Actions
Bug #22784
openKey exported from auth keyring is not imported properly
Status:
Fix Under Review
Priority:
Normal
Assignee:
-
Category:
cephx
Target version:
-
% Done:
0%
Source:
Tags:
mon,cephx,auth
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Description
Exporting a key with " in there is exported to a file, but importing this key again seems to succeed, but the mon caps are missing:
The resulting file contains:
[client.rbd] key = AQA5R8dWPYvJCxAAvdhxx7UIKzFofSyRb4VrwQ== caps mon = "allow r, allow command "osd blacklist"" caps osd = "allow class-read object_prefix rbd_children, allow rwx pool=rbd"
If you use this command:
ceph auth import -i client.rbd
The resulting key becomes:
client.rbd key: AQA5R8dWPYvJCxAAvdhxx7UIKzFofSyRb4VrwQ== caps: [osd] allow class-read object_prefix rbd_children, allow rwx pool=rbd
The 'mon' caps are lost in this case and that is a problem.
The double quotes are causing problems here.
Actions