Actions
Feature #1237
closedmds caps limit mount to some subdir
Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
Reviewed:
Affected Versions:
Component(FS):
Labels (FS):
Pull request ID:
Description
About a year ago the ceph.conf supported something like:
[:/foo] allow = 192.168.0.24
This way you could limit access to specific parts of the tree to clients.
Since Ceph is one big filesystem you would need such a feature to use Ceph safely for multiple tasks.
This could be connected to the name the client is authenticating with?
[:/] policy = deny allow = client.admin, client.server1, client.server2 [:/foo] policy = allow deny = client.server1 [:/alpha] policy = allow deny = client.server2 [:/beta] allow = client.server3
Something like that should cover it all?
Updated by Sage Weil over 12 years ago
- Subject changed from Support ACL's again for limiting clients to specific parts of the tree to mds caps limit mount to some subdir
- Translation missing: en.field_position set to 1
- Translation missing: en.field_position changed from 1 to 809
Updated by Sage Weil over 12 years ago
- Translation missing: en.field_position deleted (
830) - Translation missing: en.field_position set to 827
Updated by Maciej Galkiewicz about 12 years ago
Is there any progress on this issue?
Updated by Greg Farnum about 12 years ago
Nope — as with all the other MDS stuff, this is currently not a priority.
Updated by Loïc Dachary over 9 years ago
- Project changed from Ceph to CephFS
- Category deleted (
cephx)
Updated by Greg Farnum almost 8 years ago
- Status changed from New to Resolved
We did this last summer! Check out the MDS cephx cap configuration docs.
Actions