We understand and we have restricted network access. Thx.
Rok On Wed, Jan 8, 2025 at 12:28 AM Dan van der Ster <dan.vanders...@clyso.com> wrote: > Hi Rok, > > Without cephx enabled, any ceph client having network access to the > Ceph mon/osd/mds can connect to the cluster and do whatever they want. > E.g. delete any objects or pools or anything. > > The only way I can think that this is workable would be to restrict > Ceph to an isolated network and re-export CephFS using NFS Ganesha or > Samba. > > Cheers, Dan > > On Tue, Jan 7, 2025 at 8:03 AM Rok Jaklič <rjak...@gmail.com> wrote: > > > > Hi, > > > > is it possible somehow to restrict client in cephfs to subdirectory > without > > cephx enabled? > > > > We do not have any auth requirements enabled in ceph. > > > > auth cluster required = none > > auth service required = none > > auth client required = none > > > > Kind regards, > > Rok > > _______________________________________________ > > ceph-users mailing list -- ceph-users@ceph.io > > To unsubscribe send an email to ceph-users-le...@ceph.io > > > > -- > Dan van der Ster > CTO @ CLYSO > Try our Ceph Analyzer -- https://analyzer.clyso.com/ > https://clyso.com | dan.vanders...@clyso.com > _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
