Fix #6075
closed
ceph.client.admin.keyring doesn't allow read to non-root users
Added by John Wilkins over 10 years ago.
Updated almost 10 years ago.
Description
The ceph-create-keys script creates the file with 0600 and this causes issues when deploying. Our docs have to add this extra step
of calling chmod on that file.
- Status changed from New to 12
- Priority changed from Normal to High
- Tracker changed from Feature to Fix
- Project changed from devops to Ceph
- Subject changed from ceph-deploy: admin push should have a chmod option to ceph.client.admin.keyring doesn't allow read to non-root users
- Category deleted (
ceph-deploy)
- Description updated (diff)
- Status changed from 12 to Fix Under Review
- Status changed from Fix Under Review to Rejected
The admin keyring should remain with those permissions as they give superuser access to the cluster.
I think that docs-wise this means that we should encourage `sudo` or root when operating the cluster.
Also available in: Atom
PDF