You are correct sir. I modified the user capabilities by adding the mds cap with the 'allow r' permission using the following command.
*ceph auth caps client.cephfs mon 'allow r' mds 'allow r' osd 'allow rwx pool=cephfs_metadata,allow rwx pool=cephfs_data'* Thanks, *Nate Curry* On Thu, Apr 7, 2016 at 1:06 PM, Gregory Farnum <gfar...@redhat.com> wrote: > On Thu, Apr 7, 2016 at 10:02 AM, Nate Curry <cu...@mosaicatm.com> wrote: > > I am trying to get cephfs mounted as a user other than client.admin in > order > > to avoid putting the admin keyring on the client host. When I try to > > connect with that user and keyring I am getting the following error: > > > > mount error 13 = Permission denied > > > > I am following the exact instructions that Karan Singh put in Ceph > Cookbook > > but they do not seem to work. I checked the errata but didn't see any > > mention of there being any errors. It might be important to state that > I am > > using Jewel and am not sure if there would be a difference. I followed > the > > steps to create the osd pools for data and metadata, created the > filesystem, > > then created a user which has rwx access to both pools as follows: > > > > ceph auth get-or-create client.cephfs mon 'allow r' osd 'allow rwx > > pool=cephfs_metadata,allow rwx pool=cephfs_data' -o > > /etc/ceph/client.cephfs.keyring > > > > I then write out the keyring in /etc/ceph/ before I transfer it to my > cephfs > > client host: > > > > ceph-authtool -p -n client.cephfs /etc/ceph/client.cephfs.keyring > > > /etc/ceph/client.cephfs > > > > I then put the key in a file (cephfs.key) to be used to mount the > filesystem > > instead of specifying the key on the command like or during startup. > When I > > try to mount the filesystem as the root user using the following command > I > > get the above error. > > > > mount -t ceph mon2:6789:/ /data -o > > name=cephfs,secretfile=/etc/ceph/cephfs.key > > > > From what I can tell it looks like the user is created properly and ceph > > auth list shows that it has permissions to the pools: > > > > client.cephfs > > key: ############################# > > caps: [mon] allow r > > caps: [osd] allow rwx pool=datastore_metadata,allow rwx > > pool=datastore_data > > > > > > Could someone tell me what else I would need to give the user permission > to > > in order to be able to mount the filesystem? > > You need an MDS stanza. See > http://docs.ceph.com/docs/master/cephfs/client-auth/ > -Greg >
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
