Awesome!
Thanks much again.
Keane
On Thu, Nov 2, 2017 at 5:23 PM, Douglas Fuller wrote:
> Hi Keane,
>
> No problem. A fix for the gids bug should go in shortly. See:
> https://github.com/ceph/ceph/pull/18689
>
> Cheers,
> --Doug
>
> On Thu, Nov 2, 2017 at 4:24 PM Keane
Hi Keane,
No problem. A fix for the gids bug should go in shortly. See:
https://github.com/ceph/ceph/pull/18689
Cheers,
--Doug
On Thu, Nov 2, 2017 at 4:24 PM Keane Wolter wrote:
> Here we go. removing the trailing slash and adding the gids parameter in
> auth caps works.
>
Here we go. removing the trailing slash and adding the gids parameter in
auth caps works.
[kwolter@um-test03 ~]$ sudo ceph auth get-or-create-key
client.kwolter_test1 mon 'allow r' mds 'allow r, allow rw path=/user
uid=100026 gids=100026' osd 'allow rw pool=cephfs_osiris, allow rw
Looks like there may be a bug here.
Please try:
* Removing the trailing slash from path= (needs documentation or fixing)
* Adding your gid to a “gids” parameter in the auth caps? (bug: we’re checking
the gid when none is supplied)
mds “allow r, allow rw path=/user uid=100026 gids=100026”
Hi Doug,
Here is the output:
[kwolter@um-test03 ~]$ sudo ceph auth get client.kwolter_test1
exported keyring for client.kwolter_test1
[client.kwolter_test1]
key =
caps mds = "allow r, allow rw path=/user/ uid=100026"
caps mon = "allow r"
caps osd = "allow rw
Hi Keane,
Could you include the output of
ceph auth get client.kwolter_test1
Also, please take a look at your MDS log and see if you see an error from the
file access attempt there.
Thanks,
—Doug
> On Nov 2, 2017, at 2:24 PM, Keane Wolter wrote:
>
> Hi Doug,
>
> Here is
Hi Doug,
Here is my current mds line I have for my user: caps: [mds] allow r, allow
rw path=/user/ uid=100026. My results are as follows when I mount:
sudo ceph-fuse --id=kwolter_test1 -k ./ceph.client.kwolter_test1.keyring -r
/user/kwolter --client-die-on-failed-remount=false ceph
Hi Keane,
path= has to come before uid=
mds “allow r, allow rw path=/user uid=100026, allow rw path=/project"
If that doesn’t work, could you send along a transcript of your shell session
in setting up the ceph user, mounting the file system, and attempting access?
Thanks,
—Doug
> On Nov 1,
I have ownership of the directory /user/kwolter on the cephFS server and I
am mounting to ~/ceph, which I also own.
On Wed, Nov 1, 2017 at 2:04 PM, Gregory Farnum wrote:
> Which directory do you have ownership of? Keep in mind your local
> filesystem permissions do not get
Which directory do you have ownership of? Keep in mind your local
filesystem permissions do not get applied to the remote CephFS mount...
On Wed, Nov 1, 2017 at 11:03 AM Keane Wolter wrote:
> I am mounting a directory under /user which I am the owner of with the
> permissions
I am mounting a directory under /user which I am the owner of with the
permissions of 700. If I remove the uid=100026 option, I have no issues. I
start having issues as soon as the uid restrictions are in place.
On Wed, Nov 1, 2017 at 1:05 PM, Gregory Farnum wrote:
> Well,
Well, obviously UID 100026 needs to have the normal POSIX permissions to
write to the /user path, which it probably won't until after you've done
something as root to make it so...
On Wed, Nov 1, 2017 at 9:57 AM Keane Wolter wrote:
> Acting as UID 100026, I am able to
Acting as UID 100026, I am able to successfully run ceph-fuse and mount the
filesystem. However, as soon as I try to write a file as UID 100026, I get
permission denied, but I am able to write to disk as root without issue. I
am looking for the inverse of this. I want to write changes to disk as
On Mon, Oct 23, 2017 at 5:03 PM Keane Wolter wrote:
> Hi Gregory,
>
> I did set the cephx caps for the client to:
>
> caps: [mds] allow r, allow rw uid=100026 path=/user, allow rw path=/project
>
So you’ve got three different permission granting clauses here:
1) allows the
Hi Gregory,
I did set the cephx caps for the client to:
caps: [mds] allow r, allow rw uid=100026 path=/user, allow rw path=/project
caps: [mon] allow r
caps: [osd] allow rw pool=cephfs_osiris, allow rw pool=cephfs_users
Keane
On Fri, Oct 20, 2017 at 5:35 PM, Gregory Farnum
What did you actually set the cephx caps to for that client?
On Fri, Oct 20, 2017 at 8:01 AM Keane Wolter wrote:
> Hello all,
>
> I am trying to limit what uid/gid a client is allowed to run as (similar
> to NFS' root squashing). I have referenced this email,
>
Hello all,
I am trying to limit what uid/gid a client is allowed to run as (similar to
NFS' root squashing). I have referenced this email,
http://lists.ceph.com/pipermail/ceph-users-ceph.com/2017-February/016173.html,
with no success. After generating the keyring, moving it to a client
machine,
17 matches
Mail list logo