|
Hi, While using rbd kernel client with cephx , admin user without admin keyring was not able to map the rbd image to a block device and this should be the work flow. But issue is once I unmap rbd image without admin keyring it is allowing to unmap the image and as per my understanding it should not be the case , it should not all and give error as when it has given while mapping. Is it a normal behaviour or I am missing something , may be needed a fix (bug) ? ------------------------------------------------------------------------ [ceph@dell-per620-1 ceph]$ ls -l /etc/ceph/ total 16 -rw-r--r--. 1 root root 63 Feb 9 22:30 ceph.client.admin.keyring -rw-r--r--. 1 root root 71 Feb 9 22:23 ceph.client.dell-per620-1.keyring -rw-r--r--. 1 root root 467 Feb 9 22:22 ceph.conf -rwxr-xr-x. 1 root root 92 Oct 15 01:03 rbdmap [ceph@dell-per620-1 ceph]$ [ceph@dell-per620-1 ceph]$ sudo mv /etc/ceph/ceph.client.admin.keyring /tmp/. [ceph@dell-per620-1 ceph]$ ls -l /etc/ceph/ total 12 -rw-r--r--. 1 root root 71 Feb 9 22:23 ceph.client.dell-per620-1.keyring -rw-r--r--. 1 root root 467 Feb 9 22:22 ceph.conf -rwxr-xr-x. 1 root root 92 Oct 15 01:03 rbdmap [ceph@dell-per620-1 ceph]$ [ceph@dell-per620-1 ceph]$ sudo rbd map testcephx rbd: add failed: (22) Invalid argument [ceph@dell-per620-1 ceph]$ sudo dmesg [437447.308705] libceph: no secret set (for auth_x protocol) [437447.308761] libceph: error -22 on auth protocol 2 init [437447.308809] libceph: client4954 fsid d57d909f-8adf-46aa-8cc6-3168974df332 [ceph@dell-per620-1 ceph]$ sudo mv /tmp/ceph.client.admin.keyring /etc/ceph/ [ceph@dell-per620-1 ceph]$ ls -l /etc/ceph/ total 16 -rw-r--r--. 1 root root 63 Feb 9 22:30 ceph.client.admin.keyring -rw-r--r--. 1 root root 71 Feb 9 22:23 ceph.client.dell-per620-1.keyring -rw-r--r--. 1 root root 467 Feb 9 22:22 ceph.conf -rwxr-xr-x. 1 root root 92 Oct 15 01:03 rbdmap [ceph@dell-per620-1 ceph]$ sudo rbd map testcephx [ceph@dell-per620-1 ceph]$ sudo rbd showmapped id pool image snap device 0 rbd testcephx - /dev/rbd0 [ceph@dell-per620-1 ceph]$ sudo dmesg [437447.308705] libceph: no secret set (for auth_x protocol) [437447.308761] libceph: error -22 on auth protocol 2 init [437447.308809] libceph: client4954 fsid d57d909f-8adf-46aa-8cc6-3168974df332 [437496.444701] libceph: client4961 fsid d57d909f-8adf-46aa-8cc6-3168974df332 [437496.447833] libceph: mon1 10.65.200.118:6789 session established [437496.482913] rbd0: unknown partition table [437496.483037] rbd: rbd0: added with size 0x8000000 [ceph@dell-per620-1 ceph]$ [ceph@dell-per620-1 ceph]$ sudo mv /etc/ceph/ceph.client.admin.keyring /tmp/. [ceph@dell-per620-1 ceph]$ ls -l /etc/ceph/ total 12 -rw-r--r--. 1 root root 71 Feb 9 22:23 ceph.client.dell-per620-1.keyring -rw-r--r--. 1 root root 467 Feb 9 22:22 ceph.conf -rwxr-xr-x. 1 root root 92 Oct 15 01:03 rbdmap [ceph@dell-per620-1 ceph]$ sudo rbd unmap /dev/rbd/rbd/testcephx <--------------- If we see here it has allowed unmaping rbd image without keyring [ceph@dell-per620-1 ceph]$ sudo rbd showmapped <----------- no mapped image ------------------------------------------------------------------------------------------------------------------------------------------------- Regards, Vikhyat |
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
