Actions
Feature #17448
closedEnforce auth caps in DaemonServer::handle_command
Status:
Resolved
Priority:
High
Assignee:
-
Category:
ceph-mgr
Target version:
-
% Done:
0%
Source:
other
Tags:
Backport:
Reviewed:
Affected Versions:
Pull request ID:
Description
Initially I suggest we rely on an "allow *" capability to permit people to run commands.
Updated by Sage Weil almost 7 years ago
- Status changed from New to Resolved
We basically re-used the MonCap structure unchanged in the mon. allow * lets you do everything, or you can whitelist specific commands, or define profiles (which have different meaning if you are mon or mgr).
Actions