On Wed, Mar 23, 2022 at 07:14:22AM +0200, Budai Laszlo wrote:
> Hello all,
>
> what capabilities a ceph user should have in order to be able to create rbd images in one namespace only?
>
> I have tried the following:
>
> [root@ceph1 ~]# rbd namespace ls --format=json
> [{"name":"user1"},{"name":"user2"}]
>
> [root@ceph1 ~]# ceph auth get-or-create client.user2 mon 'profile rbd' osd 'allow rwx pool=rbd namespace=user2' -o /etc/ceph/client.user2.keyring
Instead of using allow use profile on the osd too and it will set the correct permissions.
# ceph auth get-or-create client.user2 mon 'profile rbd' osd 'profile rbd pool=rbd namespace=user2' -o /etc/ceph/client.user2.keyring
--
Kai Stian Olstad
_______________________________________________
ceph-users mailing list -- ceph-users@xxxxxxx
To unsubscribe send an email to ceph-users-leave@xxxxxxx
