>From a least privilege standpoint, o=rx seems bad. Instead, if you need a
user to gave rx, why not set a default acl on each osd to allow Nagios to
have rx?
I think it's designed to best practice. If a user wishes to accept
additional risk, that's their risk.
On Jul 10, 2017 8:10 AM, "Jens
2017-07-10 10:40 GMT+00:00 Christian Balzer :
> On Mon, 10 Jul 2017 11:27:26 +0200 Marc Roos wrote:
>
>> Looks to me by design (from rpm install), and the settings of the
>> directorys below are probably the result of a user umask setting.
>
> I know it's deliberate, I'm asking why.
> -Original Message-
> From: Christian Balzer [mailto:ch...@gol.com]
> Sent: maandag 10 juli 2017 8:09
> To: ceph-users@lists.ceph.com
> Subject: [ceph-users] Access rights of /var/lib/ceph with Jewel
>
>
> Hello,
>
> With Jewel /var/lib/ceph has these perm
Hello,
With Jewel /var/lib/ceph has these permissions: "drwxr-x---", while every
directory below it still has the world aXessible bit set.
This makes it impossible (by default) for nagios and other non-root bits
to determine the disk usage for example.
Any rhyme or reason for this decision?