← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #41575

[Bug 1517818] Re: update rbac policy with any input when there is only 1 policy in system

  Thread PreviousDate PreviousThread Next 
This is a combination of bugs. Neutronclient is trying to lookup using
the 'name' field which doesn't exist on policies. But even if it were
using the correct 'id' field, filtering is broken for UnionModels which
RBAC depends on.

** Also affects: python-neutronclient
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1517818

Title:
  update rbac policy with any input when there is only 1 policy in
  system

Status in neutron:
  New
Status in python-neutronclient:
  In Progress

Bug description:
  I leave a policy in rbac. This policy is created by admin user . I
  stay in use the same user. And now I can use  neutron rbac-update [any
  values] , then it will return error.

  
  repro
  --------------
  neutron rbac-list
  +--------------------------------------+--------------------------------------+
  | id                                   | object_id                            |
  +--------------------------------------+--------------------------------------+
  | d14a977d-c19f-4bf5-abe1-d5820456385e | a80d09eb-9ef2-47a4-baac-90133894366a |
  +--------------------------------------+--------------------------------------+

  neutron rbac-update 2222222
  ---------------------------------------------------------------------------------
  Conflict: RBAC policy on object a80d09eb-9ef2-47a4-baac-90133894366a cannot be removed because other objects depend on it.
  Details: Callback neutron.plugins.ml2.plugin.Ml2Plugin.validate_network_rbac_policy_change failed with "Unable to reconfigure sharing settings for network a80d09eb-9ef2-47a4-baac-90133894366a. Multiple tenants are using it."
  log
  ---------------
  2015-11-19 10:05:43.024 ERROR neutron.callbacks.manager [req-99ef207b-7422-4bb7-a257-4c7ee00ee114 admin 5d73438ed76a4399b8d2996a699146c5] Error during notification for neutron.plugins.ml2.plugin.Ml2Plugin.validate_network_rbac_policy_change rbac-policy, before_update
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager Traceback (most recent call last):
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager   File "/opt/stack/neutron/neutron/callbacks/manager.py", line 141, in _notify_loop
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager     callback(resource, event, trigger, **kwargs)
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager   File "/opt/stack/neutron/neutron/db/db_base_plugin_v2.py", line 142, in validate_network_rbac_policy_change
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager     tenant_to_check = None
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager   File "/opt/stack/neutron/neutron/db/db_base_plugin_v2.py", line 190, in ensure_no_tenant_ports_on_network
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager     raise n_exc.InvalidSharedSetting(network=network_id)
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager InvalidSharedSetting: Unable to reconfigure sharing settings for network a80d09eb-9ef2-47a4-baac-90133894366a. Multiple tenants are using it.
  2015-11-19 10:05:43.024 TRACE neutron.callbacks.manager

To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1517818/+subscriptions

References

  Thread PreviousDate PreviousThread Next