Re: cephfs : write error: Operation not permitted

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Jan 24, 2020 at 1:43 PM Frank Schilder <frans@xxxxxx> wrote:
>
> Dear Ilya,
>
> I had exactly the same problem with authentication of cephfs clients on a mimic-13.2.2 cluster. The key created with "ceph fs authorize ..." did not grant access to the data pool. I ended up adding "rw" access to this pool by hand.
>
> Following up on your remark about pool tags, could you please point me to any documentation about how this tagging is used and what key-value pair you are referring to? It sounds like this is the new way to go, but I cannot find anything useful about it in here:
>
> https://docs.ceph.com/docs/mimic/cephfs/client-auth/

Hi Frank,

This is the correct page, but this key-value pair is more or less an
internal implementation detail.  "ceph fs authorize" is all the users
should know about, but there seems to be a bug lurking there.

In general, for a cap that looks like

  allow <r/w/x> tag <tag name> <key>=<value>

the OSD will allow <r/w/x> access to the pool iff a) the pool is tagged
with <tag name> and b) the tag metadata has that <key>: <value> pair in
it.  In the cephfs case, the key is "data" for data pool and "metadata"
for metadata pools, the value is the name of the filesystem.

Thanks,

                Ilya
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx



[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux