Backport #48638: nautilus: pybind/ceph_volume_client: allows authorize on auth_ids not created through ceph_volume_client - CephFS - Ceph

Backport #48638

Updated by Patrick Donnelly over 3 years ago

<pre> 
 commit 7e3e4e73783a98bb07ab399438eb3aab41a6fc8b upstream/heads/nautilus (upstream/heads/nautilus) 
 gpg: Signature made Wed 16 Dec 2020 08:23:02 AM PST 
 gpg:                  using RSA key 88AD60FFD3FC04B6DB87CBAC3A2A7E25BEA8AADB 
 gpg: Good signature from "Patrick Joseph Donnelly (Hacker) <batrick@batbytes.com>" [ultimate] 
 gpg:                   aka "Patrick Joseph Donnelly (Software Engineer) <pdonnell@redhat.com>" [ultimate] 
 Merge: afdd217ae5f a18b92d39f5 
 Author: Patrick Donnelly <pdonnell@redhat.com> 
 Date:     Wed Dec 16 08:22:51 2020 -0800 

     Merge branch 'CVE-2020-27781-nautilus' into nautilus 
    
     * CVE-2020-27781-nautilus: 
       tasks/cephfs/test_volume_client: Add tests for authorize/deauthorize 
       pybind/ceph_volume_client: Optionally authorize existing auth-ids 
       pybind/ceph_volume_client: Preserve existing caps while authorize/deauthorize auth-id 
       pybind/ceph_volume_client: Disallow authorize auth_id 
       pybind/ceph_volume_client: Fix PEP-8 SyntaxWarning 
    
     Reviewed-by: Ramana Raja <rraja@redhat.com> 
     Reviewed-by: Kotresh Hiremath Ravishankar <khiremat@redhat.com> 
 </pre>

Back

Project

General

Profile

Ceph » CephFS

Backport #48638