Hi,
I have a ceph cluster on Infernalis and I'm using a snmp agent to retrieve
data and generate generic graphs concerning each cluster node. Currently, I
can see in the syslog of each node this kind of lines (every 5 minutes):
Mar 11 03:15:26 ceph01 snmpd[16824]: Cannot statfs
/var/lib/ceph/mon/ceph-ceph01#012: Permission denied
Mar 11 03:15:26 ceph01 snmpd[16824]: Cannot statfs
/var/lib/ceph/osd/ceph-16#012: Permission denied
Of course, it's a basic problem of Unix rights. The snmp agent uses the
account "snmp" and the Unix rights of the ceph home directory are:
~# ll -d /var/lib/ceph
drwxr-x--- 9 ceph ceph 4096 Nov 4 06:34 /var/lib/ceph/
So, of course, currently the snmp account can't access to
/var/lib/ceph/{osd,mon}/$cluster-$id/.
1. Is there a problem (an eventually side effect) if I just do that?
chmod o+rx /var/lib/ceph/
Can I have security problem with that?
2. Or do you think it's a better idea to just add "snmp" in the Unix group
"ceph"? Maybe better than 1. because I don't change the permissions of the
directory _and_ it seems to me that a member of the "ceph" group has never
the "w" right in /var/lib/ceph/.
Thanks in advance for your help.
--
François Lafont
_______________________________________________
ceph-users mailing list
ceph-users@lists.ceph.com
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
