← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #41398

[Bug 1517818] [NEW] update rbac policy with any input when there is only 1 policy in system

  Thread PreviousDate PreviousThread Next 
Public bug reported:

I leave a policy in rbac. This policy is created by admin user . I stay
in use the same user. And now I can use  neutron rbac-update [any
values] , then it will return error.


repro
--------------
neutron rbac-list
+--------------------------------------+--------------------------------------+
| id                                   | object_id                            |
+--------------------------------------+--------------------------------------+
| d14a977d-c19f-4bf5-abe1-d5820456385e | a80d09eb-9ef2-47a4-baac-90133894366a |
+--------------------------------------+--------------------------------------+

neutron rbac-update 2222222
---------------------------------------------------------------------------------
Conflict: RBAC policy on object a80d09eb-9ef2-47a4-baac-90133894366a cannot be removed because other objects depend on it.
Details: Callback neutron.plugins.ml2.plugin.Ml2Plugin.validate_network_rbac_policy_change failed with "Unable to reconfigure sharing settings for network a80d09eb-9ef2-47a4-baac-90133894366a. Multiple tenants are using it."
log
---------------
2015-11-19 10:05:43.024 ERROR neutron.callbacks.manager [req-99ef207b-7422-4bb7-a257-4c7ee00ee114 admin 5d73438ed76a4399b8d2996a699146c5] Error during notification for neutron.plugins.ml2.plugin.Ml2Plugin.validate_network_rbac_policy_change rbac-policy, before_update
2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager Traceback (most recent call last):
2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager   File "/opt/stack/neutron/neutron/callbacks/manager.py", line 141, in _notify_loop
2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager     callback(resource, event, trigger, **kwargs)
2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager   File "/opt/stack/neutron/neutron/db/db_base_plugin_v2.py", line 142, in validate_network_rbac_policy_change
2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager     tenant_to_check = None
2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager   File "/opt/stack/neutron/neutron/db/db_base_plugin_v2.py", line 190, in ensure_no_tenant_ports_on_network
2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager     raise n_exc.InvalidSharedSetting(network=network_id)
2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager InvalidSharedSetting: Unable to reconfigure sharing settings for network a80d09eb-9ef2-47a4-baac-90133894366a. Multiple tenants are using it.
2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager

** Affects: neutron
     Importance: Undecided
     Assignee: zhaobo (zhaobo6)
         Status: New

** Changed in: neutron
     Assignee: (unassigned) => zhaobo (zhaobo6)

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1517818

Title:
  update rbac policy with any input when there is only 1 policy in
  system

Status in neutron:
  New

Bug description:
  I leave a policy in rbac. This policy is created by admin user . I
  stay in use the same user. And now I can use  neutron rbac-update [any
  values] , then it will return error.

  
  repro
  --------------
  neutron rbac-list
  +--------------------------------------+--------------------------------------+
  | id                                   | object_id                            |
  +--------------------------------------+--------------------------------------+
  | d14a977d-c19f-4bf5-abe1-d5820456385e | a80d09eb-9ef2-47a4-baac-90133894366a |
  +--------------------------------------+--------------------------------------+

  neutron rbac-update 2222222
  ---------------------------------------------------------------------------------
  Conflict: RBAC policy on object a80d09eb-9ef2-47a4-baac-90133894366a cannot be removed because other objects depend on it.
  Details: Callback neutron.plugins.ml2.plugin.Ml2Plugin.validate_network_rbac_policy_change failed with "Unable to reconfigure sharing settings for network a80d09eb-9ef2-47a4-baac-90133894366a. Multiple tenants are using it."
  log
  ---------------
  2015-11-19 10:05:43.024 ERROR neutron.callbacks.manager [req-99ef207b-7422-4bb7-a257-4c7ee00ee114 admin 5d73438ed76a4399b8d2996a699146c5] Error during notification for neutron.plugins.ml2.plugin.Ml2Plugin.validate_network_rbac_policy_change rbac-policy, before_update
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager Traceback (most recent call last):
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager   File "/opt/stack/neutron/neutron/callbacks/manager.py", line 141, in _notify_loop
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager     callback(resource, event, trigger, **kwargs)
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager   File "/opt/stack/neutron/neutron/db/db_base_plugin_v2.py", line 142, in validate_network_rbac_policy_change
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager     tenant_to_check = None
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager   File "/opt/stack/neutron/neutron/db/db_base_plugin_v2.py", line 190, in ensure_no_tenant_ports_on_network
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager     raise n_exc.InvalidSharedSetting(network=network_id)
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager InvalidSharedSetting: Unable to reconfigure sharing settings for network a80d09eb-9ef2-47a4-baac-90133894366a. Multiple tenants are using it.
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1517818/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next