From: Zack Cerza Date: Thu, 5 Feb 2015 21:52:32 +0000 (-0700) Subject: Don't destroy a vps that is owned by someone else X-Git-Tag: 1.1.0~1014^2 X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F428%2Fhead;p=teuthology.git Don't destroy a vps that is owned by someone else This only affects the unlock_one() codepath at this point. Signed-off-by: Zack Cerza --- diff --git a/teuthology/lock.py b/teuthology/lock.py index e14977241..02a83e443 100644 --- a/teuthology/lock.py +++ b/teuthology/lock.py @@ -431,7 +431,7 @@ def unlock_one(ctx, name, user=None): if user is None: user = misc.get_user() name = misc.canonicalize_hostname(name, user=None) - if not provision.destroy_if_vm(ctx, name): + if not provision.destroy_if_vm(ctx, name, user): log.error('downburst destroy failed for %s', name) request = dict(name=name, locked=False, locked_by=user, description=None) uri = os.path.join(config.lock_server, 'nodes', name, 'lock', '') diff --git a/teuthology/provision.py b/teuthology/provision.py index e9803f516..e2bcb7cd6 100644 --- a/teuthology/provision.py +++ b/teuthology/provision.py @@ -98,7 +98,7 @@ def create_if_vm(ctx, machine_name): return True -def destroy_if_vm(ctx, machine_name): +def destroy_if_vm(ctx, machine_name, user=None): """ Use downburst to destroy a virtual machine @@ -107,6 +107,10 @@ def destroy_if_vm(ctx, machine_name): status_info = get_status(machine_name) if not status_info or not status_info.get('is_vm', False): return True + if user is not None and user != status_info['locked_by']: + log.error("Tried to destroy {node} as {as_user} but it is locked by {locked_by}".format( + node=machine_name, as_user=user, locked_by=status_info['locked_by'])) + return False phys_host = decanonicalize_hostname(status_info['vm_host']['name']) destroyMe = decanonicalize_hostname(machine_name) dbrst = _get_downburst_exec()