[ceph-users] Ceph auth profile definitions
jdillama at redhat.com
Thu Nov 9 05:26:46 PST 2017
They are currently defined to the following (translated to cap syntax):
mon: 'allow service mon r, allow service osd r, allow service pg r,
allow command "osd blacklist" with blacklistop=add addr regex
osd: 'allow class-read object_prefix rbd_children, allow class-read
object_prefix rbd_mirroring, allow [pool <pool name>] rwx'
On Thu, Nov 9, 2017 at 5:24 AM, John Spray <jspray at redhat.com> wrote:
> On Thu, Nov 9, 2017 at 10:12 AM, Marc Roos <M.Roos at f1-outsourcing.eu> wrote:
> > How/where can I see how eg. 'profile rbd' is defined?
> > As in
> > [client.rbd.client1]
> > key = xxx==
> > caps mon = "profile rbd"
> > caps osd = "profile rbd pool=rbd"
> The profiles are defined internally and are subject to change, but you
> can peek at them in the code:
> > _______________________________________________
> > ceph-users mailing list
> > ceph-users at lists.ceph.com
> > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
> ceph-users mailing list
> ceph-users at lists.ceph.com
More information about the ceph-users