Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

mds: add 'p' flag in auth caps to control setting pool in layout #6567

Merged
merged 3 commits into from Dec 7, 2015

Conversation

jcsp
Copy link
Contributor

@jcsp jcsp commented Nov 13, 2015

Related test: ceph/ceph-qa-suite#703

John Spray added 3 commits November 13, 2015 14:15
For controlling whether a client is allowed
to modify the pool field in file/dir layouts.

Signed-off-by: John Spray <john.spray@redhat.com>
Signed-off-by: John Spray <john.spray@redhat.com>
...including updating for 'rwp'.

Signed-off-by: John Spray <john.spray@redhat.com>
@gregsfortytwo gregsfortytwo added the cephfs Ceph File System label Nov 13, 2015
@ukernel
Copy link
Contributor

ukernel commented Nov 17, 2015

maybe we can apply this restriction check completely in ceph-fuse. check if client can write to a pool, if not, forbid operation that change layout.pool to the pool.

@jcsp
Copy link
Contributor Author

jcsp commented Nov 17, 2015

@ukernel I want to avoid trusting the client

@ukernel
Copy link
Contributor

ukernel commented Nov 18, 2015

the usage of the 'p' flag seems unnatural, what's the use case of it?

@jcsp
Copy link
Contributor Author

jcsp commented Nov 18, 2015

The idea is that sometimes we have clients that are supposed to be consumers of some pre-configured directory that's pointing to a particular pool. For example, in Manila we create a directory, set the pool on it, and then tell the client to mount that directory.

In cases like that, we don't want the client to be able to switch their directory to using a different pool. They are already restricted from writing to those pools by their OSD caps, but I want to also restrict them from modifying their layouts.

I would expect most users to use "allow rw" most of the time and restrict "allow rwp" or "allow *" to some dedicated admin account.

@jcsp
Copy link
Contributor Author

jcsp commented Nov 20, 2015

@gregsfortytwo @liewegas any opinions about the style of this? the 'rwp' thing is just off the top of my head (and was straightforward to add the to parser)

@liewegas
Copy link
Member

Maybe 'l' for layout is more natural? I guess there are cases where we want to allow some layout changes (stripe size) and not pool? Others might be

q = quota
s = snapshot
p = pool
l = layout (except for pool)

  • = all of the above

?

@jcsp
Copy link
Contributor Author

jcsp commented Nov 23, 2015

@liewegas those suggestions make sense to me, that would leave the current patch okay as-is, right? Pool modification is what we're controlling here and we would only add 'l' et al later

@liewegas
Copy link
Member

Yep!

@jcsp
Copy link
Contributor Author

jcsp commented Dec 1, 2015

The new test is: ceph/ceph-qa-suite#703 -- merge it at the same time as this.

See it passing here: http://pulpito.ceph.com/jspray-2015-11-30_02:06:10-fs-wip-testing-jcsp---basic-multi/1163861

@jcsp jcsp assigned jcsp and gregsfortytwo and unassigned jcsp Dec 1, 2015
@jcsp jcsp added the feature label Dec 1, 2015
gregsfortytwo added a commit that referenced this pull request Dec 7, 2015
mds: add 'p' flag in auth caps to control setting pool in layout

Reviewed-by: Sage Weil <sage@redhat.com>
@gregsfortytwo gregsfortytwo merged commit 66de0e3 into ceph:master Dec 7, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cephfs Ceph File System feature
Projects
None yet
5 participants