Public bug reported: Keystone cleans up role assignments a user has on projects and domains when deleting the user. This isn't true for system role assignments. Instead, they are left after the user is deleted. I recreate the issue by doing the following with a basic devstack install:
$ openstack user create bob $ openstack role add --user bob --system all admin $ openstack role assignment list --names (bob will have a role assignment on the system) $ openstack user delete bob $ openstack role assignment list --names (an empty assignment will exist on the system) Paste recreating the issue [0]. [0] http://paste.openstack.org/raw/671038/ ** Affects: keystone Importance: High Status: Triaged ** Changed in: keystone Milestone: None => queens-rc2 ** Changed in: keystone Status: New => Triaged ** Changed in: keystone Importance: Undecided => High -- You received this bug notification because you are a member of Yahoo! Engineering Team, which is subscribed to OpenStack Identity (keystone). https://bugs.launchpad.net/bugs/1749264 Title: System role assignments exist after removing users Status in OpenStack Identity (keystone): Triaged Bug description: Keystone cleans up role assignments a user has on projects and domains when deleting the user. This isn't true for system role assignments. Instead, they are left after the user is deleted. I recreate the issue by doing the following with a basic devstack install: $ openstack user create bob $ openstack role add --user bob --system all admin $ openstack role assignment list --names (bob will have a role assignment on the system) $ openstack user delete bob $ openstack role assignment list --names (an empty assignment will exist on the system) Paste recreating the issue [0]. [0] http://paste.openstack.org/raw/671038/ To manage notifications about this bug go to: https://bugs.launchpad.net/keystone/+bug/1749264/+subscriptions -- Mailing list: https://launchpad.net/~yahoo-eng-team Post to : [email protected] Unsubscribe : https://launchpad.net/~yahoo-eng-team More help : https://help.launchpad.net/ListHelp
