[lxc-devel] [lxd/master] lxd/daemon: Fix bad permission check
stgraber on Github
lxc-bot at linuxcontainers.org
Thu Dec 3 01:34:06 UTC 2020
A non-text attachment was scrubbed...
Name: not available
Type: text/x-mailbox
Size: 494 bytes
Desc: not available
URL: <http://lists.linuxcontainers.org/pipermail/lxc-devel/attachments/20201202/4731d26b/attachment.bin>
-------------- next part --------------
From ba9dd29116d7433606f397cc425e4fbff2d0ac33 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber at ubuntu.com>
Date: Wed, 2 Dec 2020 20:33:21 -0500
Subject: [PATCH] lxd/daemon: Fix bad permission check
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This was checking a yet to be defined field, effectively never
succeeding and breaking non-RBAC authentication on RBAC enabled servers.
Signed-off-by: Stéphane Graber <stgraber at ubuntu.com>
---
lxd/daemon.go | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lxd/daemon.go b/lxd/daemon.go
index 55727ddcd9..82c9b2f883 100644
--- a/lxd/daemon.go
+++ b/lxd/daemon.go
@@ -454,11 +454,11 @@ func (d *Daemon) createCmd(restAPI *mux.Router, version string, c APIEndpoint) {
return ua, nil
}
- if r.Context().Value("protocol") == "cluster" {
+ if protocol == "cluster" {
return ua, nil
}
- if r.Context().Value("protocol") == "tls" {
+ if protocol == "tls" {
return ua, nil
}
More information about the lxc-devel
mailing list