Hi, everyone
I'm using the master branch devstack.
I hava a question about assignment of default role (Keystone).
When I create a user to specify the tenant, '_member_' is assigned to the roles.
$ keystone user-create --name test --tenant-id e61..7f6 --pass test --email test@xxxxxxxxxxx
+----------+-------------------+
| Property | Value |
+----------+-------------------+
| email | test5@xxxxxxxxxxx |
| enabled | True |
| id | af1..8d2 |
| name | test |
| tenantId | e61..7f6 |
+----------+-------------------+
$ keystone user-role-list --user test --tenant e61..7f6
+----------+----------+----------+-----------+
| id | name | user_id | tenant_id |
+----------+----------+----------+-----------+
| 9fe..bab | _member_ | af1..8d2 | e61..7f6 |
+----------+----------+----------+-----------+
Then, assign the "Member" role to the user.
Hitting assigned two roles of 'Member' and '_member_'.
$ keystone user-role-add --user af1..8d2 --role 57d..d1f --tenant e61..7f6
$ keystone user-role-list --user af1..8d2 --tenant e61..7f6
+----------+----------+----------+-----------+
| id | name | user_id | tenant_id |
+----------+----------+----------+-----------+
| 57d..d1f | Member | af1..8d2 | e61..7f6 |
| 9fe..bab | _member_ | af1..8d2 | e61..7f6 |
+----------+----------+----------+-----------+
When I create a user without specifying a tenant, I assign 'Member' role.
In this case, Only one role is assigned.
$ keystone user-create --name test2 --pass test --email test2@xxxxxxxxxxx
+----------+-------------------+
| Property | Value |
+----------+-------------------+
| email | test2@xxxxxxxxxxx |
| enabled | True |
| id | c22..a6d |
| name | test2 |
| tenantId | |
+----------+-------------------+
$ keystone user-role-add --user c22..a6d --role 57d..d1f --tenant e61..7f6
$ keystone user-role-list --user c22..a6d --tenant e61..7f6
+----------+----------+----------+-----------+
| id | name | user_id | tenant_id |
+----------+----------+----------+-----------+
| 57d..d1f | Member | c22..a6d | e61..7f6 |
+----------+----------+----------+-----------+
Is it expected behavior that two rolls are assigned?
Thanks
Leo Toyoda
_______________________________________________
Mailing list: https://launchpad.net/~openstack
Post to : openstack@xxxxxxxxxxxxxxxxxxx
Unsubscribe : https://launchpad.net/~openstack
More help : https://help.launchpad.net/ListHelp