On Mon, Jul 22, 2013 at 5:42 AM, w sun <wsun2@xxxxxxxxxxx> wrote: > Does anyone know how to do this or if this is not possible? We try to modify > the security scope for an existing cephx user but could not figure out how > to add access to a new pool without recreating the user, e.g., > > ceph auth get-or-create client.svl-ceph-openstack-images mon 'allow r' osd > 'allow class-read object_prefix rbd_children, allow rwx > pool=svl-ceph-openstack-images' > > If we want to allow the same user with rwx to a new pool > (svl-ceph-openstack-volume), or update the access to the existing pool > (svl-ceph-openstack-images) with rx access only. How do I do that? You can update them from the CLI; this line is from the help text on the current code (but the syntax is old): auth caps <entity> <caps> [<caps>...] update caps for <name> from caps specified in the command I believe this will replace the existing caps with whatever you specify, so make sure you include the existing ones and check that the result is what you expect. -Greg Software Engineer #42 @ http://inktank.com | http://ceph.com _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |