We understand and we have restricted network access. Thx. Rok On Wed, Jan 8, 2025 at 12:28 AM Dan van der Ster <dan.vanderster@xxxxxxxxx> wrote: > Hi Rok, > > Without cephx enabled, any ceph client having network access to the > Ceph mon/osd/mds can connect to the cluster and do whatever they want. > E.g. delete any objects or pools or anything. > > The only way I can think that this is workable would be to restrict > Ceph to an isolated network and re-export CephFS using NFS Ganesha or > Samba. > > Cheers, Dan > > On Tue, Jan 7, 2025 at 8:03 AM Rok Jaklič <rjaklic@xxxxxxxxx> wrote: > > > > Hi, > > > > is it possible somehow to restrict client in cephfs to subdirectory > without > > cephx enabled? > > > > We do not have any auth requirements enabled in ceph. > > > > auth cluster required = none > > auth service required = none > > auth client required = none > > > > Kind regards, > > Rok > > _______________________________________________ > > ceph-users mailing list -- ceph-users@xxxxxxx > > To unsubscribe send an email to ceph-users-leave@xxxxxxx > > > > -- > Dan van der Ster > CTO @ CLYSO > Try our Ceph Analyzer -- https://analyzer.clyso.com/ > https://clyso.com | dan.vanderster@xxxxxxxxx > _______________________________________________ ceph-users mailing list -- ceph-users@xxxxxxx To unsubscribe send an email to ceph-users-leave@xxxxxxx
 |