OpenStack Identity (Keystone)

deleting a tenant does not cleanup its user associations

Reported by J. Daniel Schmidt on 2012-04-05
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Keystone
Undecided
Bernhard M. Wiedemann
Essex
Medium
Unassigned
keystone (Ubuntu)
Undecided
Unassigned
Precise
Undecided
Unassigned

Bug Description

When deleting a tenant its user associations are not cleaned up.

This report is created on behalf of comment 14 of bug 959294.

J. Daniel Schmidt (jdsn) on 2012-04-05
Changed in keystone:
assignee: nobody → J. Daniel Schmidt (jdsn)
Changed in keystone:
status: New → In Progress
Changed in keystone:
assignee: J. Daniel Schmidt (jdsn) → Bernhard M. Wiedemann (ubuntubmw)

Reviewed: https://review.openstack.org/6216
Committed: http://github.com/openstack/keystone/commit/6384281d711639b752f73b9a5780ab4924b0e64f
Submitter: Jenkins
Branch: master

commit 6384281d711639b752f73b9a5780ab4924b0e64f
Author: J. Daniel Schmidt <email address hidden>
Date: Wed Apr 4 10:51:46 2012 +0200

    cleanup dependent data upon user/tenant deletion

    fixes bug 974199
    fixes bug 973243

    * upon deletion of tenant also delete user tenant relations
    * upon deletion of tenant or user also delete corresponding metadata
    * add foreign keys in metadata to ensure consistency

    see also: https://bugs.launchpad.net/keystone/+bug/959294/comments/16

    Change-Id: I264714fe82b727e3e0f5273bcb781a580a3f3826

Changed in keystone:
status: In Progress → Fix Committed
Joseph Heck (heckj) on 2012-05-20
Changed in keystone:
milestone: none → folsom-1
Thierry Carrez (ttx) on 2012-05-23
Changed in keystone:
status: Fix Committed → Fix Released

Reviewed: https://review.openstack.org/7482
Committed: http://github.com/openstack/keystone/commit/0b95c3cf66659a828de055b8d026c11e333cd8c8
Submitter: Jenkins
Branch: stable/essex

commit 0b95c3cf66659a828de055b8d026c11e333cd8c8
Author: J. Daniel Schmidt <email address hidden>
Date: Thu Jul 12 11:22:33 2012 +0200

    cleanup dependent data upon user/tenant deletion

    fixes bug 974199
    fixes bug 973243

    * upon deletion of tenant also delete user tenant relations
    * upon deletion of tenant or user also delete corresponding metadata
    * add foreign keys in metadata to ensure consistency

    see also: https://bugs.launchpad.net/keystone/+bug/959294/comments/16

    Change-Id: I264714fe82b727e3e0f5273bcb781a580a3f3826

tags: added: in-stable-essex
Zane Williamson (zane-j) wrote :

I applied patch, but still receiving login error. Does Keystone need to be restarted?

Dave Walker (davewalker) on 2012-08-24
Changed in keystone (Ubuntu):
status: New → Fix Released
Changed in keystone (Ubuntu Precise):
status: New → Confirmed

Please find the attached test log from the Ubuntu Server Team's CI infrastructure. As part of the verification process for this bug, Keystone has been deployed and configured across multiple nodes using precise-proposed as an installation source. After successful bring-up and configuration of the cluster, a number of exercises and smoke tests have be invoked to ensure the updated package did not introduce any regressions. A number of test iterations were carried out to catch any possible transient errors.

Please Note the list of installed packages at the top and bottom of the report.

For records of upstream test coverage of this update, please see the Jenkins links in the comments of the relevant upstream code-review(s):

Trunk review: https://review.openstack.org/6216
Stable review: https://review.openstack.org/7482

As per the provisional Micro Release Exception granted to this package by the Technical Board, we hope this contributes toward verification of this update.

Adam Gandelman (gandelman-a) wrote :

Test coverage log.

tags: added: verification-done

The verification of this Stable Release Update has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package keystone - 2012.1+stable~20120824-a16a0ab9-0ubuntu2

---------------
keystone (2012.1+stable~20120824-a16a0ab9-0ubuntu2) precise-proposed; urgency=low

  * New upstream release (LP: #1041120):
    - debian/patches/0013-Flush-tenant-membership-deletion-before-user.patch:
      Dropped.
  * Resynchronize with stable/essex:
    - authenticate in ldap backend doesn't return a list of roles
      (LP: #1035428)
    - LDAP should not check username on "sn" field (LP: #997700)
    - Admin API doesn't valid token. (LP: #1006815, #1006822)
    - Memcache token backend eventually stops working. (LP: #1012381)
    - EC2 credentials not migrated from legacy (diablo) database. (LP: #1016056)
    - Deleting tenants or users does not cleanup metadata. (LP: #973243)
    - Deleting tenants does not cleanup its user associations. (LP: #974199)
    - TokenNotFound not raised in testsuite beacuse of timezone issues. (LP: #983800)
    - Token authentication for a user in a disabled tenant does not raise
      Unauthorized error. (LP: #988920)
    - export_legacy_catalog doesn't convert url names correctly. (LP: #994936)
    - Following a password compromise and subsequent password change,
      tokens remain valid. (LP: #996595)
    - Tokens remain valid after a user account is disabled. (LP: #997194)
 -- Adam Gandelman <email address hidden> Fri, 24 Aug 2012 03:34:59 -0400

Changed in keystone (Ubuntu Precise):
status: Confirmed → Fix Released
Thierry Carrez (ttx) on 2012-09-27
Changed in keystone:
milestone: folsom-1 → 2012.2
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers