[Bug 1847822] Re: CephFS authorize fails with unknown cap type

gerald.yang gerald.yang at canonical.com
Tue Dec 3 07:51:10 UTC 2019


The ceph packages in bionic-proposed fixes this issue

Some details on different nodes

On ceph-mon node:

ubuntu at juju-aad762-246395-1-0:~$ apt-cache policy ceph
ceph:
  Installed: 12.2.12-0ubuntu0.18.04.4
  Candidate: 12.2.12-0ubuntu0.18.04.4
  Version table:
 *** 12.2.12-0ubuntu0.18.04.4 500
        500 http://us.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     12.2.12-0ubuntu0.18.04.3 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
     12.2.12-0ubuntu0.18.04.2 500
        500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages
     12.2.4-0ubuntu1 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
ubuntu at juju-aad762-246395-1-0:~$ ceph fs authorize ceph-fs client.foo / rw
[client.foo]
	key = AQC8EuZdrBm7ERAA7ZaAruEDz3glRMDnPvmWRQ==
ubuntu at juju-aad762-246395-1-0:~$ ceph fs authorize ceph-fs client.bar /bar rw
[client.bar]
	key = AQA+E+ZdoyyENxAAqNXma0Pdq9CaG0rlLL0otQ==

On ceph-fs node:

ubuntu at juju-aad762-246395-1-7:~$ apt-cache policy ceph
ceph:
  Installed: 12.2.12-0ubuntu0.18.04.4
  Candidate: 12.2.12-0ubuntu0.18.04.4
  Version table:
 *** 12.2.12-0ubuntu0.18.04.4 500
        500 http://us.archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     12.2.12-0ubuntu0.18.04.3 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages
     12.2.12-0ubuntu0.18.04.2 500
        500 http://security.ubuntu.com/ubuntu bionic-security/main amd64 Packages
     12.2.4-0ubuntu1 500
        500 http://nova.clouds.archive.ubuntu.com/ubuntu bionic/main amd64 Packages
ubuntu at juju-aad762-246395-1-7:~$ sudo ceph-fuse -c ceph.conf --id foo -k client.foo.keyring mnt
ceph-fuse[2553]: starting ceph client
2019-12-03 07:47:40.128237 7f423c183500 -1 init, newargv = 0x55a9692d02e0 newargc=9
ceph-fuse[2553]: starting fuse
ubuntu at juju-aad762-246395-1-7:~$ ls mnt
ubuntu at juju-aad762-246395-1-7:~$ sudo mkdir mnt/bar
ubuntu at juju-aad762-246395-1-7:~$ ls mnt/
bar


** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic

** Tags removed: verification-needed
** Tags added: verification-done

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1847822

Title:
  CephFS authorize fails with unknown cap type

Status in Ubuntu Cloud Archive:
  Fix Released
Status in Ubuntu Cloud Archive queens series:
  Fix Committed
Status in ceph package in Ubuntu:
  Fix Released
Status in ceph source package in Bionic:
  Fix Committed

Bug description:
  [Impact]

  Attempting to provide access to a user within Ceph to a specific mount
  path fails with unknown cap type. This appears to be due to the
  monitor not knowing how to validate the caps that are provided with
  the mount path per upstream bug https://tracker.ceph.com/issues/39395
  and subsequent pull requests.

  This is fixed in Mimic (13.1.0+) and included in the current Luminous
  devel release (upcoming 12.2.13).

  
  [Test Case]

  Steps to recreate:

  1. Install ceph w/ ceph-fs.

  2. Mount ceph filesystem and create subdirectory for restricting access
  $ ceph-fuse -k /etc/ceph/ceph.client.foo.keyring --id foo -m 10.5.0.5:6789 /mnt/ceph-fs
  $ mkdir /mnt/ceph-fs/bar

  3. Authorize access for ceph user to rw a directory
  $ ceph fs authorize ceph-fs client.foo /bar rw

  Expected Results:

  The authorize command to succeed

  Actual Results:

  Error EINVAL: unknown cap type '/bar'

  [Regression Potential]

  Regression potential is low as this has already been fixed upstream
  and has seen additional testing without additional problem reports
  from the change. The change does affect the validation of
  capabilities, so if a problem were to arise it would likely be in the
  verification of capabilities when the code is parsing.

  [Other Info]

  Upstream pull-request: https://github.com/ceph/ceph/pull/28666

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1847822/+subscriptions



More information about the Ubuntu-openstack-bugs mailing list