John, I tried to write some data to the new created files, it failed, just as you said. Thanks very much.
On Thu, Oct 12, 2017 at 6:20 PM, John Spray <jsp...@redhat.com> wrote: > On Thu, Oct 12, 2017 at 11:12 AM, Frank Yu <flyxia...@gmail.com> wrote: > > Hi, > > I have a ceph cluster with three nodes, and I have a cephfs, use pool > > cephfs_data, cephfs_metadata, and there're also a rbd pool with name > > 'rbd-test'. > > > > # rados lspools > > .rgw.root > > default.rgw.control > > default.rgw.meta > > default.rgw.log > > cephfs_data > > cephfs_metadata > > default.rgw.buckets.index > > default.rgw.buckets.data > > rbd-test > > > > then I add a user with name cephfs-ct, and have 'rw' permission on pool > > 'rbd-test' only. > > > > # ceph auth add client.cephfs-ct mon 'allow rw' osd 'allow rw > pool=rbd-test' > > mds 'allow rw' > > added key for client.cephfs-ct > > > > # ceph auth ls |grep client.cephfs-ct -A4 > > installed auth entries: > > > > client.cephfs-ct > > key:AQDIPd9ZyXcTLBAAvcG82SFL3wOBAMLMcrJxMA== > > caps: [mds] allow rw > > caps: [mon] allow rw > > caps: [osd] allow rw pool=rbd-test > > > > then I try to mount cephfs with this user cephfs-ct on another host, and > try > > to do some write operations. > > > > # mount -t ceph HOST:6789:/ /mnt/ceph/ -o > > name=cephfs-ct,secret=AQDIPd9ZyXcTLBAAvcG82SFL3wOBAMLMcrJxMA== > > # touch /mnt/ceph/testceph > > # ll /mnt/ceph/testceph > > -rw-r--r-- 1 root root 0 Oct 12 18:04 /mnt/ceph/testceph > > > > So my question, should user cephfs-ct have no write permission on pool > > cephfs_data, this mean, I should can't write data under mountpoint > > /mnt/ceph/?? or I'm wrong ? > > Because your client has "allow rw" mds permissions, it can read and > write all metadata, such as listing a directory. > > If you tried to put some data in a file and sync it, you would find that > failed. > > John > > > > > thanks > > > > -- > > Regards > > Frank Yu > > > > _______________________________________________ > > ceph-users mailing list > > ceph-users@lists.ceph.com > > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com > > > -- Regards Frank Yu
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
