[ceph-users] Re: newbie Cephfs auth permissions issues

Thu, 19 Nov 2020 11:40:43 -0800 

That's a known issue. You probably did "enable application cephfs" on the 
pools. This prevents a meta data tag to be applied correctly. If you google for 
your problem, you will find threads on this with fixes. There was at least one 
this year.

Also, you could just start from scratch one more time and follow the 
instructions but ignore the enable application part.

Best regards,
=================
Frank Schilder
AIT Risø Campus
Bygning 109, rum S14

________________________________________
From: Jonathan D. Proulx <j...@csail.mit.edu>
Sent: 19 November 2020 15:33:06
To: ceph-users
Subject: [ceph-users] newbie Cephfs auth permissions issues

Hi All,

I've been using ceph block and object storage for years but just
wandering into cephfs now (Nautilus all servers on 14.2.9 ).

I created small data and metadata pools, a new filesystem and used:

ceph fs authorize <fsname> client.<name> / rw

creating two new users to mount it, both can one using fuse (14.2.9)
and one using kernel client (Ubuntu 20.04 kernel 5.4.0-53).

so far so good, but then it gets "weird" I can perform metadata
operations like "mkdir" and "touch" but not actually write any data:

testy-mctestface% touch /mnt/cephfs/boo
testy-mctestface% echo foo > /mnt/cephfs/boo
echo: write error: operation not permitted

auth caps look good to me, but seem most likely to be worng:

root@ceph-mon0:/ # ceph auth get client.client0
exported keyring for client.client0
[client.client0]
        key = <SEKRET>
        caps mds = "allow rw"
        caps mon = "allow r"
        caps osd = "allow rw tag cephfs data=<fsname>"

is "data" hear supposed to be <fsname> or <data_pool_name>? Presumably
it's fsname since that what the "fa authorize" put there and it should
know...

can anyone see what I'm doing wrong here?

Thanks,
-Jon
_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io
_______________________________________________
ceph-users mailing list -- ceph-users@ceph.io
To unsubscribe send an email to ceph-users-le...@ceph.io

Reply via email to