Bug 1302029

Summary: Skyring tries to create admin user
Product: Red Hat Storage Console Reporter: Martin Kudlej <mkudlej>
Component: coreAssignee: gowtham <gshanmug>
core sub component: authentication QA Contact: sds-qe-bugs
Status: CLOSED CURRENTRELEASE Docs Contact:
Severity: unspecified    
Priority: unspecified CC: mbukatov, mkudlej, nthomas, sankarshan
Version: 2   
Target Milestone: ---   
Target Release: 2   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2018-11-19 05:33:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Martin Kudlej 2016-01-26 15:04:34 UTC
Description of problem:
During starting process skyring tries to create "admin" user in DB. This is wrong according PRD, because skyring should support LDAP authentication. Cite:
System will not support both locally managed and AD/LDAP users concurrently. Specifically if AD/LDAP is configured, System will only use AD/LDAP for authentication and authorization and all local users will be disabled. When AD/LDAP is configured, a privileged (superuser) must be configured at that time.

Version-Release number of selected component (if applicable):
rhscon-core-0.0.7-0.1.alpha1.el7.x86_64
rhscon-ui-0.0.6-0.1.alpha1.el7.noarch
rhscon-ceph-0.0.5-0.1.alpha1.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1. start skyring binary

Actual results:
Skyring binary tries to create "admin" user during start.

Expected results:
Skyring binary will not try to create "admin" user during start.

Additional info:
2016-01-26T16:02:03.683+01:00 ERROR    auth.go:197 AddUser] Username already exists
2016-01-26T16:02:03.683+01:00 ERROR    auth.go:38 AddDefaultUser] Unable to create default User:user already exists

Comment 2 Nishanth Thomas 2016-03-10 09:51:24 UTC
admin user is allowed always regardless of whether the system is configured with LDAP or not. 'admin' is the so called superuser. If ldap is configured and the local users other than admin is allowed to login, then it is a bug. Is that happening?

Comment 4 Martin Bukatovic 2016-06-07 17:27:15 UTC
Adding current version of the log message to make this BZ easier to find.

Here are few first lines found in the log when skyring service was started:

~~~
2016-06-07T18:54:09.442+02:00 ERROR    auth.go:197 AddUser] Username: admin already exists
2016-06-07T18:54:09.442+02:00 ERROR    auth.go:41 AddDefaultUser] Unable to create default User:user already exists
2016-06-07T18:54:09.449+02:00 INFO     main.go:214 start] Starting the providers
2016-06-07T18:54:09.45+02:00 DEBUG    provider-conf.go:57 LoadProviderConfig] File Name: ceph.conf
2016-06-07T18:54:09.45+02:00 DEBUG    provider-conf.go:57 LoadProviderConfig] File Name: ceph.dat
2016-06-07T18:54:09.45+02:00 DEBUG    provider-conf.go:57 LoadProviderConfig] File Name: ceph.evt
~~~

Comment 5 Martin Kudlej 2016-07-14 08:25:01 UTC
Tested with 
ceph-ansible-1.0.5-25.el7scon.noarch
ceph-installer-1.0.12-4.el7scon.noarch
rhscon-ceph-0.0.32-1.el7scon.x86_64
rhscon-core-0.0.33-1.el7scon.x86_64
rhscon-core-selinux-0.0.33-1.el7scon.noarch
rhscon-ui-0.0.47-1.el7scon.noarch
and there is no error message in logs about creating user. Agreement is that admin will be created if there is no account like that in USM. --> VERIFIED