Bug #23776
closedceph-authtool reports 0 caps for any keyring created
0%
Description
When creating a keyring with any number of capabilities, the ceph-authtool always reports "0 caps"
This has been tagged as impacting 10.2.10 but the impacted code has been in the source tree for at least 8 years.
Example:- touch test.keyring
- ceph-authtool test.keyring --name client.test --cap osd 'allow rwx' --cap mon 'allow r' --add-key AQBw99VaAAAAABAAiOuv5Wl2Vnf29RvsJ9kUUA==
added entity client.test auth auth(auid = 18446744073709551615 key=AQBw99VaAAAAABAAiOuv5Wl2Vnf29RvsJ9kUUA== with 0 caps) - cat test.keyring
[client.test]
key = AQBw99VaAAAAABAAiOuv5Wl2Vnf29RvsJ9kUUA==
caps mon = "allow r"
caps osd = "allow rwx"
- rpm -q ceph
ceph-10.2.10-0.el7.x86_64
(1) below is where the output stream for the Eauth object is generated. the call to a.caps.size() returns 0.
However, the caps do not seem to be added to the Eauth object until lines 289 or 293 of (2).
Perhaps the following code changes be made:
1) update (1) to not print the size of the caps since it is empty at this point
2) update (3) to output the number of caps added to the key. Perhaps something like:
cout << "Added " << keys[name].caps.size{} << " caps to " << keys[name].auid << std::endl ;
1: https://github.com/ceph/ceph/blob/master/src/auth/Auth.h#L52
2: https://github.com/ceph/ceph/blob/master/src/tools/ceph_authtool.cc
3: https://github.com/ceph/ceph/blob/master/src/auth/KeyRing.h#L91