Project

General

Profile

Actions
Copy link

Bug #24433

closed

caps doesn't support mix of "profile rbd" and "allow rw"

Added by Fabien Brachere almost 6 years ago. Updated almost 6 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Target version:
-
% Done:

0%

Source:
Tags:
caps
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
Ceph - v12.2.4
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

I try to create an user who has capabilites to access to differents rbd pools and a cephfs pool.
I put the caps like this:

client.data
    key: AQxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==
    caps: [mds] allow r,allow rw path=/
    caps: [mon] allow r,profile rbd
    caps: [mgr] allow r 
    caps: [osd] profile rbd pool=data-containers,profile rbd pool=data,allow rw tag cephfs data=cephfs_data

It didn't work, I lost access to the two pools (cephfs and rbd).
When I put:
client.data
    key: AQxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==
    caps: [mon] profile rbd
    caps: [mgr] allow r 
    caps: [osd] profile rbd pool=data-containers,profile rbd pool=data

Access to the rbd pools is OK.
And with:
client.data
    key: AQxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx==
    caps: [mds] allow r,allow rw path=/
    caps: [mon] allow r
    caps: [mgr] allow r 
    caps: [osd] allow rw tag cephfs data=cephfs_data

Access to cephfs is OK.

I didn't see that you can't mix the caps in the documentation.
I'm missing something or it is a bug ?

Actions
Copy link

Also available in: Atom PDF