yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1167421] Re: Upgrading from folsom to grizzly results in all tenants/users being disabled

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1167421@xxxxxxxxxxxxxxxxxx>
Date: Thu, 06 Jun 2013 04:56:43 -0000
Reply-to: Bug 1167421 <1167421@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package keystone - 1:2013.1.1-0ubuntu2

---------------
keystone (1:2013.1.1-0ubuntu2) raring-proposed; urgency=low

  * Rebase against latest security updates.
  * Dropped patches:
    - debian/patches/CVE-2013-2059.patch: [678b06a]

keystone (1:2013.1.1-0ubuntu1) raring-proposed; urgency=low

  * Resynchronize with stable/grizzly (678b06a9) (LP: #1179626):
    - [678b06a] Deleted user can still create instances LP: 1166670
    - [b874c8f] keystone ipv6 tests fail LP: 1176204
    - [3aa0f45] Set defaultbranch in .gitreview to stable/grizzly
    - [c5037dd] admin_token and LDAP password show up in log in DEBUG mode
      LP: 1172195
    - [76efb5c] residual grants after delete action LP: 1125637
    - [2b5b24e] PKI support breaks memcache token backend LP: 1119641
    - [9446a99] non-default auth plugins can't be configured LP: 1157515
    - [717f1aa] Upgrading from folsom to grizzly results in all tenants/users
      being disabled (LP: #1167421)
 -- James Page <james.page@xxxxxxxxxx>   Fri, 17 May 2013 10:42:16 +0100

** Changed in: keystone (Ubuntu)
       Status: Confirmed => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-2059

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1167421

Title:
  Upgrading from folsom to grizzly results in all tenants/users being
  disabled

Status in Ubuntu Cloud Archive:
  New
Status in OpenStack Identity (Keystone):
  Fix Released
Status in Keystone grizzly series:
  Fix Released
Status in “keystone” package in Ubuntu:
  Fix Released

Bug description:
  Hi there,

  I tested a Folsom to Grizzly upgrade using stock packages on Ubuntu
  12.04 and noticed that upon completion of the upgrade that there was a
  new 'enabled' column in `user`/ `project` tables and that all records
  within these tables had enabled set to 0.  This resulted in
  authentication failure on users which were working prior to the
  upgrade.  Once I ran the following, users could authenticate again:

  # mysql keystone -e "update user set enabled=1"
  # mysql keystone -e "update project set enabled=1"

  For anyone else reading this, I knew all my users/tenants were enabled
  so didn't have to worry about the above statements, however in some
  environments there are likely to be disabled users/tenants which you'd
  need to take note of.  You can determine this by looking at the text
  in the `extra` column within these two tables.

  -Matt

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1167421/+subscriptions