Re: Creating RGW Zone System Users Fails with "couldn't init storage provider"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 2015-11-05 12:16:35 +0000, Wido den Hollander said:



This is usuaully when keys aren't set up properly. Are you sure that the
cephx keys you are using are correct and that you can connect to the
Ceph cluster?

Wido


Yes, I could execute all kinds of commands, however it turns out, I
might have seen the effects of some non-obvious behavior:

We noticed was that whatever is used as an argument to --client-id
(tried with completely random crap), we could successfully execute
commands!

E. g.

$ sudo radosgw-admin zone list --client-id blablabla"

would get results back just fine, which took me very much by surprise.


Turns out, if you read `man ceph` closely, "--client-id" is not even a
valid parameter! Trying it with e. g. "ceph -s" will tell you that
immediately:

$ sudo ceph --client-id blablabla -s
Invalid command:  unused arguments: ['--client-id', 'blablabla']
...

On the other hand, radosgw-admin doesn't:

$ sudo radosgw-admin user info --uid=someuser --client-id blablabla
{ results }


Apparently, radosgw-admin swallows unkown arguments silently. It just
uses the admin key, which I could see by running this as an
unprivileged user without sudo:

$ radosgw-admin user info --uid=someuser --client-id blablabla
2015-11-05 14:47:30.079318 7fc4dd104900 -1 monclient(hunting): ERROR:
missing keyring, cannot use cephx for authentication
couldn't init storage provider
2015-11-05 14:47:30.079323 7fc4dd104900  0 librados: client.admin
initialization error (2) No such file or directory

The unkown --client-id argument gets dropped and it tries to use the
admin keyring, which it is not allowed to access without sudo.


I still do not know exactly, why this did not help me originally,
because it should just have created the user using the admin key. So it
is not exactly clear what was going on then. Nevertheless, user exists
now, so it might remain a mistery...


In any case, making radosgw-admin at least _inform_ about unknown
arguments might be a better idea than just silently ignoring them.


Thanks!
Daniel


--
Daniel Schneller
Principal Cloud Engineer

CenterDevice GmbH
https://www.centerdevice.de


_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]

  Powered by Linux