Hi, On 02.10.20 14:38, Alessandro Piazza wrote: > However, from the Ceph docs, I can't understand if this might be a correct use-case for Ceph since the default authentication method CephX doesn't have a standard username/password authentication protocol. CephX is to authenticate the client process against the Ceph cluster, not the human user of the data. After mounting the CephFS you have user permissions including ACLs in the filesystem like in any other local filesystem. But: I would not recommend mounting CephFS to random user workstations as they can impersonate any User ID locally. The recommended way is to run a Samba cluster using CephFS as backend. Your users would then authenticate against Samba which would need to speak to your LDAP/Kerberos. Regards -- Robert Sander Heinlein Support GmbH Schwedter Str. 8/9b, 10119 Berlin https://www.heinlein-support.de Tel: 030 / 405051-43 Fax: 030 / 405051-19 Amtsgericht Berlin-Charlottenburg - HRB 93818 B Geschäftsführer: Peer Heinlein - Sitz: Berlin
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
