[...]
> > >
> > > I thought about this too and came to the same conclusion, that
UID/GID
> > > based
> > > restriction can be applied dynamically, so detecting it on mount-time
> > > helps not so much.
> > >
> > For this you please raise one PR to ceph first to support this, and in
> > the PR we can discuss more for the MDS auth caps. And after the PR
> > getting merged then in this patch series you need to check the
> > corresponding option or flag to determine whether could the idmap
> > mounting succeed.
>
> I'm sorry but I don't understand what we want to support here. Do we
want to
> add some new ceph request that allows to check if UID/GID-based
> permissions are applied for
> a particular ceph client user?
IMO we should prevent user to set UID/GID-based permisions caps from
ceph side.
As I know currently there is no way to prevent users to set MDS auth
caps, IMO in ceph side at least we need one flag or option to disable
this once users want this fs cluster sever for idmap mounts use case.
Thanks
- Xiubo