port can't be created/updated with different tenant's security-group
Bug #1515879 reported by
Itsuro Oda
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
neutron |
Expired
|
Undecided
|
Unassigned |
Bug Description
It is available in icehouse.
0. assume admin user executes
1. $ neutron security-
2. $ neutron port-create --tenant-id tenant2 --security-groutp <uuid of sec1> net1
success
But current system (juno and later):
port-create fails with "Security group <uuid of sec1> does not exist".
This is reported by my customer who uses icehouse currently and plans to upgrade to recent release.
This is real use case though above example is simplified a lot.
This is cased by the following fix:
https:/
I think incompatibility was introduced unintentionally by the fix.
tags: | added: sg-fw |
Changed in neutron: | |
assignee: | nobody → Kenji Yasui (k-yasui) |
Changed in neutron: | |
assignee: | nobody → Srijani Das (srijani) |
Changed in neutron: | |
assignee: | Srijani Das (srijani) → nobody |
To post a comment you must log in.
Can you please clarify why the admin user is creating the security group for tenant1 and then creating a port for tenant2 using this security group.
Why are they doing that?