OpenStack Identity (keystone)

  1. Bug #1522616
  2. Activity log

Activity log for bug #1522616

Date Who What changed Old value New value Message
2015-12-03 23:02:43 Lance Bragstad bug added bug
2015-12-03 23:06:56 Lance Bragstad description We currently forbid the ability of deleting the default domain [0] (or at least make it really hard to do so). There is nothing in the update domain flow that protects against disabling the default domain. We should add the same check to prevent someone from accidentally disabling the default domain. Otherwise it just exposes the same behavior that we wanted to prevent in the first place. [0] https://github.com/openstack/keystone/blob/45c19fcd8c4cc382a7471432cd9f72b809e1d5b1/keystone/resource/core.py#L526-L532 We currently forbid the ability of deleting the default domain [0] (or at least make it really hard to do so). There is nothing in the update domain flow that protects against disabling the default domain. We should add the same check to prevent someone from accidentally disabling the default domain. Otherwise it just exposes the same behavior that we wanted to prevent in the first place. I was able to recreate this with these steps - http://cdn.pasteraw.com/38uku7bb83dt4prj6f66hc9ccuft0ew [0] https://github.com/openstack/keystone/blob/45c19fcd8c4cc382a7471432cd9f72b809e1d5b1/keystone/resource/core.py#L526-L532
2015-12-04 03:29:39 Steve Martinelli keystone: importance Undecided Medium
2015-12-04 03:30:27 Steve Martinelli keystone: status New Triaged
2015-12-10 17:43:49 Navid Pustchi keystone: assignee Navid Pustchi (npustchi)
2015-12-21 15:57:55 OpenStack Infra keystone: status Triaged In Progress
2016-01-13 14:46:05 OpenStack Infra keystone: status In Progress Fix Released
2016-01-13 16:07:15 Steve Martinelli keystone: milestone mitaka-2