes. . This package is a metapackage for all glance daemons. Package: python-glance-doc Architecture: all Section: doc Depends: libjs-jquery, ${misc:Depends} Description: OpenStack Image Registry and Delivery Service - Documentation The Glance project provides an image registration and discovery service (Parallax) and an image delivery service (Teller). These services are used in conjunction by Nova to deliver images from object stores, such as OpenStack's Swift service, to Nova's compute nodes. . This package contains the documentation. Package: glance-common Architecture: all Section: python Depends: adduser, python-glance (= ${source:Version}), ${misc:Depends}, ${python:Depends} Breaks: glance ( <= 2011.3-0ubuntu4.1 ) Replaces: glance ( <= 2011.3-0ubuntu4.1 ) Description: OpenStack Image Registry and Delivery Service - Common The Glance project provides an image registration, discovery and delivery service. These services may be used as stand-along services, and they may also be used by Nova to deliver images from object stores, such as OpenStack's Swift service, to Nova's compute nodes. . This package contains the glance common. Package: glance-api Architecture: all Section: python Replaces: glance (<< 2012.1~e1~20110919.1021-0ubuntu2) Depends: glance-common (= ${source:Version}), ${misc:Depends}, ${python:Depends} Recommends: python-glanceclient Description: OpenStack Image Registry and Delivery Service - API The Glance project provides an image registration, discovery and delivery service. These services may be used as stand-along services, and they may also be used by Nova to deliver images from object stores, such as OpenStack's Swift service, to Nova's compute nodes. . This package contains the glance API server. Package: glance-registry Architecture: all Section: python Replaces: glance (<< 2012.1~e1~20110919.1021-0ubuntu2) Depends: glance-common (= ${source:Version}), ${misc:Depends}, ${python:Depends} Recommends: python-glanceclient Description: OpenStack Image Registry and Delivery Service - Registry The Glance project provides an image registration, discovery and delivery service. These services may be used as stand-along services, and they may also be used by Nova to deliver images from object stores, such as OpenStack's Swift service, to Nova's compute nodes. . This package contains the glance registry server. debian/glance-registry.logrotate0000775000000000000000000000014712542123512014213 0ustar /var/log/glance/registry.log { daily missingok compress delaycompress notifempty } debian/pycompat0000775000000000000000000000000212542123512010737 0ustar 2 debian/python-glance.install0000664000000000000000000000004012542123512013317 0ustar usr/lib/python*/dist-packages/* debian/glance-common.postrm0000775000000000000000000000045412542123512013160 0ustar #!/bin/sh set -e case $1 in purge) if (which deluser && getent passwd glance) > /dev/null 2>&1; then deluser --system --quiet --backup-to /var/lib glance fi if (which delgroup && getent group glance) > /dev/null 2>&1; then delgroup --system --quiet glance fi ;; esac #DEBHELPER# debian/changelog0000664000000000000000000007761413150074732011063 0ustar glance (1:2014.1.5-0ubuntu1.1) trusty-security; urgency=medium * SECURITY UPDATE: access restrictions bypass via status changing - debian/patches/CVE-2015-5251.patch: prevent image status being directly modified in glance/api/v1/__init__.py, glance/api/v1/images.py, glance/tests/functional/v1/test_api.py, glance/tests/integration/legacy_functional/test_v1_api.py, test-requirements.txt. - CVE-2015-5251 * SECURITY UPDATE: storage quota bypass - debian/patches/CVE-2015-5286.patch: cleanup chunks for deleted image if token expired in glance/api/v1/upload_utils.py, glance/api/v2/image_data.py. - CVE-2015-5286 * SECURITY UPDATE: image status manipulation through locations removal - debian/patches/CVE-2016-0757.patch: prevent user from removing last location of the image in glance/api/v2/images.py, glance/tests/functional/v2/test_images.py, glance/tests/unit/v2/test_images_resource.py. - CVE-2016-0757 -- Marc Deslauriers Fri, 25 Aug 2017 13:10:04 -0400 glance (1:2014.1.5-0ubuntu1) trusty; urgency=medium * Resynchronize with stable/icehouse (f66170d) (LP: #1467533): - [f66170d] Fix Icehouse RBD delete image on creation failure * d/p/fix-requirements.patch: Rebased -- Corey Bryant Mon, 22 Jun 2015 10:12:40 -0400 glance (1:2014.1.4-0ubuntu2) trusty; urgency=medium * d/control: Set minimum python-six dependency to 1.5.2 (LP: #1403114). -- Corey Bryant Mon, 30 Mar 2015 08:54:37 -0400 glance (1:2014.1.4-0ubuntu1) trusty; urgency=medium * Resynchronize with stable/icehouse (81ea399) (LP: #1432608): - [f1260cc] Cleanup chunks for deleted image that was 'saving' - [7d3a1db] Prevent file, swift+config and filesystem schemes - [8bdb7ed] To prevent client use v2 patch api to handle file and swift location - [4b5cb74] Can not delete images if db deadlock occurs - [ef77c79] Move oslo.vmware higher in requirements.txt - [312e93e] Make rbd store's pool handling more universal - [81ea399] Do not log password in swift URLs in g-registry * d/p/fix-requirements.patch: Rebased -- Corey Bryant Mon, 30 Mar 2015 08:53:50 -0400 glance (1:2014.1.3-0ubuntu1) trusty; urgency=medium [ Corey Bryant ] * Resynchronize with stable/icehouse (01ebe84) (LP: #1377136): - [f43b1c2] Block sqlalchemy-migrate 0.9.2 - [d0453ae] Check on schemes not stores - [bba31d0] Fix collection order issues and unit test failures - [31a4d18] Enforce image_size_cap on v2 upload - [fcc9379] Fix image killed after deletion - [01ebe84] Set python hash seed to 0 in tox.ini -- Chuck Short Mon, 06 Oct 2014 08:49:14 -0400 glance (1:2014.1.2-0ubuntu1) trusty; urgency=medium [ Corey Bryant ] * Resynchronize with stable/icehouse (94383db) (LP: #1354159): - [5508653] Fix lazy translation UnicodeErrors - [94383db] Provide explicit image create value for test_image_paginate case * d/p/fix-requirements.patch: Refreshed. * d/p/skip-tests.patch: Dropped. * d/p/skip-tests-2.patch: Updated description. [ James Page ] * d/watch: Point to tarballs.openstack.org for release artifacts. -- Corey Bryant Thu, 07 Aug 2014 17:09:28 -0400 glance (1:2014.1.1-0ubuntu2) trusty; urgency=medium * d/p/skip-tests-2.patch: Add patch to skip broken upstream tests. See https://bugs.launchpad.net/glance/+bug/1298918. -- Corey Bryant Tue, 01 Jul 2014 17:09:32 -0400 glance (1:2014.1.1-0ubuntu1) trusty; urgency=medium * Resynchronize with stable/icehouse (cd1c30a) (LP: #1328134): - [19de115] Prevent creation of http images with invalid URIs - [e96a53a] Fixes installation of test-requirements - [cd1c30a] Updated from global requirements * d/p/fix-requirements.patch: Add patch to drop minimum version requirement for six. -- Corey Bryant Mon, 09 Jun 2014 14:55:05 -0400 glance (1:2014.1-0ubuntu1) trusty; urgency=medium * New upstream release (LP: #1299055). -- Corey Bryant Wed, 16 Apr 2014 13:07:26 -0400 glance (1:2014.1~rc2-0ubuntu1) trusty; urgency=medium [ Chuck Short ] * New upstream release candidate (LP: #1299055). * debian/patches/sql_conn.patch: Refreshed. * debian/glance-api.install: Install missing schema.json file. (LP: #1307518) [ Thomas Bechtold ] * debian/glance-common.postinst: Set correct owner/group for /var/lib/glance and subdirs only on local filesystems (LP: #1302044). -- Chuck Short Sat, 12 Apr 2014 08:45:20 -0400 glance (1:2014.1~rc1-0ubuntu1) trusty; urgency=medium [ James Page ] * d/glance-common.postinst: Don't recursively set permissions on /var/lib/glance as it might not be a local filesystem (LP: #1214947). [ Chuck Short ] * debian/control: Use python-oslosphinx. * debian/patches/use-oslo.sphinx.patch: Dropped no longer needed. [ Corey Bryant ] * New upstream release (LP: #1299055). -- Corey Bryant Tue, 01 Apr 2014 16:57:09 -0400 glance (1:2014.1~b3-0ubuntu2) trusty; urgency=medium * d/glance-registry.postinst: Tidy detection of the default sqlite connection when running db_sync (LP: #1290423). -- James Page Thu, 13 Mar 2014 10:38:35 +0000 glance (1:2014.1~b3-0ubuntu1) trusty; urgency=low * New upstream release. * debian/patches/bump-sqlalchemy-versions.patch: Dropped no longer needed. * debian/patches/disable-network-for-docs.patch: Dropped no longer needed. * debian/patches/use-oslo.sphinx.patch: Use oslo.sphinx for the namespace. * debian/control: - Dropped python-nose as a build dependency. - Add testrepository as a build dependency. - Add python-suds as a build dependency. - Add python-oslo.vmware as a build dependency. -- Chuck Short Thu, 06 Mar 2014 12:54:54 -0500 glance (1:2014.1~b2-0ubuntu1) trusty; urgency=medium * New upstream release. * debian/control: Add python-psutil as a build dependency. * debian/patches/skip-tests.patch: Rediffed. * debian/patches/debian/patches/ensure_versioned_db_models.patch: Removed crufty patch. -- Chuck Short Thu, 23 Jan 2014 13:09:00 -0500 glance (1:2014.1~b1-0ubuntu1) trusty; urgency=low * New upstream release. * debian/control: - Open icehouse release. - Add python-oslo.messaging dependency. * debian/patches/skip-patches: Refreshed. * debian/rules: Refactored doc creation. -- Chuck Short Thu, 05 Dec 2013 13:10:01 -0500 glance (1:2013.2-0ubuntu1) saucy; urgency=low * New upstream release (LP: #1236462). -- Chuck Short Thu, 17 Oct 2013 10:11:10 -0400 glance (1:2013.2~rc2-0ubuntu1) saucy; urgency=low * New upstream release candidate. -- Chuck Short Fri, 11 Oct 2013 09:50:59 -0400 glance (1:2013.2~rc1-0ubuntu2) saucy; urgency=low [ Chuck Short ] * debian/rules: Run the full testsuite using the upstream wrapper including functional tests for glance, also fixes test failures on Ubuntu 12.04 with Havana Cloud Archive (LP: #1236376). -- James Page Tue, 08 Oct 2013 13:55:49 +0100 glance (1:2013.2~rc1-0ubuntu1) saucy; urgency=low * New upstream version. * debian/control: - Added dependency for python-pbr, python-six, and python-d21 explicitly. - Add versioned dependency for python-anyjson, python-greenlet, python-boto, python-eventlet, python-kombu, python-oslo.config, python-crypto,python-webob, python-swiftclient, python-jsonschema, python-keystoneclient, python-requests, python-fixtures, python-testtools, - Bump versioned depependency for python-sqlalchemy. - Dropped python-argparse, python-dateutil, python-setuptools, python-requests, python-d2to1, python-keystone python-xattr from binary dependencies. - Renamed python-oslo-config to python-oslo.config and added versioned dependency. - Dropped versioned dependency from httplib2. * debian/rules: Re-enable testsuite. * debian/patches/skip-tests.patch: Skip tests that fail in the buildds. -- Chuck Short Wed, 02 Oct 2013 13:10:52 -0400 glance (1:2013.2~b3-0ubuntu1) saucy; urgency=low [ Chuck Short ] * New upstream release. * debian/control: Add python-oslo.sphinx as a build dependency. [ James Page ] * d/p/*: Refreshed patches. -- Chuck Short Sun, 08 Sep 2013 21:03:21 -0400 glance (1:2013.2~b2-0ubuntu2) saucy; urgency=low * d/p/bump-sqlalchemy-versions.patch: Include 0.8.x of SQLAlchemy as a supported version. -- James Page Wed, 24 Jul 2013 08:26:23 +0100 glance (1:2013.2~b2-0ubuntu1) saucy; urgency=low [ Yolanda Robla ] * debian/tests: added autopkgtests [ James Page ] * New upstream release. * d/control: Update VCS fields for new branch locations. * d/control: Drop BD on pep8, not required. * d/control: Add missing BD's on python-greenlet and python-cinderclient. * d/control: Bumped Standards-Version 3.9.4: - d/copyright: Use released version of DEP-5, tidy fields for new names. -- James Page Fri, 19 Jul 2013 16:05:21 +0100 glance (1:2013.2~b1-0ubuntu2) saucy; urgency=low * Depend on python-oslo.config instead of python-oslo-config. -- Adam Conrad Sat, 06 Jul 2013 15:33:59 -0600 glance (1:2013.2~b1-0ubuntu1) saucy; urgency=low * New upstream release. * debian/control: Add python-openssl as a build-depends. * debian/patches/fix-nosetests-path.patch: No longer needed. * debian/rules: Temporarily disable tests. -- Chuck Short Fri, 31 May 2013 08:17:08 -0500 glance (1:2013.1-0ubuntu1) raring; urgency=low * New upstream release. * debian/patches/fix-ubuntu-testing.patch: Dropped no longer needed. -- Chuck Short Thu, 04 Apr 2013 13:24:42 -0500 glance (1:2013.1~rc1-0ubuntu2) raring; urgency=low * debian/patches/fix-ubuntu-tests.patch: Add configuration change to allow testsuite to finish on Ubuntu buildds. (LP: #1158247) -- Chuck Short Fri, 22 Mar 2013 10:55:03 -0500 glance (1:2013.1~rc1-0ubuntu1) raring; urgency=low [ James Page ] * d/watch: Update uversionmangle to deal with upstream versioning changes, remove tarballs.openstack.org. [ Chuck Short ] * New upstrem release * debian/control: Clean up build-dependencies: - Drop python-argparse referenced in pydist-overrides - Drop python-swift no longer needed. - Drop python-dateutils no longer needed. - Drop python-glacneclient no longer needed. - Added python-anyjson to build-depends. - Use python-keystoneclient instead of python-keystone. - Added python-lxml to build-depends. - Added python-swiftclientto build-depends. - Added python-passlib to build-depends. * debian/rules: Set the PYTHONPATH for the tests. -- Chuck Short Wed, 20 Mar 2013 07:42:22 -0500 glance (2013.1.g3-0ubuntu1) raring; urgency=low [ James Page ] * d/control: Add python-fixtures and python-testtools to BD's. * d/control: Drop Vcs-* fields as they are no longer relevant. [ Chuck Short ] * New usptream release * debian/control: Add python-oslo-config. * debian/rules: Use python setup.py tests to run the tests. * debian/patches/fix-nosetests-path.patch: Specify the path to glance/tests so we dont get errors when trying to run the testsuite. -- Chuck Short Fri, 22 Feb 2013 09:08:06 -0600 glance (2013.1~g2-0ubuntu1) raring; urgency=low [ James Page ] * New upstream release. * Re-enable gating of package build based on unit test success: - d/rules: Enable build failure on unit testing failure, scope test execution to glance/tests. * Switched upstart configurations to use start-stop-daemon instead of su. * General package tidy: - d/control: Drop glance-client package. - d/control: Drop BD on python-dev-all. - Wrapped and sorted. [ Adam Gandelman ] * debian/*.manpages: Install Sphinx-generated manpages for binaries installed by glance-common, glance-registry, and glance-api. [ Yolanda Robla Mota ] * Updated package version -- Chuck Short Fri, 11 Jan 2013 08:05:41 -0600 glance (2013.1~g1-0ubuntu1) raring; urgency=low [ Adam Gandelman ] * debian/patches/*: Refreshed for opening of Grizzly. [ Chuck Short ] * debian/glance-client.install: Dropped * New upstream version * debian/rules: FTBFS if there are missing binaries * debian/glance-registry.install: Add glance-replicator * debian/patches/disable-swift-tests.patch: Dropped. [ Yolanda Robla ] * debian/rules: FTBFS if tests are run, force to skip them. -- Chuck Short Fri, 23 Nov 2012 10:09:59 -0600 glance (2012.2-0ubuntu2) quantal-proposed; urgency=low * Glance should suggest python-ceph, not ceph-common (LP: #1065903): - debian/control: glance Suggests: ceph-common -> python-ceph. -- James Page Fri, 12 Oct 2012 15:43:54 +0100 glance (2012.2-0ubuntu1) quantal; urgency=low * debian/control: Clean-up python depends. Thanks to Sam Morrison. (LP: #1053790) * New upstream release. -- Chuck Short Thu, 27 Sep 2012 13:05:21 -0500 glance (2012.2~rc3-0ubuntu1) quantal; urgency=low * New usptream release. -- Chuck Short Wed, 26 Sep 2012 12:37:00 -0500 glance (2012.2~rc2-0ubuntu1) quantal; urgency=low * debian/control: Suggest ceph-common. * debian/control: Add python-glanceclient as a build depends. * New upstream release. * debian/patches/disable-swift-tests.patch: Refreshed. -- Chuck Short Wed, 26 Sep 2012 12:32:50 -0500 glance (2012.2~rc1-0ubuntu1) quantal; urgency=low * New upstrem release. * debian/glance.logrotate: compress right logfiles when rotating them. (LP: #1049314) -- Chuck Short Mon, 17 Sep 2012 07:44:11 -0500 glance (2012.2~rc1~20120907.129.f0bd856-0ubuntu1) quantal; urgency=low [ Chuck Short ] * New upstream version. * drop debian/patches/fix-docs-build.patch. * debian/rules: Re-activate tests. * debain/control: Add depends on python-swiftclient. * debian/*.usptart: make glance start from runlevel 1 to runlevel 2. (LP: #820688) [ Soren Hansen ] * Update debian/watch to account for symbolically named tarballs and use newer URL. * New snapshot. * Refresh disable-network-for-docs.patch * Fix Launchpad URLs in debian/watch. -- Chuck Short Fri, 07 Sep 2012 12:17:46 -0500 glance (2012.2~f3-0ubuntu1) quantal; urgency=low [ Adam Gandleman ] * debian/patches/sql_conn.patch: Also set default sqlite path for in glance-api.conf. (LP: #1028711) * debian/patches/fix-docs-build.patch: Fix docs build [ Chuck Short ] * New upstream version. * debian/control: python-xattr is no longer a required depends. (LP: #1031396) * debian/control: Move python-jsonschema to glance. (LP: #1030152) * debian/control: Start the slow transition to python-glanceclient. -- Chuck Short Thu, 16 Aug 2012 13:58:32 -0500 glance (2012.2~f2-0ubuntu1) quantal; urgency=low * New upstream version. -- Chuck Short Fri, 06 Jul 2012 11:13:13 -0400 glance (2012.2~f2~20120621.1644-0ubuntu1) quantal; urgency=low [ Chuck Short ] * New upstream release. * debian/glance-reigstry.logrotate: Rotate the right logfile. (LP: #1009996) * debian/control: Fix short description of glance-client. (LP: #982658) * debian/pydist-overrides: Add argparse and python_swiftclient. [ Adam Gandelman ] * debian/glance-api.install: Remove glance-{scrubber, cache}-paste.ini. * debian/patches/ensure_versioned_db_models.patch: Disable while database related code changes settle upstream. -- Chuck Short Fri, 22 Jun 2012 09:18:07 -0400 glance (2012.2~f2~20120531.1560-0ubuntu2) quantal; urgency=low * debian/patches/ensure_versioned_db_models.patch: Refresh. * debian/patches/disable-swift-tests.patch: Refresh. * debian/control: Re-enable python-jsonchema Dependency now that it has landed in main. -- Adam Gandelman Tue, 05 Jun 2012 10:53:30 -0700 glance (2012.2~f2~20120531.1560-0ubuntu1) quantal; urgency=low * New upstream release. -- Chuck Short Fri, 01 Jun 2012 10:56:09 -0400 glance (2012.2~f2~20120524.1541-0ubuntu1) quantal; urgency=low [ Adam Gandelman ] * debian/patches/ensure_versioned_db_models.patch: Check for valid db models+schema at service start, and ensure db is version controlled before running all migrations. * debian/{control, pydist-overrides}: *Temporarily* disable non-main dependencies pending MIRs * debian/rules: *Temporarily* disable tests until new dependencies are satisfied [ Chuck Short ] * New upstream version. * Prepare for quantal: - Removed debian/patches/fix_migration_012_foreign_keys.patch - Removed debian/patches/disable_db_table_auto_create.patch - Removed debian/patches/convert_properties_to_uuid.patch * debian/control: Add dependency on python-requests * debian/control: Add dependency on python-jsonschema * debian/control: Add python-keystone as a depends. (LP: #901881) * debian/patches/disable-swift-tests.patch: Rediffed [ Paul Belanger ] * debian/glance-common.postinst - Give glance group read permission to /etc/glance (LP: #989205) -- Adam Gandelman Thu, 24 May 2012 10:26:57 -0700 glance (2012.1-0ubuntu2) precise; urgency=low [ Adam Gandelman ] * debian/patches/disable_db_table_auto_create.patch: Disable auto-creation of database schema at service start, inspect for consistenty and advise running manual migrations instead. * debian/patches/fix_migration_012_foreign_keys.patch: Fix a migration issue around missing FKs. Cherry-picked from upstream. Can be dropped with first stable update. * debian/patches/convert_properties_to_uuid.patch: Fixes migration 012 to also convert kernel_id and ramdisk_ids to UUID. Cherry picked from upstream. Can be dropped with first stable update (LP: #975651) * debian/glance-common.postinst: Clean up, fix purging issue due to poor us of conditionals [ Chuck Short ] * debian/control: Fix upgrades from oneiric to precise. (LP: #974592) -- Chuck Short Thu, 12 Apr 2012 16:05:44 -0400 glance (2012.1-0ubuntu1) precise; urgency=low * New upstream release. -- Chuck Short Thu, 05 Apr 2012 10:24:28 -0400 glance (2012.1~rc3-0ubuntu1) precise; urgency=low * New upstream release. * debian/control: Add sqlite3 as a Build-Depends (for test suite) -- Adam Gandelman Tue, 03 Apr 2012 16:06:52 -0700 glance (2012.1~rc2-0ubuntu1) precise; urgency=low * New upstream release. * debian/rules: Fail build if testsuite fails. * debian/patches/disable-swift-tests.patch: Disable swift tests that require a swift server setup. * debian/patches/disable-network-for-docs.patch: Disable network for building docs. -- Chuck Short Mon, 02 Apr 2012 10:52:36 -0400 glance (2012.1~rc1-0ubuntu2) precise; urgency=low * New upstream release. This is hopefully the last release before final. * debian/patches/0001-Fix-depreceated-warnings.patch: Dropped. -- Chuck Short Wed, 21 Mar 2012 09:47:54 -0400 glance (2012.1~rc1~20120316.1354-0ubuntu1) precise; urgency=low * New upstream release. -- Adam Gandelman Fri, 16 Mar 2012 16:23:34 -0400 glance (2012.1~rc1~20120309.1315-0ubuntu2) precise; urgency=low * debian/glance-common.postinst - Give adm group read permission to /var/log/glance (LP: #950935) -- Paul Belanger Fri, 09 Mar 2012 11:04:43 -0500 glance (2012.1~rc1~20120309.1315-0ubuntu1) precise; urgency=low * New upstream version. * debian/control, debian/glance-client.install, glance-common.install: Add glance-client package. (LP: #928378) * debian/watch: Fix watch file. * Fix lintian warnings. -- Chuck Short Fri, 09 Mar 2012 11:33:12 -0500 glance (2012.1~e4-0ubuntu1) precise; urgency=low * New upstream release. * debian/control: Add python date-util. (LP: #943748) * debian/control: Add ca-certificates. (LP: #932800) * debian/control: Add python-iso8601 to fix testsuite failures. -- Chuck Short Tue, 06 Mar 2012 09:30:41 -0500 glance (2012.1~e4~20120224.1290-0ubuntu1) precise; urgency=low [ Adam Gandelman ] * debian/control: Add new dependency to python-glance: python-iso8601. [ Chuck Short ] * New upstream release. -- Chuck Short Thu, 01 Mar 2012 09:04:54 -0500 glance (2012.1~e4~20120217.1275-0ubuntu1) precise; urgency=low [ Chuck Short ] * New upstream release. [ Dave Walker (Daviey ] * debian/patches/fix-broken-unittests.patch: Back out patch as it seems to be present in upstream git, but missing in upstream tarballs. Which is blocking CI testing. -- Chuck Short Fri, 17 Feb 2012 09:50:40 -0500 glance (2012.1~e4~20120209.1254-0ubuntu1) precise; urgency=low * New upstream version. * debian/patches/fix-broken-unittests.patch: Fix broken unittests. -- Chuck Short Fri, 10 Feb 2012 10:04:58 -0500 glance (2012.1~e3-0ubuntu1) precise; urgency=low [Chuck Short] * New upstream version. * debian/control: Add python-crypto as a build dependency. [Adam Gandleman] * debian/glance-api.install: Add policy.json -- Chuck Short Thu, 26 Jan 2012 09:22:37 -0500 glance (2012.1~e3~20120120.1206-0ubuntu1) precise; urgency=low [Chuck Short] * New upstream release. [Adam Gandleman] * debian/glance-api.install, glance-registry.install: Install new paste configs that have been split among servers. -- Chuck Short Fri, 20 Jan 2012 14:37:16 -0500 glance (2012.1~e3~20120112.1060-0ubuntu1) precise; urgency=low [Chuck Short] * New upstream release. * Drop debian/pyversions. * debian/glance-api.logrotate, debian/glance-registry.logroate: Add logrotate files. (LP: #904216) * Update vcs information. * Fix up some lintian warnings. [Adam Gandleman] * debian/control: Drop python-support from Build-Depends * debian/python-glance.postinst: Removed. python-support is needed for update-python-modules but not a dependency. Let dh_python2 generate instead. (LP: #907543) -- Chuck Short Fri, 13 Jan 2012 10:50:40 +0100 glance (2012.1~e2-0ubuntu4) precise; urgency=low * python-glance.postinst: Remove, obsolete call to update-python-modules. -- Matthias Klose Mon, 02 Jan 2012 13:02:24 +0100 glance (2012.1~e2-0ubuntu2) precise; urgency=low * debian/glance-registry.postinst: Fix typo in postinst. -- Chuck Short Fri, 16 Dec 2011 15:57:19 -0500 glance (2012.1~e2-0ubuntu1) precise; urgency=low * New upstream release. * Merge upstream debian packaging changes. * debian/*.upstart: Move upstart jobs to the approiate packages. * debian/glance-api.postinst, debian/glance-registry.postinst: Move configuration into glance-common.postinst, because it was doing the same thing. * debian/glance-common.prerm: Dropped, remove cruft. * debian/glance-api.prerm: Fixed bashism. * debian/glance-registry.prerm: Fixed bashism. * debian/glance-common.postinst: Change shell back to /bin/false. * debian/glance.dirs, debian/glance-common.dirs: Merged, removed unecessary glance.dirs. * debian/control: Re-add missing python-dependencies. * debian/glance-registry.postinst: Create the database when installing glance-registry. * debian/glance-common.postin: Re-add approiate permissions. -- Chuck Short Fri, 16 Dec 2011 14:19:59 -0500 glance (2012.1~e2~20111209.1132-0ubuntu2) precise; urgency=low [ Adam Gandelman ] * debian/glance.postinst: Specify shell when migrating sqllite database as glance user. (LP: #902429) -- Chuck Short Mon, 12 Dec 2011 10:18:49 -0500 glance (2012.1~e2~20111209.1132-0ubuntu1) precise; urgency=low * debian/glance.postinst, debian/glance.glance-api.upstart, glance.glance-registry.upstart: Switch shell to /bin/false. (LP: #890362) -- Chuck Short Fri, 09 Dec 2011 15:34:33 -0500 glance (2012.1~e2~20111201.1123-0ubuntu2) precise; urgency=low * debian/control: Add dependencies previously removed from python-glance to glance package where they are actually required. (LP: #899970). -- Chuck Short Thu, 08 Dec 2011 11:23:49 -0500 glance (2012.1~e2~20111201.1123-0ubuntu1) precise; urgency=low [Chuck Short] * New upstream release. [Jay Pipes] * Removes now-unnecessary dependencies from client package * Rewrote the description for the Glance project to remove ancient language about Teller and Parallax. -- Chuck Short Fri, 02 Dec 2011 12:53:54 -0500 glance (2012.1~e2~20111125.1118-0ubuntu1) precise; urgency=low * New upstream version. -- Chuck Short Fri, 25 Nov 2011 10:53:04 -0500 glance (2012.1~e2~20111117.1112-0ubuntu1) precise; urgency=low * New upstrem release. -- Chuck Short Fri, 18 Nov 2011 09:07:13 -0500 glance (2012.1~e1-0ubuntu1) precise; urgency=low * New upstream release. * Sync with upstream changes. -- Chuck Short Fri, 11 Nov 2011 13:50:35 -0500 glance (2012.1~e1~20111021.1056-0ubuntu1) precise; urgency=low * New upstream release. * Dropped patches: - debian/patches/lp_845788_glance_client_zero_length.patch - debian/patches/lp_850425_remote_swift_image_streaming.patch * debian/control: - Add dependency on python-httplib2. (LP: #779311) - Add dependency on python-paste. * debian/patches/sql_conn.patch: Updated for update config file. * debian/glance.install: Update for new config files. -- Chuck Short Fri, 21 Oct 2011 14:11:04 -0400 glance (2011.3-0ubuntu4) oneiric; urgency=low [ Adam Gandelman ] * debian/glance.postinst: Restrict permissions of /etc/glance/ and /var/log/glance/ (LP: #862844) -- Chuck Short Fri, 30 Sep 2011 16:00:33 -0400 glance (2011.3-0ubuntu3) oneiric; urgency=low [Scott Moser] * fix bug with glance and swift driver that resulted in zero length images. (LP: #845788) [Chuck Short] * Make streaming images from swift actually usuable. (LP: #850425) -- Chuck Short Tue, 27 Sep 2011 14:49:05 -0400 glance (2011.3-0ubuntu2) oneiric; urgency=low * debian/glance.{postinst,postrm}: Fix syntax error, /dev/null redirect typos. Only remove user/group in .postrm if they exist. (LP: #857021) -- Adam Gandelman Thu, 22 Sep 2011 21:03:26 -0700 glance (2011.3-0ubuntu1) oneiric; urgency=low * New upstream release. * debian/glance.postinst: Add glance group and add glance user to it. (LP: #851860) -- Chuck Short Thu, 22 Sep 2011 10:45:33 -0400 glance (2011.3~rc~20110915.r1007-0ubuntu1) oneiric; urgency=low [ Chuck Short ] * New upstream release. * debian/rules: Dont fail to build because of broken testsuite. [ Monty Taylor ] * Added branch condition to fix build on lucid. -- Monty Taylor Mon, 19 Sep 2011 13:03:41 -0400 glance (2011.3~rc~20110908.r1005-0ubuntu1) oneiric; urgency=low * New upstream release. -- Chuck Short Fri, 09 Sep 2011 14:59:27 -0400 glance (2011.3~rc~20110831.1002-0ubuntu1) oneiric; urgency=low * New upstream release. -- Chuck Short Fri, 02 Sep 2011 13:50:13 -0400 glance (2011.3~d4-0ubuntu1) oneiric; urgency=low [Chuck Short] * New upstream release. [ Monty Taylor ] * New upstream release. * Added python-kombu as Depends and Build-depends. [ Scott Moser ] * glance.postinst: use a trailing slash when using chown on directories [ Ben Howard ] * Install /etc/glance-scrubber.conf by default (LP: #816972) * Remove glance user and logs on purge (LP: #828721) * Converted dh to use "--with python2". * Incremented standards version to 3.9.2; no changes required -- Chuck Short Fri, 26 Aug 2011 10:13:39 -0400 glance (2011.3~d4~20110811.980-0ubuntu1) oneiric; urgency=low * New upstream release. -- Chuck Short Fri, 12 Aug 2011 05:23:21 -0400 glance (2011.3~d3~20110709.152-0ubuntu2) UNRELEASED; urgency=low [ Adam Gandelman ] * Add python-xattr to Depends of python-glance [ Jay Pipes ] * Add python-boto to Build-depends. [ Dan Prince ] * Updates to support glance caching config files and directories. -- Monty Taylor Tue, 02 Aug 2011 08:55:11 -0700 glance (2011.3~d3~20110709.152-0ubuntu1) UNRELEASED; urgency=low * New upstream snapshot. * Remove python-daemon as a dependency again. * Make Vcs-* headers point to the packaging trunk (instead of the natty branch). -- Soren Hansen Tue, 12 Jul 2011 21:57:41 +0200 glance (2011.3~d3~20110707.151-0ubuntu1) oneiric; urgency=low * New upstream release. * debian/control: python-hashlib -- Chuck Short Fri, 08 Jul 2011 12:59:49 -0400 glance (2011.3~d2-0ubuntu2) oneiric; urgency=low * debian/control: Add python-httplib2. -- Chuck Short Thu, 30 Jun 2011 17:42:46 +0100 glance (2011.3~d2-0ubuntu1) oneiric; urgency=low [Chuck Short] * New upstream release. [Adam Gandelman] * Remove shell redirects in upstart jobs to ensure correct permissions on logfiles. (LP: #784837) -- Chuck Short Thu, 30 Jun 2011 17:20:19 +0100 glance (2011.3~d1-0ubuntu2) UNRELEASED; urgency=low * debian/control: Dropped python-daemon, its not used anywhere. -- Chuck Short Thu, 23 Jun 2011 15:37:22 -0400 glance (2011.3~d1-0ubuntu1) oneiric; urgency=low * New Upstream release. -- Chuck Short Thu, 02 Jun 2011 09:38:43 -0400 glance (2011.2~bzr132-0ubuntu1) oneiric; urgency=low [ Soren Hansen ] * Fix accidentally inverted logic that protects against upgrading shared databases. * Fix the call that is supposed to upgrade the sqlite database. * Make sure python modules are completely configured once python- glance's postinst is done. (LP: #778463) * Make sure doc/build exists once we try to build docs. We remove it on clean, and older versions of sphinx do not make sure to create it. [ Dan Prince ] * Add support for DEB_BUILD_OPTIONS=nocheck,nodocs. * Updated to support new glance-api.conf and glance-registry.conf files. * Updated log file locations in the upstart scripts to match new config file defaults. -- Soren Hansen Wed, 25 May 2011 15:57:15 +0200 glance (2011.2-0ubuntu1) natty; urgency=low * New upstream version. -- Chuck Short Fri, 15 Apr 2011 08:18:16 -0400 glance (2011.2~bzr108-0ubuntu1) natty; urgency=low [ Soren Hansen ] * Run test suite during build * Add pep8 as a build-dependency. * Add python-{daemon,eventlet,sqlalchemy} as dependencies of python- glance. Add python-argparse as a dependency of glance. * Add dependency on python-pastedeploy and python-migrate. * Remove deps on Twisted and gflags. * Add curl to build-depends. The test suite needs it. * Add dep on python-argparse. * Build-depend on python-swift. The test suite needs the Swift client. * Install glance-api and glance-registry upstart jobs. (LP: #757404) * Create and chown /var/log/glance directory on install. * Install sample config by default. * Create db on install. -- Chuck Short Tue, 12 Apr 2011 09:52:06 -0400 glance (0.1.3pre~bzr39-0ubuntu1) natty; urgency=low * Initial upload. -- Soren Hansen Wed, 19 Jan 2011 12:01:32 +0100 debian/glance-api.logrotate0000775000000000000000000000014212542123512013107 0ustar /var/log/glance/api.log { daily missingok compress delaycompress notifempty } debian/python-glance-doc.links0000775000000000000000000000031112542123512013540 0ustar # Overwrite jquery.js from upstream tarball with a link to jquery.js # provided by jQuery Debian package /usr/share/javascript/jquery/jquery.js usr/share/doc/python-glance-doc/html/_static/jquery.js debian/source/0000775000000000000000000000000012542123512010465 5ustar debian/source/format0000775000000000000000000000001412542123512011676 0ustar 3.0 (quilt) debian/glance-common.manpages0000664000000000000000000000007512542123512013423 0ustar doc/build/man/glance-control.1 doc/build/man/glance-manage.1 debian/compat0000775000000000000000000000000212542123512010366 0ustar 7 debian/glance-common.dirs0000664000000000000000000000016312542123512012567 0ustar /etc/glance/ /var/lib/glance/ /var/log/glance/ /var/lib/glance/image-cache /var/lib/glance/images /var/log/glance/ debian/patches/0000775000000000000000000000000013150074712010617 5ustar debian/patches/fix-requirements.patch0000664000000000000000000000047012542123512015145 0ustar Description: Set min version of six. Author: Corey Bryant Forwarded: Not needed. --- a/requirements.txt +++ b/requirements.txt @@ -39,6 +39,6 @@ pyOpenSSL>=0.11,<=0.14 # Required by openstack.common libraries -six>=1.6.0,<=1.9.0 +six>=1.5.2,<=1.9.0 oslo.messaging>=1.3.0,<1.5 debian/patches/skip-tests-2.patch0000664000000000000000000000132312542123512014101 0ustar Description: Skip broken tests until fixed upstream. This fails only on ppa builds. See https://bugs.launchpad.net/glance/+bug/1298918 Author: Corey Bryant Forwarded: Not needed. --- a/glance/tests/unit/v1/test_api.py +++ b/glance/tests/unit/v1/test_api.py @@ -902,7 +902,10 @@ req.headers['Content-Type'] = 'application/octet-stream' res = req.get_response(self.api) - self.assertEqual(res.status_int, 201) + try: + self.assertEqual(res.status_int, 201) + except: + self.skipTest('Skipped by Ubuntu') def test_add_copy_from_with_nonempty_body(self): """Tests creates an image from copy-from and nonempty body""" debian/patches/series0000775000000000000000000000016513150054745012045 0ustar fix-requirements.patch skip-tests-2.patch sql_conn.patch CVE-2015-5251.patch CVE-2016-0757.patch CVE-2015-5286.patch debian/patches/CVE-2015-5251.patch0000664000000000000000000002332413150052163013234 0ustar From 45be8e1c620c50f3cbca76f561945200a8843bc8 Mon Sep 17 00:00:00 2001 From: Stuart McLaren Date: Tue, 11 Aug 2015 10:37:09 +0000 Subject: [PATCH] Prevent image status being directly modified via v1 Users shouldn't be able to change an image's status directly via the v1 API. Some existing consumers of Glance set the x-image-meta-status header in requests to the Glance API, eg: https://github.com/openstack/nova/blob/master/plugins/xenserver/xenapi/etc/xapi.d/plugins/glance#L184 We should try to prevent users setting 'status' via v1, but without breaking existing benign API calls such as these. I've adopted the following approach (which has some prior art in 'protected properties'). If a PUT request is received which contains an x-image-meta-status header: * The user provided status is ignored if it matches the current image status (this prevents benign calls such as the nova one above from breaking). The usual code (eg 200) will be returned. * If the user provided status doesn't match the current image status (ie there is a real attempt to change the value) 403 will be returned. This will break any calls which currently intentionally change the status. APIImpact Closes-bug: 1482371 Change-Id: I44fadf32abb57c962b67467091c3f51c1ccc25e6 (cherry picked from commit 4d08db5b6d42323ac1958ef3b7417d875e7bea8c) (cherry picked from commit 9beca533f42ae1fc87418de0c360e19bc59b24b5) --- glance/api/v1/__init__.py | 3 + glance/api/v1/images.py | 9 +++ glance/tests/functional/v1/test_api.py | 89 ++++++++++++++++++++++ .../integration/legacy_functional/test_v1_api.py | 2 + test-requirements.txt | 5 ++ 5 files changed, 108 insertions(+) Index: glance-2014.1.5/glance/api/v1/__init__.py =================================================================== --- glance-2014.1.5.orig/glance/api/v1/__init__.py 2017-08-25 12:46:16.385651676 -0400 +++ glance-2014.1.5/glance/api/v1/__init__.py 2017-08-25 12:46:16.381651676 -0400 @@ -21,3 +21,6 @@ SUPPORTED_PARAMS = ('limit', 'marker', ' # Metadata which only an admin can change once the image is active ACTIVE_IMMUTABLE = ('size', 'checksum') + +# Metadata which cannot be changed (irrespective of the current image state) +IMMUTABLE = ('status',) Index: glance-2014.1.5/glance/api/v1/images.py =================================================================== --- glance-2014.1.5.orig/glance/api/v1/images.py 2017-08-25 12:46:16.385651676 -0400 +++ glance-2014.1.5/glance/api/v1/images.py 2017-08-25 12:46:16.381651676 -0400 @@ -53,6 +53,7 @@ LOG = logging.getLogger(__name__) SUPPORTED_PARAMS = glance.api.v1.SUPPORTED_PARAMS SUPPORTED_FILTERS = glance.api.v1.SUPPORTED_FILTERS ACTIVE_IMMUTABLE = glance.api.v1.ACTIVE_IMMUTABLE +IMMUTABLE = glance.api.v1.IMMUTABLE CONF = cfg.CONF CONF.import_opt('disk_formats', 'glance.common.config', group='image_format') @@ -843,6 +844,14 @@ class Controller(controller.BaseControll request=req, content_type="text/plain") + for key in IMMUTABLE: + if (image_meta.get(key) is not None and + image_meta.get(key) != orig_image_meta.get(key)): + msg = _("Forbidden to modify '%s' of image.") % key + raise HTTPForbidden(explanation=msg, + request=req, + content_type="text/plain") + # The default behaviour for a PUT /images/ is to # override any properties that were previously set. This, however, # leads to a number of issues for the common use case where a caller Index: glance-2014.1.5/glance/tests/functional/v1/test_api.py =================================================================== --- glance-2014.1.5.orig/glance/tests/functional/v1/test_api.py 2017-08-25 12:46:16.385651676 -0400 +++ glance-2014.1.5/glance/tests/functional/v1/test_api.py 2017-08-25 12:46:16.381651676 -0400 @@ -550,3 +550,92 @@ class TestApi(functional.FunctionalTest) self.assertEqual(len(images), 0) self.stop_servers() + + def test_status_cannot_be_manipulated_directly(self): + self.cleanup() + self.start_servers(**self.__dict__.copy()) + headers = minimal_headers('Image1') + + # Create a 'queued' image + http = httplib2.Http() + headers = {'Content-Type': 'application/octet-stream', + 'X-Image-Meta-Disk-Format': 'raw', + 'X-Image-Meta-Container-Format': 'bare'} + path = "http://%s:%d/v1/images" % ("127.0.0.1", self.api_port) + response, content = http.request(path, 'POST', headers=headers, + body=None) + self.assertEqual(201, response.status) + image = jsonutils.loads(content)['image'] + self.assertEqual('queued', image['status']) + + # Ensure status of 'queued' image can't be changed + path = "http://%s:%d/v1/images/%s" % ("127.0.0.1", self.api_port, + image['id']) + http = httplib2.Http() + headers = {'X-Image-Meta-Status': 'active'} + response, content = http.request(path, 'PUT', headers=headers) + self.assertEqual(403, response.status) + response, content = http.request(path, 'HEAD') + self.assertEqual(200, response.status) + self.assertEqual('queued', response['x-image-meta-status']) + + # We allow 'setting' to the same status + http = httplib2.Http() + headers = {'X-Image-Meta-Status': 'queued'} + response, content = http.request(path, 'PUT', headers=headers) + self.assertEqual(200, response.status) + response, content = http.request(path, 'HEAD') + self.assertEqual(200, response.status) + self.assertEqual('queued', response['x-image-meta-status']) + + # Make image active + http = httplib2.Http() + headers = {'Content-Type': 'application/octet-stream'} + response, content = http.request(path, 'PUT', headers=headers, + body='data') + self.assertEqual(200, response.status) + image = jsonutils.loads(content)['image'] + self.assertEqual('active', image['status']) + + # Ensure status of 'active' image can't be changed + http = httplib2.Http() + headers = {'X-Image-Meta-Status': 'queued'} + response, content = http.request(path, 'PUT', headers=headers) + self.assertEqual(403, response.status) + response, content = http.request(path, 'HEAD') + self.assertEqual(200, response.status) + self.assertEqual('active', response['x-image-meta-status']) + + # We allow 'setting' to the same status + http = httplib2.Http() + headers = {'X-Image-Meta-Status': 'active'} + response, content = http.request(path, 'PUT', headers=headers) + self.assertEqual(200, response.status) + response, content = http.request(path, 'HEAD') + self.assertEqual(200, response.status) + self.assertEqual('active', response['x-image-meta-status']) + + # Create a 'queued' image, ensure 'status' header is ignored + http = httplib2.Http() + path = "http://%s:%d/v1/images" % ("127.0.0.1", self.api_port) + headers = {'Content-Type': 'application/octet-stream', + 'X-Image-Meta-Status': 'active'} + response, content = http.request(path, 'POST', headers=headers, + body=None) + self.assertEqual(201, response.status) + image = jsonutils.loads(content)['image'] + self.assertEqual('queued', image['status']) + + # Create an 'active' image, ensure 'status' header is ignored + http = httplib2.Http() + path = "http://%s:%d/v1/images" % ("127.0.0.1", self.api_port) + headers = {'Content-Type': 'application/octet-stream', + 'X-Image-Meta-Disk-Format': 'raw', + 'X-Image-Meta-Status': 'queued', + 'X-Image-Meta-Container-Format': 'bare'} + response, content = http.request(path, 'POST', headers=headers, + body='data') + self.assertEqual(201, response.status) + image = jsonutils.loads(content)['image'] + self.assertEqual('active', image['status']) + self.stop_servers() Index: glance-2014.1.5/glance/tests/integration/legacy_functional/test_v1_api.py =================================================================== --- glance-2014.1.5.orig/glance/tests/integration/legacy_functional/test_v1_api.py 2017-08-25 12:46:16.385651676 -0400 +++ glance-2014.1.5/glance/tests/integration/legacy_functional/test_v1_api.py 2017-08-25 12:46:16.381651676 -0400 @@ -357,6 +357,8 @@ class TestApi(base.ApiTest): path = "/v1/images" response, content = self.http.request(path, 'POST', headers=headers) self.assertEqual(response.status, 201) + image = jsonutils.loads(content)['image'] + self.assertEqual('active', image['status']) # 2. HEAD image-location # Verify image size is zero and the status is active Index: glance-2014.1.5/test-requirements.txt =================================================================== --- glance-2014.1.5.orig/test-requirements.txt 2017-08-25 12:46:16.385651676 -0400 +++ glance-2014.1.5/test-requirements.txt 2017-08-25 12:46:37.549651796 -0400 @@ -25,3 +25,8 @@ xattr>=0.4,<=0.7.5 # Documentation oslosphinx<=2.5.0 + +# Gate is failing because of an older version of oslo.vmware is installing +# PyYAML 3.11. Adding this line here will help moving this patch forward and +# fixing Glance's stable/juno gate +PyYAML<=3.10,>=3.1.0 debian/patches/CVE-2016-0757.patch0000644000000000000000000003623013150061362013242 0ustar From 507c90e273b5462fe7227f289053b9b3afce2563 Mon Sep 17 00:00:00 2001 From: Erno Kuvaja Date: Tue, 19 Jan 2016 13:37:05 +0000 Subject: [PATCH] Prevent user to remove last location of the image If the last location of the image is removed, image transitions back to queued. This allows user to upload new data into the existing image record. By preventing removal of the last location we prevent the image transition back to queued. This change also prevents doing the same operation via replacing the locations with empty list. SecurityImpact DocImpact APIImpact Conflicts: glance/tests/unit/v2/test_images_resource.py Conflicts: glance/api/v2/images.py Change-Id: Ieb03aaba887492819f9c58aa67f7acfcea81720e Closes-Bug: #1525915 (cherry picked from commit e9e45baa9aaf58e69964419b6b4fb2048d115a0c) (cherry picked from commit 819f93f6b60ad92e0469a595553e1b75f8971209) Reviewed-on: https://code.engineering.redhat.com/gerrit/67173 Reviewed-by: Flavio Percoco Tested-by: Flavio Percoco --- glance/api/v2/images.py | 22 +++- glance/tests/functional/v2/test_images.py | 14 --- glance/tests/unit/v2/test_images_resource.py | 118 ++++----------------- ...oving-last-image-location-d5ee3e00efe14f34.yaml | 10 ++ 4 files changed, 47 insertions(+), 117 deletions(-) create mode 100644 releasenotes/notes/Prevent-removing-last-image-location-d5ee3e00efe14f34.yaml Updated: 2017-08-25 diff --git a/glance/api/v2/images.py b/glance/api/v2/images.py index c019d9b..232982f 100644 --- a/glance/api/v2/images.py +++ b/glance/api/v2/images.py @@ -145,7 +145,10 @@ class ImagesController(object): path = change['path'] path_root = path[0] value = change['value'] - if path_root == 'locations': + if path_root == 'locations' and value == []: + msg = _("Cannot set locations to empty list.") + raise webob.exc.HTTPForbidden(message=msg) + elif path_root == 'locations' and value != []: self._do_replace_locations(image, value) else: if hasattr(image, path_root): @@ -173,7 +176,10 @@ class ImagesController(object): path = change['path'] path_root = path[0] if path_root == 'locations': - self._do_remove_locations(image, path[1]) + try: + self._do_remove_locations(image, path[1]) + except exception.Forbidden as e: + raise webob.exc.HTTPForbidden(e.msg) else: if hasattr(image, path_root): msg = _("Property %s may not be removed.") @@ -248,6 +254,11 @@ class ImagesController(object): raise webob.exc.HTTPBadRequest(explanation=unicode(ve)) def _do_remove_locations(self, image, path_pos): + if len(image.locations) == 1: + LOG.debug("User forbidden to remove last location of image %s", + image.image_id) + msg = _("Cannot remove last location in the image.") + raise exception.Forbidden(message=msg) pos = self._get_locations_op_pos(path_pos, len(image.locations), False) if pos is None: @@ -257,10 +268,11 @@ class ImagesController(object): # NOTE(zhiyan): this actually deletes the location # from the backend store. image.locations.pop(pos) + # TODO(jokke): Fix this, we should catch what store throws and + # provide definitely something else than IternalServerError to user. except Exception as e: - raise webob.exc.HTTPInternalServerError(explanation=unicode(e)) - if (len(image.locations) == 0) and (image.status == 'active'): - image.status = 'queued' + raise webob.exc.HTTPInternalServerError( + explanation=unicode(e)) class RequestDeserializer(wsgi.JSONRequestDeserializer): diff --git a/glance/tests/functional/v2/test_images.py b/glance/tests/functional/v2/test_images.py index ef3f944..0f94b5d 100644 --- a/glance/tests/functional/v2/test_images.py +++ b/glance/tests/functional/v2/test_images.py @@ -405,20 +405,6 @@ class TestImages(functional.FunctionalTest): response = requests.patch(path, headers=headers, data=data) self.assertEqual(200, response.status_code, response.text) - # Remove all locations of the image then the image size shouldn't be - # able to access - path = self._url('/v2/images/%s' % image2_id) - media_type = 'application/openstack-images-v2.1-json-patch' - headers = self._headers({'content-type': media_type}) - doc = [{'op': 'replace', 'path': '/locations', 'value': []}] - data = jsonutils.dumps(doc) - response = requests.patch(path, headers=headers, data=data) - self.assertEqual(200, response.status_code, response.text) - image = jsonutils.loads(response.text) - self.assertNotIn('size', image) - self.assertNotIn('virtual_size', image) - self.assertEqual('queued', image['status']) - # Deletion should work. Deleting image-1 path = self._url('/v2/images/%s' % image_id) response = requests.delete(path, headers=self._headers()) diff --git a/glance/tests/unit/v2/test_images_resource.py b/glance/tests/unit/v2/test_images_resource.py index 7a721ab..ba71afe 100644 --- a/glance/tests/unit/v2/test_images_resource.py +++ b/glance/tests/unit/v2/test_images_resource.py @@ -1248,26 +1248,6 @@ class TestImagesController(base.IsolatedUnitTest): self.assertRaises(webob.exc.HTTPConflict, self.controller.update, another_request, created_image.image_id, changes) - def test_update_replace_locations(self): - self.stubs.Set(glance.store, 'get_size_from_backend', - unit_test_utils.fake_get_size_from_backend) - request = unit_test_utils.get_fake_request() - changes = [{'op': 'replace', 'path': ['locations'], 'value': []}] - output = self.controller.update(request, UUID1, changes) - self.assertEqual(output.image_id, UUID1) - self.assertEqual(len(output.locations), 0) - self.assertEqual(output.status, 'queued') - self.assertIsNone(output.size) - - new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}} - changes = [{'op': 'replace', 'path': ['locations'], - 'value': [new_location]}] - output = self.controller.update(request, UUID1, changes) - self.assertEqual(output.image_id, UUID1) - self.assertEqual(len(output.locations), 1) - self.assertEqual(new_location, output.locations[0]) - self.assertEqual(output.status, 'active') - def test_update_replace_locations_non_empty(self): new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}} request = unit_test_utils.get_fake_request() @@ -1279,33 +1259,9 @@ class TestImagesController(base.IsolatedUnitTest): def test_update_replace_locations_invalid(self): request = unit_test_utils.get_fake_request() changes = [{'op': 'replace', 'path': ['locations'], 'value': []}] - output = self.controller.update(request, UUID1, changes) - self.assertEqual(output.image_id, UUID1) - self.assertEqual(len(output.locations), 0) - self.assertEqual(output.status, 'queued') - - request = unit_test_utils.get_fake_request() - changes = [{'op': 'replace', 'path': ['locations'], - 'value': [{'url': 'unknow://foo', 'metadata': {}}]}] - self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update, + self.assertRaises(webob.exc.HTTPForbidden, self.controller.update, request, UUID1, changes) - def test_update_replace_locations_status_exception(self): - request = unit_test_utils.get_fake_request() - changes = [{'op': 'replace', 'path': ['locations'], 'value': []}] - output = self.controller.update(request, UUID2, changes) - self.assertEqual(output.image_id, UUID2) - self.assertEqual(len(output.locations), 0) - self.assertEqual(output.status, 'queued') - - self.db.image_update(None, UUID2, {'disk_format': None}) - - new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}} - changes = [{'op': 'replace', 'path': ['locations'], - 'value': [new_location]}] - self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update, - request, UUID2, changes) - def test_update_add_property(self): request = unit_test_utils.get_fake_request() @@ -1379,22 +1335,6 @@ class TestImagesController(base.IsolatedUnitTest): self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update, request, UUID1, changes) - def test_update_add_locations_status_exception(self): - request = unit_test_utils.get_fake_request() - changes = [{'op': 'replace', 'path': ['locations'], 'value': []}] - output = self.controller.update(request, UUID2, changes) - self.assertEqual(output.image_id, UUID2) - self.assertEqual(len(output.locations), 0) - self.assertEqual(output.status, 'queued') - - self.db.image_update(None, UUID2, {'disk_format': None}) - - new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}} - changes = [{'op': 'add', 'path': ['locations', '-'], - 'value': new_location}] - self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update, - request, UUID2, changes) - def test_update_add_duplicate_locations(self): new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}} request = unit_test_utils.get_fake_request() @@ -1408,21 +1348,6 @@ class TestImagesController(base.IsolatedUnitTest): self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update, request, UUID1, changes) - def test_update_replace_duplicate_locations(self): - request = unit_test_utils.get_fake_request() - changes = [{'op': 'replace', 'path': ['locations'], 'value': []}] - output = self.controller.update(request, UUID1, changes) - self.assertEqual(output.image_id, UUID1) - self.assertEqual(len(output.locations), 0) - self.assertEqual(output.status, 'queued') - - new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}} - changes = [{'op': 'replace', 'path': ['locations'], - 'value': [new_location, new_location]}] - - self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update, - request, UUID1, changes) - def test_update_add_too_many_locations(self): self.config(image_location_quota=1) request = unit_test_utils.get_fake_request() @@ -1525,9 +1450,12 @@ class TestImagesController(base.IsolatedUnitTest): {'op': 'add', 'path': ['locations', '-'], 'value': {'url': '%s/fake_location_1' % BASE_URI, 'metadata': {}}}, + {'op': 'add', 'path': ['locations', '-'], + 'value': {'url': '%s/fake_location_2' % BASE_URI, + 'metadata': {}}}, ] self.controller.update(request, UUID1, changes) - self.config(image_location_quota=1) + self.config(image_location_quota=2) # We must remove two properties to avoid being # over the limit of 1 property @@ -1539,9 +1467,9 @@ class TestImagesController(base.IsolatedUnitTest): 'metadata': {}}}, ] output = self.controller.update(request, UUID1, changes) - self.assertEqual(output.image_id, UUID1) - self.assertEqual(len(output.locations), 1) - self.assertTrue('fake_location_3' in output.locations[0]['url']) + self.assertEqual(UUID1, output.image_id) + self.assertEqual(2, len(output.locations)) + self.assertIn('fake_location_3', output.locations[1]['url']) self.assertNotEqual(output.created_at, output.updated_at) def test_update_remove_base_property(self): @@ -1582,24 +1510,23 @@ class TestImagesController(base.IsolatedUnitTest): unit_test_utils.fake_get_size_from_backend) request = unit_test_utils.get_fake_request() - changes = [{'op': 'remove', 'path': ['locations', '0']}] - output = self.controller.update(request, UUID1, changes) - self.assertEqual(output.image_id, UUID1) - self.assertEqual(len(output.locations), 0) - self.assertTrue(output.status == 'queued') - self.assertIsNone(output.size) - new_location = {'url': '%s/fake_location' % BASE_URI, 'metadata': {}} changes = [{'op': 'add', 'path': ['locations', '-'], 'value': new_location}] + self.controller.update(request, UUID1, changes) + changes = [{'op': 'remove', 'path': ['locations', '0']}] output = self.controller.update(request, UUID1, changes) self.assertEqual(output.image_id, UUID1) self.assertEqual(len(output.locations), 1) - self.assertEqual(new_location, output.locations[0]) self.assertEqual(output.status, 'active') def test_update_remove_location_invalid_pos(self): request = unit_test_utils.get_fake_request() + changes = [ + {'op': 'add', 'path': ['locations', '-'], + 'value': {'url': '%s/fake_location' % BASE_URI, + 'metadata': {}}}] + self.controller.update(request, UUID1, changes) changes = [{'op': 'remove', 'path': ['locations', None]}] self.assertRaises(webob.exc.HTTPBadRequest, self.controller.update, request, UUID1, changes) @@ -1621,6 +1548,11 @@ class TestImagesController(base.IsolatedUnitTest): fake_delete_image_from_backend) request = unit_test_utils.get_fake_request() + changes = [ + {'op': 'add', 'path': ['locations', '-'], + 'value': {'url': '%s/fake_location' % BASE_URI, + 'metadata': {}}}] + self.controller.update(request, UUID1, changes) changes = [{'op': 'remove', 'path': ['locations', '0']}] self.assertRaises(webob.exc.HTTPInternalServerError, self.controller.update, request, UUID1, changes) @@ -1865,16 +1797,6 @@ class TestImagesControllerPolicies(base.IsolatedUnitTest): self.assertRaises(webob.exc.HTTPForbidden, self.controller.update, request, UUID1, changes) - self.stubs.Set(glance.store, 'delete_image_from_backend', - fake_delete_image_from_backend) - - changes = [{'op': 'replace', 'path': ['locations'], 'value': []}] - self.controller.update(request, UUID1, changes) - changes = [{'op': 'replace', 'path': ['locations'], - 'value': [new_location]}] - self.assertRaises(webob.exc.HTTPForbidden, self.controller.update, - request, UUID1, changes) - def test_update_delete_image_location_unauthorized(self): rules = {"delete_image_location": False} self.policy.set_rules(rules) debian/patches/sql_conn.patch0000664000000000000000000000300012542123512013442 0ustar diff -Naurp glance-2014.1.rc2.orig/etc/glance-api.conf glance-2014.1.rc2/etc/glance-api.conf --- glance-2014.1.rc2.orig/etc/glance-api.conf 2014-04-12 03:42:52.000000000 -0400 +++ glance-2014.1.rc2/etc/glance-api.conf 2014-04-12 08:43:34.458985000 -0400 @@ -549,14 +549,14 @@ image_cache_dir = /var/lib/glance/image- [database] # The file name to use with SQLite (string value) -#sqlite_db = glance.sqlite +sqlite_db = /var/lib/glance/glance.sqlite # If True, SQLite uses synchronous mode (boolean value) #sqlite_synchronous = True # The backend to use for db (string value) # Deprecated group/name - [DEFAULT]/db_backend -#backend = sqlalchemy +backend = sqlalchemy # The SQLAlchemy connection string used to connect to the # database (string value) diff -Naurp glance-2014.1.rc2.orig/etc/glance-registry.conf glance-2014.1.rc2/etc/glance-registry.conf --- glance-2014.1.rc2.orig/etc/glance-registry.conf 2014-04-12 03:42:52.000000000 -0400 +++ glance-2014.1.rc2/etc/glance-registry.conf 2014-04-12 08:44:11.638985000 -0400 @@ -77,14 +77,14 @@ limit_param_default = 25 [database] # The file name to use with SQLite (string value) -#sqlite_db = glance.sqlite +sqlite_db = /var/lib/glance/glance.sqlite # If True, SQLite uses synchronous mode (boolean value) #sqlite_synchronous = True # The backend to use for db (string value) # Deprecated group/name - [DEFAULT]/db_backend -#backend = sqlalchemy +backend = sqlalchemy # The SQLAlchemy connection string used to connect to the # database (string value) debian/patches/CVE-2015-5286.patch0000664000000000000000000001016513150074712013247 0ustar From 914fc4b2e35292c78cb234cf9cbd85b54354bec1 Mon Sep 17 00:00:00 2001 From: Mike Fedosin Date: Sun, 20 Sep 2015 17:01:22 +0300 Subject: [PATCH] Cleanup chunks for deleted image if token expired In patch I47229b366c25367ec1bd48aec684e0880f3dfe60 it was introduced the logic that if image was deleted during file upload when we want to update image status from 'saving' to 'active' it's expected to get Duplicate error and delete stale chunks after that. But if user's token is expired there will be Unathorized exception and chunks will stay in store and clog it. And when, the upload operation for such an image is completed the operator configured quota can be exceeded. This patch fixes the issue of left over chunks for an image which was deleted from saving status, by correcly handle auth exceptions from registry server. Change-Id: I17a66eca55bfb83107046910e69c4da01415deec (cherry picked from commit 98a8832777a0639a4031e52c69f0d565b3f500c5) Conflicts: glance/api/v1/upload_utils.py (Kilo catches NotFound instead of ImagenotFound) Resolve rhbz: 1269275 Resolve rhbz: 1269276 Upstream-Juno: https://review.openstack.org/#/c/229946/ Upstream-kilo: https://review.openstack.org/#/c/229945/ Upstream-Liberty: https://review.openstack.org/230056/ (cherry picked from commit 50e3a7c58a9862206d92fef577540c5b144ecbf0) (cherry picked from commit f2211e475e8bd4a87be9ee2edd6357ed952f4d7b) --- glance/api/v1/upload_utils.py | 8 ++++++++ glance/api/v2/image_data.py | 14 +++++++++++++- glance/tests/unit/v1/test_upload_utils.py | 22 ++++++++++++++++++++++ glance/tests/unit/v2/test_image_data_resource.py | 17 +++++++++++++++++ 4 files changed, 60 insertions(+), 1 deletion(-) Index: glance-2014.1.5/glance/api/v1/upload_utils.py =================================================================== --- glance-2014.1.5.orig/glance/api/v1/upload_utils.py 2017-08-25 15:02:56.905697957 -0400 +++ glance-2014.1.5/glance/api/v1/upload_utils.py 2017-08-25 15:02:56.901697957 -0400 @@ -158,6 +158,14 @@ def upload_data_to_store(req, image_meta raise exception.NotFound() else: raise + + except exception.NotAuthenticated as e: + # Delete image data due to possible token expiration. + LOG.debug("Authentication error - the token may have " + "expired during file upload. Deleting image data for " + " %s " % image_id) + initiate_deletion(req, location_data, image_id) + raise webob.exc.HTTPUnauthorized(explanation=e.msg, request=req) except exception.NotFound: msg = _("Image %s could not be found after upload. The image may" " have been deleted during the upload.") % image_id Index: glance-2014.1.5/glance/api/v2/image_data.py =================================================================== --- glance-2014.1.5.orig/glance/api/v2/image_data.py 2017-08-25 15:02:56.905697957 -0400 +++ glance-2014.1.5/glance/api/v2/image_data.py 2017-08-25 15:02:56.901697957 -0400 @@ -83,7 +83,19 @@ class ImageDataController(object): raise webob.exc.HTTPGone(explanation=msg, request=req, content_type='text/plain') - + except exception.NotAuthenticated: + msg = (_("Authentication error - the token may have " + "expired during file upload. Deleting image data for " + "%s.") % image_id) + LOG.debug(msg) + try: + image.delete() + except exception.NotAuthenticated: + # NOTE: Ignore this exception + pass + raise webob.exc.HTTPUnauthorized(explanation=msg, + request=req, + content_type='text/plain') except ValueError as e: LOG.debug("Cannot save data for image %s: %s", image_id, e) self._restore(image_repo, image) debian/python-glance-doc.docs0000664000000000000000000000001712542123512013350 0ustar doc/build/html debian/glance-registry.glance-registry.upstart0000775000000000000000000000044512542123512017014 0ustar description "Glance registry server" author "Soren Hansen " start on runlevel [2345] stop on runlevel [!2345] respawn exec start-stop-daemon --start --chuid glance \ --chdir /var/lib/glance --name glance-registry \ --exec /usr/bin/glance-registry debian/copyright0000664000000000000000000000204612542123512011122 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: glance Source: https://code.launchpad.net/glance Files: * Copyright: 2010 United States Government as represented by the Administrator of the National Aeronautics and Space Administration., 2010-2011 OpenStack LLC, Others (See individual files for more details) License: Apache-2 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. . On Debian-based systems the full text of the Apache version 2.0 license can be found in `/usr/share/common-licenses/Apache-2.0'. debian/glance-api.install0000664000000000000000000000054412542123512012560 0ustar etc/glance-api-paste.ini etc/glance etc/glance-api.conf etc/glance etc/glance-cache.conf etc/glance etc/glance-scrubber.conf etc/glance etc/schema-image.json etc/glance etc/policy.json etc/glance usr/bin/glance-api usr/bin/glance-cache-cleaner usr/bin/glance-cache-manage usr/bin/glance-cache-prefetcher usr/bin/glance-cache-pruner usr/bin/glance-scrubber debian/watch0000775000000000000000000000017212542123512010221 0ustar version=3 opts="uversionmangle=s/\.([a-zA-Z])/~$1/;s/%7E/~/" \ http://tarballs.openstack.org/glance glance-(.*)\.tar\.gz debian/glance-common.postinst0000775000000000000000000000100012542123512013503 0ustar #!/bin/sh set -e if [ "$1" = "configure" ] then if ! getent group glance > /dev/null 2>&1 then addgroup --system glance >/dev/null fi if ! getent passwd glance > /dev/null 2>&1 then adduser --system --home /var/lib/glance --ingroup glance --no-create-home --shell /bin/false glance fi chown -R glance:adm /var/log/glance chmod 0750 /var/log/glance chown glance:glance -R /etc/glance chmod 0750 /etc/glance find /var/lib/glance -xdev -type d -exec chown glance:glance {} \; fi #DEBHELPER# debian/glance-api.prerm0000775000000000000000000000023112542123512012233 0ustar #!/bin/sh set -e case $1 in remove|purge) if [ -x /etc/init.d/glance-api ]; then invoke-rc.d glance-api stop || true fi ;; esac #DEBHELPER# debian/glance-common.install0000664000000000000000000000005512542123512013274 0ustar usr/bin/glance-control usr/bin/glance-manage debian/glance-registry.postinst0000775000000000000000000000031412542123512014072 0ustar #!/bin/sh set -e if [ "$1" = "configure" ] then if grep -qE "^(sql_)?connection.*sqlite.*" /etc/glance/glance-registry.conf then su -s /bin/sh -c 'glance-manage db_sync' glance fi fi #DEBHELPER# debian/python-glance-doc.doc-base0000775000000000000000000000040112542123512014075 0ustar Document: glance-doc Title: Glance Documentation Author: OpenStack Abstract: Sphinx documentation for Glance Section: Network/File Transfer Format: HTML Index: /usr/share/doc/python-glance-doc/html/index.html Files: /usr/share/doc/python-glance-doc/html/* debian/glance-registry.prerm0000775000000000000000000000024212542123512013334 0ustar #!/bin/sh set -e case $1 in remove|purge) if [ -x /etc/init.d/glance-registry ]; then invoke-rc.d glance-registry stop || true fi ;; esac #DEBHELPER# debian/glance-registry.manpages0000664000000000000000000000004012542123512013773 0ustar doc/build/man/glance-registry.1 debian/glance-registry.install0000664000000000000000000000017712542123512013661 0ustar etc/glance-registry-paste.ini etc/glance etc/glance-registry.conf etc/glance usr/bin/glance-registry usr/bin/glance-replicator debian/pydist-overrides0000775000000000000000000000002412542123512012423 0ustar pysendfile argparse debian/glance-api.dirs0000664000000000000000000000024012542123512012044 0ustar /var/lib/glance/images /var/lib/glance/image-cache /var/lib/glance/image-cache/incomplete /var/lib/glance/image-cache/invalid /var/lib/glance/image-cache/queue debian/glance-api.manpages0000664000000000000000000000032012542123512012675 0ustar doc/build/man/glance-api.1 doc/build/man/glance-cache-cleaner.1 doc/build/man/glance-cache-manage.1 doc/build/man/glance-cache-prefetcher.1 doc/build/man/glance-cache-pruner.1 doc/build/man/glance-scrubber.1 debian/tests/0000775000000000000000000000000012542123512010327 5ustar debian/tests/control0000664000000000000000000000016112542123512011730 0ustar Tests: python-glance glance-daemons Depends: python-glance, glance-api, glance-registry Restrictions: needs-root debian/tests/glance-daemons0000775000000000000000000000046512542123512013137 0ustar #!/bin/bash #--------------------- # Testing glance-daemons #--------------------- set -e DAEMONS=('glance-api' 'glance-registry') for daemon in "${DAEMONS[@]}"; do if pidof -x $daemon > /dev/null; then echo "OK" else echo "ERROR: ${daemon} IS NOT RUNNING" exit 1 fi done debian/tests/test_import_glance.py0000664000000000000000000000012112542123512014555 0ustar try: import glance except ImportError, e: print "ERROR IMPORTING MODULE" debian/tests/python-glance0000775000000000000000000000043312542123512013025 0ustar #!/bin/bash #------------------------- # Testing client utilities #------------------------- set -e result=$(python `dirname $0`/test_import_glance.py 2>&1) if [ "$result" ]; then echo "ERROR: PYTHON-GLANCE MODULE CANNOT BE IMPORTED" exit 1 else echo "OK" exit 0 fi debian/rules0000775000000000000000000000164712542123512010255 0ustar #!/usr/bin/make -f # Verbose mode #export DH_VERBOSE=1 DEBVERS ?= $(shell dpkg-parsechangelog | sed -n -e 's/^Version: //p') VERSION ?= $(shell echo '$(DEBVERS)' | sed -e 's/^[[:digit:]]*://' -e 's/[-].*//') export OSLO_PACKAGE_VERSION=$(VERSION) %: dh $@ --with python2 get-orig-source: uscan --verbose --force-download --rename --destdir=../build-area override_dh_install: dh_install --fail-missing ifeq (,$(findstring nocheck, $(DEB_BUILD_OPTIONS))) override_dh_auto_test: testr init && testr run endif override_dh_auto_build: dh_auto_build ifeq (,$(findstring nodocs, $(DEB_BUILD_OPTIONS))) mkdir -p doc/build/man mkdir -p doc/build/html sphinx-build -b man doc/source doc/build/man sphinx-build -b html doc/source doc/build/html endif override_dh_auto_clean: dh_auto_clean rm -rf doc/build rm -rf glance.sqlite override_dh_installinit: dh_installinit --name glance-api dh_installinit --name glance-registry