Hi Jason,
Thank you for the information. I saw the documentation but the
"rbd_children" caps wasn't well explained.
I was interested if those caps must be set global or can be restricted
to a pool since in our use case of Ceph several users have independent
access to their pool. What we want to a
The "rbd snap unprotect" action needs to scan the "rbd_children"
object of all pools to ensure that the image doesn't have any children
attached. Therefore, you need to ensure that the user that will
perform the "snap unprotect" has the "allow class-read object_prefix
rbd_children" on all pools [1]
Hi all,
what permissions do I need to unprotect a protected rbd snapshot?
Currently the key interacting with the pool containing the rbd image
has the following permissions:
mon 'allow r'
osd 'allow rwx pool=vms'
When I try to unprotect a snaphost with the following command "rbd
snap unprotect
