Actions
Bug #24433
closedcaps doesn't support mix of "profile rbd" and "allow rw"
Status:
Rejected
Priority:
Normal
Assignee:
-
Target version:
-
% Done:
0%
Source:
Tags:
caps
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
I try to create an user who has capabilites to access to differents rbd pools and a cephfs pool.
I put the caps like this:
client.data key: AQxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx== caps: [mds] allow r,allow rw path=/ caps: [mon] allow r,profile rbd caps: [mgr] allow r caps: [osd] profile rbd pool=data-containers,profile rbd pool=data,allow rw tag cephfs data=cephfs_data
It didn't work, I lost access to the two pools (cephfs and rbd).
When I put:
client.data key: AQxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx== caps: [mon] profile rbd caps: [mgr] allow r caps: [osd] profile rbd pool=data-containers,profile rbd pool=data
Access to the rbd pools is OK.
And with:
client.data key: AQxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx== caps: [mds] allow r,allow rw path=/ caps: [mon] allow r caps: [mgr] allow r caps: [osd] allow rw tag cephfs data=cephfs_data
Access to cephfs is OK.
I didn't see that you can't mix the caps in the documentation.
I'm missing something or it is a bug ?
Actions