It appears like you have a typo in your cap: "rdb_children" -> "rbd_children" On Sun, Jun 10, 2018 at 7:35 AM, frm mrf <frm73@xxxxxxxxx> wrote: > Hello list, > > > I've recently setup a test openstack newton cloud and connected glance to a > test ceph cluster (3x mon, 3x osd). > > I am able to upload raw images via openstack to the ceph backend but I > cannot delete them because "PermissionError: error unprotecting snapshot". > The glance user has the following permissions: mon 'allow r' osd 'allow > class-read object_prefix rdb_children, allow rwx pool=images'. > > Mocking around a bit with the permissions I've noticed that if I change them > to "mon 'allow r' osd 'allow *" -OR- allow rwx to all pools (mon 'allow r' > osd 'allow class-read object_prefix rdb_children, allow rwx pool=images, > allow rwx pool=rbd, allow rwx pool=vms'), I am able to remove the image via > the openstack image delete <image-ID>. > > Can someone help me understand this behavior? > > PS: ceph package version is 10.2.9-0ubuntu0.16.04.1 and all machines are > running Ubuntu 16.04. > > > _______________________________________________ > ceph-users mailing list > ceph-users@xxxxxxxxxxxxxx > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com > -- Jason _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |