Bug 1489391 - RGW User creation inconsistency when given the same 'access_key' name
Summary: RGW User creation inconsistency when given the same 'access_key' name
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat Storage
Component: RGW
Version: 3.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: rc
: 3.0
Assignee: Casey Bodley
QA Contact: Manohar Murthy
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-09-07 10:43 UTC by shilpa
Modified: 2022-02-21 18:03 UTC (History)
10 users (show)

Fixed In Version: RHEL: ceph-12.2.1-14.el7cp Ubuntu: ceph_12.2.1-16redhat1xenial
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-12-05 23:42:05 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Ceph Project Bug Tracker 21685 0 None None None 2017-10-05 20:58:15 UTC
Red Hat Product Errata RHBA-2017:3387 0 normal SHIPPED_LIVE Red Hat Ceph Storage 3.0 bug fix and enhancement update 2017-12-06 03:03:45 UTC

Description shilpa 2017-09-07 10:43:54 UTC 
Description of problem:


Version-Release number of selected component (if applicable):
ceph-radosgw-12.2.0-1.el7cp.x86_64


Steps to Reproduce:
1. Create a user 'testx$tester' in a tenant 
2. Create another user 'testx$testabc' in the same tenant with the same 'access_key' name but different 'secret_key'

Actual results:
The command succeeds, but there is no user by name u2 created. Instead, it replaces the existing u1's access-key and secret-key 

Additional info:
Users before creating 'testx$testabc'


    "testy$test",
    "testx$test1",
    "testuser",
    "testy$tester",
    "testx$tester",
    "synchronization-user"

Existing user:

# radosgw-admin user info --tenant testx --uid tester --cluster ceph1

{
    "user_id": "testx$tester",
    "display_name": "Test User",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "auid": 0,
    "subusers": [],
    "keys": [
        {
            "user": "testx$tester",
            "access_key": "TESTER",
            "secret_key": "test123"


Create new user 'testabc' with same access_key:

# radosgw-admin --tenant testx --uid testabc --display-name "Test User" --access_key TESTER --secret testabc user create --cluster ceph1

{
    "user_id": "testx$tester", -------> created with a wrong user id 'tester'
    "display_name": "Test User",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "auid": 0,
    "subusers": [],
    "keys": [
        {
            "user": "testx$tester",
            "access_key": "TESTER",
            "secret_key": "testabc"
        }

The output shows that a user is created. But it is actually replacing the existing user 'testx$tester' secret_key with the the new user's secret_key

# radosgw-admin user info --tenant testx --uid testabc --cluster ceph1
could not fetch user info: no user info saved

# radosgw-admin user info --tenant testx --uid tester --cluster ceph1

{
    "user_id": "testx$tester",
    "display_name": "Test User",
    "email": "",
    "suspended": 0,
    "max_buckets": 1000,
    "auid": 0,
    "subusers": [],
    "keys": [
        {
            "user": "testx$tester",
            "access_key": "TESTER",
            "secret_key": "testabc" --------> the secret_key is replaced 
        }


Expected result:
The user create command should have failed and not replace the secret_key of another user.
Comment 10 errata-xmlrpc 2017-12-05 23:42:05 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:3387
Note You need to log in before you can comment on or make changes to this bug.