On Fri, Apr 15, 2011 at 01:44:39AM +0200, Zenon Panoussis wrote: > I'm facing yet another one of "those problems", more likely caused by > lack of knowledge and/or documentation than by anything else. > > # mount.ceph 192.168.178.100:6789:/ /vol > mount error 22 = Invalid argument > > # dmesg -c > libceph: no secret set (for auth_x protocol) > libceph: error -22 on auth protocol 2 init > > It looks very much like http://marc.info/?l=ceph-devel&m=130072087704874&w=2 . > Yes, I have enabled cephx, but I have no clue how to tell the client what key > to use. I tried Yup, those mean your server demands authentication but your client didn't provide it. > # cauthtool -l /etc/ceph/admin.keyring > # mount.ceph 192.168.178.100:6789:/ /vol -v -o name=<auid>,secret=<key> > > but all I got was > > ceph: Unknown mount option name > ceph: Unknown mount option secret > mount error 1 = Operation not permitted > > Yet, 'man mount.ceph' says > > name string, used with authx, Default: guest > secret string, used with authx > > Commenting out "auth supported = cephx" gets rid of the problem and > lets the store be mounted, but it's a workaround, not a solution. > > Any ideas? This is ceph-0.26 with vanilla kernel 2.6.38.2. The name and secret error messages seem to be just you running a version of Ceph that does not include commit 9233889a7be8f672729a71e48681a1e779dabd1c; that'll be in 0.27. Ignore those two lines for now. It looks like you're passing in the key the right way, but it's hard to tell as you've obscured the actual key. The error you are seeing is exactly what you would get if the key was invalid, or didn't have the capabilities needed for mounting Ceph. Perhaps you could share the ceph.conf, keyring and exact mount command you are using, and once you get it going regenerate the keys to get back your security. -- :(){ :|:&};: -- To unsubscribe from this list: send the line "unsubscribe ceph-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
