|
Ah, that works now with 0.61. I believe we have tried that with 0.56 before and it didn't work. Maybe we have missed something. Anyway, don't have a 0.56 system any more to validate. Thanks much.
--weiguo > Date: Mon, 22 Jul 2013 09:23:26 -0700 > From: greg@xxxxxxxxxxx > To: wsun2@xxxxxxxxxxx > CC: ceph-users@xxxxxxxxxxxxxx > Subject: Re: adding, deleting or changing privilege for existing cephx users? > > On Mon, Jul 22, 2013 at 5:42 AM, w sun <wsun2@xxxxxxxxxxx> wrote: > > Does anyone know how to do this or if this is not possible? We try to modify > > the security scope for an existing cephx user but could not figure out how > > to add access to a new pool without recreating the user, e.g., > > > > ceph auth get-or-create client.svl-ceph-openstack-images mon 'allow r' osd > > 'allow class-read object_prefix rbd_children, allow rwx > > pool=svl-ceph-openstack-images' > > > > If we want to allow the same user with rwx to a new pool > > (svl-ceph-openstack-volume), or update the access to the existing pool > > (svl-ceph-openstack-images) with rx access only. How do I do that? > > You can update them from the CLI; this line is from the help text on > the current code (but the syntax is old): > auth caps <entity> <caps> [<caps>...] update caps for <name> from > caps specified in the command > I believe this will replace the existing caps with whatever you > specify, so make sure you include the existing ones and check that the > result is what you expect. > -Greg > Software Engineer #42 @ http://inktank.com | http://ceph.com > _______________________________________________ > ceph-users mailing list > ceph-users@xxxxxxxxxxxxxx > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com |
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
