OpenNebula 2.2.1

9th June, 2011. This maintenance release is intended to fix a security issue (see the Security Notice below) found in the cloud servers (OCCI and econe). It aims to provide an even more robust, reliable and scalable version of OpenNebula for efficient management of virtual infrastructures, to be used in production environments.

OpenNebula 2.2.1 is completely backward compatible with v2.2.0 in terms of the database schema, interfaces and API's, so v2.2.0 can be updated maintaining the same DB and integrated components.

This Release Notes are incremental with respect to version 2.2.0.

Security Notice

A potential security vulnerability was found in the contextualization image creation code. This feature lets the user add files to the context image created before VM startup. The feature is very handy to modify the behavior or configuration of the VM without modifying the disk image. As you can specify any file readable by <oneadmin> user (the user that runs oned daemon) some sensible files can be added to the context image and then be retrieved connecting to the newly created VM. Some of the files that could be retrieved are:

  • oneadmin private key
  • database credentials stored in oned.conf
  • private images not accessible by other users

The patch adds a variable in the TM configuration files:

  • /etc/one/tm_lvm/tm_lvmrc
  • /etc/one/tm_nfs/tm_nfsrc
  • /etc/one/tm_ssh/tm_sshrc

By default the variable is configured to work as traditionally, unsecured, so it does not break any development you may have that uses the contextualization. It can be changed so only '' (variables file generated by ONE) or http urls are allowed to be included in the contextualization image. To enable these restrictions, the corresponding TM configuration file must be changed and the variable should be set to '1':

  # Set to 1 to disable adding files to context image other than
  # itself or http url's

In most setups (private cloud) SECURE_CONTEXT can be safely set to 0, however setting it to 1 is highly recommended when using the OCCI interface (note that EC2 Query is not affected by this issue).

We would like to thank Vivien Bernet-Rollande for noticing the bug and for providing a patch to fix it. We are working on a more robust and flexible fix, we will maintain you informed on the developments.