[Bug 1847822] Re: CephFS authorize fails with unknown cap type
gerald.yang
gerald.yang at canonical.com
Tue Dec 3 07:12:19 UTC 2019
The ceph packages in queens-proposed fixes this issue
Some details on different nodes
On ceph-mon node:
ubuntu at juju-590627-246395-0:~$ apt-cache policy ceph
ceph:
Installed: 12.2.12-0ubuntu0.18.04.4
Candidate: 12.2.12-0ubuntu0.18.04.4
Version table:
*** 12.2.12-0ubuntu0.18.04.4 500
500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages
100 /var/lib/dpkg/status
12.2.12-0ubuntu0.18.04.3 500
500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
12.2.12-0ubuntu0.18.04.2 500
500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages
12.2.4-0ubuntu1 500
500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
ubuntu at juju-590627-246395-0:~$ ceph fs authorize ceph-fs client.foo / rw
[client.foo]
key = AQCiAeZd+PTmHhAAh2VDxBu1JJR7qr5lfLavaw==
ubuntu at juju-590627-246395-0:~$ ceph fs authorize ceph-fs client.bar /bar rw
[client.bar]
key = AQC2COZdxTytDxAAtY3oVcjK8XqzlFf0oRlzWQ==
On ceph-fs node:
ubuntu at juju-590627-246395-7:~$ apt-cache policy ceph
ceph:
Installed: 12.2.12-0ubuntu0.18.04.4
Candidate: 12.2.12-0ubuntu0.18.04.4
Version table:
*** 12.2.12-0ubuntu0.18.04.4 500
500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages
100 /var/lib/dpkg/status
12.2.12-0ubuntu0.18.04.3 500
500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
12.2.12-0ubuntu0.18.04.2 500
500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages
12.2.4-0ubuntu1 500
500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
ubuntu at juju-590627-246395-7:~$ sudo ceph-fuse -c ceph.conf --id foo -k client.foo.keyring mnt
ceph-fuse[4198]: starting ceph client
2019-12-03 07:01:22.855304 7fb6a87f6500 -1 init, newargv = 0x559f708262e0 newargc=9
ceph-fuse[4198]: starting fuse
ubuntu at juju-590627-246395-7:~$ ls mnt/
ubuntu at juju-590627-246395-7:~$ sudo mkdir mnt/bar
ubuntu at juju-590627-246395-7:~$ ls mnt
bar
** Tags removed: verification-needed verification-queens-needed
** Tags added: verification-done verification-queens-done
--
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1847822
Title:
CephFS authorize fails with unknown cap type
Status in Ubuntu Cloud Archive:
Fix Released
Status in Ubuntu Cloud Archive queens series:
Fix Committed
Status in ceph package in Ubuntu:
Fix Released
Status in ceph source package in Bionic:
Fix Committed
Bug description:
[Impact]
Attempting to provide access to a user within Ceph to a specific mount
path fails with unknown cap type. This appears to be due to the
monitor not knowing how to validate the caps that are provided with
the mount path per upstream bug https://tracker.ceph.com/issues/39395
and subsequent pull requests.
This is fixed in Mimic (13.1.0+) and included in the current Luminous
devel release (upcoming 12.2.13).
[Test Case]
Steps to recreate:
1. Install ceph w/ ceph-fs.
2. Mount ceph filesystem and create subdirectory for restricting access
$ ceph-fuse -k /etc/ceph/ceph.client.foo.keyring --id foo -m 10.5.0.5:6789 /mnt/ceph-fs
$ mkdir /mnt/ceph-fs/bar
3. Authorize access for ceph user to rw a directory
$ ceph fs authorize ceph-fs client.foo /bar rw
Expected Results:
The authorize command to succeed
Actual Results:
Error EINVAL: unknown cap type '/bar'
[Regression Potential]
Regression potential is low as this has already been fixed upstream
and has seen additional testing without additional problem reports
from the change. The change does affect the validation of
capabilities, so if a problem were to arise it would likely be in the
verification of capabilities when the code is parsing.
[Other Info]
Upstream pull-request: https://github.com/ceph/ceph/pull/28666
To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1847822/+subscriptions
More information about the Ubuntu-openstack-bugs
mailing list