Re: [ceph-users] Prevent cephfs clients from mount and browsing "/"

Thanks all for the clarification. Best, Martin On Mon, Dec 5, 2016 at 2:14 PM, John Spray wrote: > On Mon, Dec 5, 2016 at 12:35 PM, David Disseldorp wrote: >> Hi Martin, >> >> On Mon, 5 Dec 2016 13:27:01 +0100, Martin Palma wrote: >> >>> Ok, just discovered

Re: [ceph-users] Prevent cephfs clients from mount and browsing "/"

On Mon, Dec 5, 2016 at 12:35 PM, David Disseldorp wrote: > Hi Martin, > > On Mon, 5 Dec 2016 13:27:01 +0100, Martin Palma wrote: > >> Ok, just discovered that with the fuse client, we have to add the '-r >> /path' option, to treat that as root. So I assume the caps 'mds allow >> r'

Re: [ceph-users] Prevent cephfs clients from mount and browsing "/"

Hi Martin, On Mon, 5 Dec 2016 13:27:01 +0100, Martin Palma wrote: > Ok, just discovered that with the fuse client, we have to add the '-r > /path' option, to treat that as root. So I assume the caps 'mds allow > r' is only needed if we also what to be able to mount the directory > with the

Re: [ceph-users] Prevent cephfs clients from mount and browsing "/"

Ok, just discovered that with the fuse client, we have to add the '-r /path' option, to treat that as root. So I assume the caps 'mds allow r' is only needed if we also what to be able to mount the directory with the kernel client. Right? Best, Martin On Mon, Dec 5, 2016 at 1:20 PM, Martin Palma

[ceph-users] Prevent cephfs clients from mount and browsing "/"

Hello, is it possible prevent cephfs client to mount the root of a cephfs filesystem and browse through it? We want to restrict cephfs clients to a particular directory, but when we define a specific cephx auth key for a client we need to add the following caps: "mds 'allow r'" which then gives