Re: [PATCH v3 0/3] target: iscsi: control authentication per ACL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 10/19/21 2:18 AM, Dmitry Bogdanov wrote:
> dd acls/{ACL}/attrib/authentication attribute that controls authentication
> for the particular ACL. By default, this attribute inherits a value of
> authentication attribute of the target port group to keep a backward
> compatibility.
> 
> authentication attribute has 3 states:
> "0" - authentication is turned off for this ACL
> "1" - authentication is required for this ACL
> "-1" - authentication is inherited from TPG
> 
> This patchset is intended for scsi-queue.
> 
> v3:
>  fix warning: no previous prototype for function 'iscsi_conn_auth_required'
> 
> v2:
>  show effective value (-1) for inherited mode
> 

I can't seem to get the patches working with the targetcli config file
below It worked ok before the patches.

I get this error:

Oct 22 00:56:25 ol4 kernel: CHAP user or password not set for Initiator ACL
Oct 22 00:56:25 ol4 kernel: Security negotiation failed.
Oct 22 00:56:25 ol4 kernel: iSCSI Login negotiation failed.


{
  "fabric_modules": [], 
  "storage_objects": [
    {
      "alua_tpgs": [
        {
          "alua_access_state": 0, 
          "alua_access_status": 0, 
          "alua_access_type": 3, 
          "alua_support_active_nonoptimized": 1, 
          "alua_support_active_optimized": 1, 
          "alua_support_offline": 1, 
          "alua_support_standby": 1, 
          "alua_support_transitioning": 1, 
          "alua_support_unavailable": 1, 
          "alua_write_metadata": 0, 
          "implicit_trans_secs": 0, 
          "name": "default_tg_pt_gp", 
          "nonop_delay_msecs": 100, 
          "preferred": 0, 
          "tg_pt_gp_id": 0, 
          "trans_delay_msecs": 0
        }
      ], 
      "attributes": {
        "block_size": 512, 
        "emulate_3pc": 1, 
        "emulate_caw": 1, 
        "emulate_dpo": 1, 
        "emulate_fua_read": 1, 
        "emulate_fua_write": 1, 
        "emulate_model_alias": 1, 
        "emulate_pr": 1, 
        "emulate_rest_reord": 0, 
        "emulate_tas": 1, 
        "emulate_tpu": 0, 
        "emulate_tpws": 0, 
        "emulate_ua_intlck_ctrl": 0, 
        "emulate_write_cache": 0, 
        "enforce_pr_isids": 1, 
        "force_pr_aptpl": 0, 
        "is_nonrot": 1, 
        "max_unmap_block_desc_count": 0, 
        "max_unmap_lba_count": 0, 
        "max_write_same_len": 0, 
        "optimal_sectors": 4294967288, 
        "pi_prot_format": 0, 
        "pi_prot_type": 0, 
        "pi_prot_verify": 0, 
        "queue_depth": 128, 
        "unmap_granularity": 0, 
        "unmap_granularity_alignment": 0, 
        "unmap_zeroes_data": 0
      }, 
      "name": "ram0", 
      "nullio": true, 
      "plugin": "ramdisk", 
      "size": 8589934592, 
      "wwn": "9ea6da68-aec0-4560-baa8-834383f1cc6d"
    }
  ], 
  "targets": [
    {
      "fabric": "iscsi", 
      "tpgs": [
        {
          "attributes": {
            "authentication": 1, 
            "cache_dynamic_acls": 1, 
            "default_cmdsn_depth": 64, 
            "default_erl": 0, 
            "demo_mode_discovery": 1, 
            "demo_mode_write_protect": 0, 
            "fabric_prot_type": 0, 
            "generate_node_acls": 1, 
            "login_keys_workaround": 1, 
            "login_timeout": 15, 
            "netif_timeout": 2, 
            "prod_mode_write_protect": 0, 
            "t10_pi": 0, 
            "tpg_enabled_sendtargets": 1
          }, 
          "enable": true, 
          "luns": [
            {
              "alias": "edb6aa7bf4", 
              "alua_tg_pt_gp_name": "default_tg_pt_gp", 
              "index": 0, 
              "storage_object": "/backstores/ramdisk/ram0"
            }
          ], 
          "node_acls": [
            {
              "attributes": {
                "dataout_timeout": 3, 
                "dataout_timeout_retries": 5, 
                "default_erl": 0, 
                "nopin_response_timeout": 30, 
                "nopin_timeout": 15, 
                "random_datain_pdu_offsets": 0, 
                "random_datain_seq_offsets": 0, 
                "random_r2t_offsets": 0
              }, 
              "chap_password": "myiscsipassword", 
              "chap_userid": "myiscsiname", 
              "mapped_luns": [
                {
                  "alias": "76dc7c92d0", 
                  "index": 0, 
                  "tpg_lun": 0, 
                  "write_protect": false
                }
              ], 
              "node_wwn": "iqn.1988-12.com.oracle:ol"
            }
          ], 
          "parameters": {
            "AuthMethod": "CHAP", 
            "DataDigest": "CRC32C,None", 
            "DataPDUInOrder": "Yes", 
            "DataSequenceInOrder": "Yes", 
            "DefaultTime2Retain": "20", 
            "DefaultTime2Wait": "2", 
            "ErrorRecoveryLevel": "0", 
            "FirstBurstLength": "65536", 
            "HeaderDigest": "CRC32C,None", 
            "IFMarkInt": "Reject", 
            "IFMarker": "No", 
            "ImmediateData": "Yes", 
            "InitialR2T": "Yes", 
            "MaxBurstLength": "262144", 
            "MaxConnections": "1", 
            "MaxOutstandingR2T": "1", 
            "MaxRecvDataSegmentLength": "8192", 
            "MaxXmitDataSegmentLength": "262144", 
            "OFMarkInt": "Reject", 
            "OFMarker": "No", 
            "TargetAlias": "LIO Target"
          }, 
          "portals": [
            {
              "ip_address": "20.15.0.204", 
              "iser": false, 
              "offload": false, 
              "port": 3260
            }
          ], 
          "tag": 1
        }
      ], 
      "wwn": "iqn.1988-12.com.oracle:tgt1"
    }
  ]
}



[Index of Archives]     [Linux SCSI]     [Kernel Newbies]     [Linux SCSI Target Infrastructure]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Linux IIO]     [Device Mapper]

  Powered by Linux