Feature #54580
common/options: add FLAG_SECURE to Ceph options
% Done:
0%
Source:
Support
Tags:
Backport:
quincy, pacific
Reviewed:
Affected Versions:
Component(RADOS):
Monitor, ceph cli
Pull request ID:
Tags:
Description
Context¶
It has been reported by several users that ceph config dump
and ceph config-key dump
may expose sensitive information (Grafana admin password, RGW API keys, RBD mirror secrets, etc.). These users would prefer to have a dump that omits or redacts the secrets from that output (in a similar way as password inputs mask the remembered passwords).
# ceph config-key dump ... "config-history/xx/+mgr/mgr/dashboard/RGW_API_ACCESS_KEY": "12345679ABCDEF", ...
Implementation proposal¶
Ceph options support flags, so a new flag (e.g.: FLAG_SECRET
) could be used to hint that a given option contains sensitive information and it therefore shouldn't be reproduced by default.
In order to still allow users to perform a complete dump of settings, a new command option should be specified (e.g.: @ceph config-key dump --include-secrets).
Before:
# ceph config-key dump ... "config-history/xx/+mgr/mgr/dashboard/RGW_API_ACCESS_KEY": "*****************", ...
After:
# ceph config-key dump --secrets ... "config-history/xx/+mgr/mgr/dashboard/RGW_API_ACCESS_KEY": "12345679ABCDEF", ...