yahoo-eng-team team mailing list archive

[Itsuro Oda <oda@xxxxxxxxxxxxx>]

Public bug reported:

It is available in icehouse.

0. assume admin user executes
1. $ neutron security-group-create --tenant-id tenant1 sec1
2. $ neutron port-create --tenant-id tenant2 --security-groutp <uuid of sec1> net1
  success

But current system (juno and later):
port-create fails with "Security group <uuid of sec1> does not exist".

This is reported by my customer who uses icehouse currently and plans to upgrade to recent release.
This is real use case though above example is simplified a lot.

 This is cased by the following fix:
 https://review.openstack.org/#/c/123187/
I think incompatibility was introduced unintentionally by the fix.

** Affects: neutron
     Importance: Undecided
         Status: New


** Tags: sg-fw

** Tags added: sg-fw

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1515879

Title:
  port can't be created/updated with different tenant's security-group

Status in neutron:
  New

Bug description:
  It is available in icehouse.

  0. assume admin user executes
  1. $ neutron security-group-create --tenant-id tenant1 sec1
  2. $ neutron port-create --tenant-id tenant2 --security-groutp <uuid of sec1> net1
    success

  But current system (juno and later):
  port-create fails with "Security group <uuid of sec1> does not exist".

  This is reported by my customer who uses icehouse currently and plans to upgrade to recent release.
  This is real use case though above example is simplified a lot.

   This is cased by the following fix:
   https://review.openstack.org/#/c/123187/
  I think incompatibility was introduced unintentionally by the fix.

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1515879/+subscriptions