Deleting 'default' security group of a non-admin tenant by admin is not working
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Juniper Openstack |
Fix Committed
|
Undecided
|
Babu Shanmugam | ||
OpenContrail |
Fix Committed
|
Undecided
|
Babu Shanmugam |
Bug Description
There are some contradictory behaviour of the 'default' security group created for each tenant when compared with OVS neutron plugin. With OVS plugin, the admin user can delete the 'default' SG of any tenant except its own. Where as, contrail does not allow for the admin user to delete the default SG of other tenants.
After deleting the 'default' SG by admin, following scenarios were observed.
1. Create a new SG with name 'default' - Denied with reason "Default security group already exists."
2. Show 'default' SG - Shows a newly created 'default' SG details
3. List SGs - List result includes newly created 'default' SG
4. Update 'default' SG - Updates a newly created SG
5. SG rule-list - Does not include the rules that belonged to 'default' group
6. SG rule-create - Creates a rule and adds to the newly created 'default' SG group's rules.
tags: | added: config |
Changed in opencontrail: | |
assignee: | nobody → Babu Shanmugam (anbu-p) |
Changed in juniperopenstack: | |
assignee: | nobody → Babu Shanmugam (anbu-p) |
Reviewed: https:/ /review. opencontrail. org/5189 github. org/Juniper/ contrail- controller/ commit/ 50e23cb8af5f0cc cf50dfb82fbb936 d732c1a78e
Committed: http://
Submitter: Zuul
Branch: master
commit 50e23cb8af5f0cc cf50dfb82fbb936 d732c1a78e
Author: Babu Shanmugam <email address hidden>
Date: Wed Dec 3 08:31:43 2014 +0000
Fix contradictory behaviour of default security group
Closes-Bug: #1398732
Change-Id: I0f0fb12aa3e65f b38d0237ba34907 5f3e802ee6f