Steps to reproduce for 7.0 mostly the same as for 8.0, but a bit more complicated since the novaclient in 7.0 doesn't work with ephemeral disk. That's why instead of using novaclient I've launched nova instance with curl request to API:
curl -g -i -X POST http://192.168.0.2:8774/v2/4c8a72cfeea54b7694a2495516aebd4f/os-volumes_boot -H "User-Agent: python-novaclient" -H "Content-Type: application/json" -H "Accept: application/json" -H "X-Auth-Token: 4721b11bb0694f92baf6cd9bed12ccc1" -d '{"server": {"name": "test-boot", "imageRef": "89deb937-0022-4a48-97bb-efdf3e5592c7", "key_name": "local", "flavorRef": "6", "max_count": 1, "block_device_mapping_v2": [{"source_type": "image", "delete_on_termination": true, "boot_index": 0, "uuid": "89deb937-0022-4a48-97bb-efdf3e5592c7", "destination_type": "local"}, {"guest_format": "ext4", "boot_index": -1, "volume_size": "1", "source_type": "blank", "destination_type": "local", "delete_on_termination": true}], "min_count": 1, "networks": [{"uuid": "8b0b141f-16e8-4266-a734-c585b8047d88"}]}}'
Of cource you should change URL, keystone token, image ID and network ID in provided curl request before using it.
Notes for 5.1.1 and 6.0:
For some reason I was not able to login via SSH to Fedora 23 instance. That's why I did reproduction of the bug on CentOS 7 image. Also CentOS image requires more disk space in flavor, that's why I had created a bit different flavors for reproducing. Here is the set of command used by me in order to boot CentOS 7 image:
wget http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2
glance image-create --name centos --file CentOS-7-x86_64-GenericCloud.qcow2 --disk-format qcow2 --container-format bare --progress
nova flavor-create eph 6 1024 15 1 --ephemeral 1
nova flavor-create eph_large 7 2048 15 1 --ephemeral 1
nova boot --key-name local --image centos --ephemeral size=1,format=ext4 --flavor eph --nic net-id=43c69cda-f093-439e-b96e-64629b76f8b5 test-boot
Steps to verify the bug:
Steps to reproduce for 8.0 in case of resizing instance is pretty well described here: https:/ /bugs.launchpad .net/nova/ +bug/1548450/ comments/ 7
After applying patch device mount with malicous image should fail.
Steps to reproduce for 7.0 mostly the same as for 8.0, but a bit more complicated since the novaclient in 7.0 doesn't work with ephemeral disk. That's why instead of using novaclient I've launched nova instance with curl request to API: 192.168. 0.2:8774/ v2/4c8a72cfeea5 4b7694a2495516a ebd4f/os- volumes_ boot -H "User-Agent: python-novaclient" -H "Content-Type: application/json" -H "Accept: application/json" -H "X-Auth-Token: 4721b11bb0694f9 2baf6cd9bed12cc c1" -d '{"server": {"name": "test-boot", "imageRef": "89deb937- 0022-4a48- 97bb-efdf3e5592 c7", "key_name": "local", "flavorRef": "6", "max_count": 1, "block_ device_ mapping_ v2": [{"source_type": "image", "delete_ on_termination" : true, "boot_index": 0, "uuid": "89deb937- 0022-4a48- 97bb-efdf3e5592 c7", "destination_type": "local"}, {"guest_format": "ext4", "boot_index": -1, "volume_size": "1", "source_type": "blank", "destination_type": "local", "delete_ on_termination" : true}], "min_count": 1, "networks": [{"uuid": "8b0b141f- 16e8-4266- a734-c585b8047d 88"}]}} '
curl -g -i -X POST http://
Of cource you should change URL, keystone token, image ID and network ID in provided curl request before using it.
Notes for 5.1.1 and 6.0:
For some reason I was not able to login via SSH to Fedora 23 instance. That's why I did reproduction of the bug on CentOS 7 image. Also CentOS image requires more disk space in flavor, that's why I had created a bit different flavors for reproducing. Here is the set of command used by me in order to boot CentOS 7 image:
wget http:// cloud.centos. org/centos/ 7/images/ CentOS- 7-x86_64- GenericCloud. qcow2 7-x86_64- GenericCloud. qcow2 --disk-format qcow2 --container-format bare --progress 43c69cda- f093-439e- b96e-64629b76f8 b5 test-boot
glance image-create --name centos --file CentOS-
nova flavor-create eph 6 1024 15 1 --ephemeral 1
nova flavor-create eph_large 7 2048 15 1 --ephemeral 1
nova boot --key-name local --image centos --ephemeral size=1,format=ext4 --flavor eph --nic net-id=