yahoo-eng-team team mailing list archive

Thread
Date

[Bug 963348] Re: keystone doesn't cleanly remove all data for a user when using SQL backend for Identity

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Thierry Carrez <thierry.carrez+lp@xxxxxxxxx>
Date: Mon, 04 Mar 2013 11:07:56 -0000
Reply-to: Bug 963348 <963348@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Changed in: keystone
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/963348

Title:
  keystone doesn't cleanly remove all data for a user when using SQL
  backend for Identity

Status in OpenStack Identity (Keystone):
  Fix Released

Bug description:
  Hello,

  How can a user cleanly be removed from Keystone? Maybe I am missing a
  step - and I apologize if so - but I'm running into the following
  issue:

  keystone tenant-create --name=ProjectX
  keystone user-create --name=Foo --pass=password
  keystone user-role-add --user=$USER_ID --tenant_id=$TENANT_ID --role=$ADMIN_ROLE_ID

  In the SQL database, I can now see entries under the user, tenant,
  user_tenant_membership, and metadata tables.

  Now, if I do

  keystone user-delete $USER_ID

  The entry is removed from the user table, but no other tables.

  If I do

  keystone user-role-remove --user=$USER_ID --tenant_id=$TENANT_ID
  --role=$ADMIN_ROLE_ID

  The entry is removed from user_tenant_membership, but not the metadata
  table.

  keystone user-delete $USER_ID

  removes the user from the user table, but still not metadata.

  If I add the user to more than one role, the user will stay in the
  user_tenant_membership table until all roles have been removed, but
  there is still an entry in metadata.

  Is this a bug or am I missing a step for cleanly removing a user?

  Thanks,
  Joe

To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/963348/+subscriptions