[Bug 1847822] Re: CephFS authorize fails with unknown cap type

James Page james.page at ubuntu.com
Tue Nov 26 15:21:08 UTC 2019 

** Changed in: cloud-archive
       Status: Triaged => Fix Released

** Also affects: ceph (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Changed in: ceph (Ubuntu)
       Status: Triaged => Fix Released

** Changed in: ceph (Ubuntu Bionic)
       Status: New => Triaged

** Changed in: ceph (Ubuntu Bionic)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1847822

Title:
  CephFS authorize fails with unknown cap type

Status in Ubuntu Cloud Archive:
  Fix Released
Status in Ubuntu Cloud Archive queens series:
  Triaged
Status in ceph package in Ubuntu:
  Fix Released
Status in ceph source package in Bionic:
  Triaged

Bug description:
  [Impact]

  Attempting to provide access to a user within Ceph to a specific mount
  path fails with unknown cap type. This appears to be due to the
  monitor not knowing how to validate the caps that are provided with
  the mount path per upstream bug https://tracker.ceph.com/issues/39395
  and subsequent pull requests.

  This is fixed in Mimic (13.1.0+) and included in the current Luminous
  devel release (upcoming 12.2.13).

  
  [Test Case]

  Steps to recreate:

  1. Install ceph w/ ceph-fs.

  2. Mount ceph filesystem and create subdirectory for restricting access
  $ ceph-fuse -k /etc/ceph/ceph.client.foo.keyring --id foo -m 10.5.0.5:6789 /mnt/ceph-fs
  $ mkdir /mnt/ceph-fs/bar

  3. Authorize access for ceph user to rw a directory
  $ ceph fs authorize ceph-fs client.foo /bar rw

  Expected Results:

  The authorize command to succeed

  Actual Results:

  Error EINVAL: unknown cap type '/bar'

  [Regression Potential]

  Regression potential is low as this has already been fixed upstream
  and has seen additional testing without additional problem reports
  from the change. The change does affect the validation of
  capabilities, so if a problem were to arise it would likely be in the
  verification of capabilities when the code is parsing.

  [Other Info]

  Upstream pull-request: https://github.com/ceph/ceph/pull/28666

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1847822/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list