This is on a stable Stein Devstack. Problem description:
ubuntu@devstack:~$ oslopolicy-sample-generator --namespace keystone
/etc/keystone/policy.json
ubuntu@devstack:~$ openstack user list Internal Server Error (HTTP 500)
Note that I did not modify the policy.json file above. It's mere presence is sufficient to cause the problem. When I remove it and restart Keystone, the problem goes away.
The Keystone log contains a huge stacktrace with two methods in oslopolicy/_checks.py playing ping-pong with each other until they give up with RuntimeError: maximum recursion depth exceeded.
This only happens with Keystone. Nova and Cinder (which also keep policy in code) are fine.
This looks like a bug, but I didn't find it in launchpad. Is there a workaround? I would like to use a modified Keystone policy in a training course.
Thanks for any feedback.
Bernd.