Bug #23776: ceph-authtool reports 0 caps for any keyring created - Ceph - Ceph

Actions

Copy link

Bug #23776

closed

ceph-authtool reports 0 caps for any keyring created

Added by Keith Schincke about 6 years ago. Updated over 3 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Nathan Cutler

Category:

Target version:

% Done:

Source:

Tags:

Backport:

mimic,luminous

Regression:

Severity:

3 - minor

Reviewed:

Affected Versions:

v10.2.10

ceph-qa-suite:

Pull request ID:

23304

Crash signature (v1):

Crash signature (v2):

Description

When creating a keyring with any number of capabilities, the ceph-authtool always reports "0 caps"

This has been tagged as impacting 10.2.10 but the impacted code has been in the source tree for at least 8 years.

Example:

touch test.keyring
ceph-authtool test.keyring --name client.test --cap osd 'allow rwx' --cap mon 'allow r' --add-key AQBw99VaAAAAABAAiOuv5Wl2Vnf29RvsJ9kUUA==
added entity client.test auth auth(auid = 18446744073709551615 key=AQBw99VaAAAAABAAiOuv5Wl2Vnf29RvsJ9kUUA== with 0 caps)
cat test.keyring
[client.test]
key = AQBw99VaAAAAABAAiOuv5Wl2Vnf29RvsJ9kUUA==
caps mon = "allow r"
caps osd = "allow rwx"

Software version:

rpm -q ceph
ceph-10.2.10-0.el7.x86_64

(1) below is where the output stream for the Eauth object is generated. the call to a.caps.size() returns 0.
However, the caps do not seem to be added to the Eauth object until lines 289 or 293 of (2).

Perhaps the following code changes be made:
1) update (1) to not print the size of the caps since it is empty at this point
2) update (3) to output the number of caps added to the key. Perhaps something like:
cout << "Added " << keys[name].caps.size{} << " caps to " << keys[name].auid << std::endl ;

1: https://github.com/ceph/ceph/blob/master/src/auth/Auth.h#L52
2: https://github.com/ceph/ceph/blob/master/src/tools/ceph_authtool.cc
3: https://github.com/ceph/ceph/blob/master/src/auth/KeyRing.h#L91

Related issues 2 (0 open — 2 closed)