yahoo-eng-team team mailing list archive

Thread
Date

[Bug 1423475] [NEW] It is possible to delete default security group via neutron client

To: yahoo-eng-team@xxxxxxxxxxxxxxxxxxx
From: Eran Kuris <ekuris@xxxxxxxxxx>
Date: Thu, 19 Feb 2015 08:28:57 -0000
Reply-to: Bug 1423475 <1423475@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Public bug reported:

When I enter to horizon (WebUI) with user admin and trying to delete default security group I get an error message that I cannot do this action.
When I run same scenario from neutron client by using this commands :
[root@puma15 ~(keystone_admin)]# neutron security-group-list 
+--------------------------------------+---------+-------------+
| id                                   | name    | description |
+--------------------------------------+---------+-------------+
| 8f7a6756-60e4-45e2-a35a-673bcd9508aa | default | default     |
+--------------------------------------+---------+-------------+
[root@puma15 ~(keystone_admin)]# neutron security-group-delete 8f7a6756-60e4-45e2-a35a-673bcd9508aa
Deleted security_group: 8f7a6756-60e4-45e2-a35a-673bcd9508aa

I can see that the action successful when it should not . After few seconds from delete action I type the command :
[root@puma15 ~(keystone_admin)]# neutron security-group-list 
+--------------------------------------+---------+-------------+
| id                                   | name    | description |
+--------------------------------------+---------+-------------+
| e56b4c51-5324-405e-bc54-0044247b6b5b | default | default     |
+--------------------------------------+---------+-------------+


As we can see it generate a new default security group with new ID . 

Version : 
[root@puma15 ~(keystone_admin)]# rpm -qa | grep neut
python-neutron-2014.2.2-2.el7ost.noarch
openstack-neutron-openvswitch-2014.2.2-2.el7ost.noarch
openstack-neutron-2014.2.2-2.el7ost.noarch
openstack-neutron-ml2-2014.2.2-2.el7ost.noarch
python-neutronclient-2.3.9-1.el7ost.noarch
[root@puma15 ~(keystone_admin)]# rpm -qa | grep rhel
libreport-rhel-2.1.11-21.el7.x86_64
[root@puma15 ~(keystone_admin)]# ll /etc/yum.repos.d/
total 48
-rw-r--r--. 1 root root   252 Feb 16 10:13 epel.repo
-rw-------. 1 root root 24221 Feb 16 10:03 Eran_answer_file.txt
-rw-r--r--. 1 root root   358 Feb 16 09:34 redhat.repo
-rw-r--r--. 1 root root   165 Feb 16 09:34 rhel-optional.repo
-rw-r--r--. 1 root root   153 Feb 16 09:34 rhel-server.repo
-rw-r--r--. 1 root root  2316 Feb 16 09:44 rhos-release-6-rhel-7.1.repo
-rw-r--r--. 1 root root   122 Feb 13 01:06 rhos-release.repo

** Affects: neutron
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1423475

Title:
  It is possible to delete default security group via neutron client

Status in OpenStack Neutron (virtual network service):
  New

Bug description:
  When I enter to horizon (WebUI) with user admin and trying to delete default security group I get an error message that I cannot do this action.
  When I run same scenario from neutron client by using this commands :
  [root@puma15 ~(keystone_admin)]# neutron security-group-list 
  +--------------------------------------+---------+-------------+
  | id                                   | name    | description |
  +--------------------------------------+---------+-------------+
  | 8f7a6756-60e4-45e2-a35a-673bcd9508aa | default | default     |
  +--------------------------------------+---------+-------------+
  [root@puma15 ~(keystone_admin)]# neutron security-group-delete 8f7a6756-60e4-45e2-a35a-673bcd9508aa
  Deleted security_group: 8f7a6756-60e4-45e2-a35a-673bcd9508aa

  I can see that the action successful when it should not . After few seconds from delete action I type the command :
  [root@puma15 ~(keystone_admin)]# neutron security-group-list 
  +--------------------------------------+---------+-------------+
  | id                                   | name    | description |
  +--------------------------------------+---------+-------------+
  | e56b4c51-5324-405e-bc54-0044247b6b5b | default | default     |
  +--------------------------------------+---------+-------------+

  
  As we can see it generate a new default security group with new ID . 

  Version : 
  [root@puma15 ~(keystone_admin)]# rpm -qa | grep neut
  python-neutron-2014.2.2-2.el7ost.noarch
  openstack-neutron-openvswitch-2014.2.2-2.el7ost.noarch
  openstack-neutron-2014.2.2-2.el7ost.noarch
  openstack-neutron-ml2-2014.2.2-2.el7ost.noarch
  python-neutronclient-2.3.9-1.el7ost.noarch
  [root@puma15 ~(keystone_admin)]# rpm -qa | grep rhel
  libreport-rhel-2.1.11-21.el7.x86_64
  [root@puma15 ~(keystone_admin)]# ll /etc/yum.repos.d/
  total 48
  -rw-r--r--. 1 root root   252 Feb 16 10:13 epel.repo
  -rw-------. 1 root root 24221 Feb 16 10:03 Eran_answer_file.txt
  -rw-r--r--. 1 root root   358 Feb 16 09:34 redhat.repo
  -rw-r--r--. 1 root root   165 Feb 16 09:34 rhel-optional.repo
  -rw-r--r--. 1 root root   153 Feb 16 09:34 rhel-server.repo
  -rw-r--r--. 1 root root  2316 Feb 16 09:44 rhos-release-6-rhel-7.1.repo
  -rw-r--r--. 1 root root   122 Feb 13 01:06 rhos-release.repo

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1423475/+subscriptions

Follow ups

[Bug 1423475] Re: It is possible to delete default security group
From: Launchpad Bug Tracker, 2015-12-29
[Bug 1423475] [NEW] It is possible to delete default security group via neutron client
From: Eran Kuris, 2015-02-19

References

[Bug 1423475] [NEW] It is possible to delete default security group via neutron client
From: Eran Kuris, 2015-02-19