From f45ddd7c9d0c1fd4168afa4d48ddabc633c28ae5 Mon Sep 17 00:00:00 2001 From: gman Date: Tue, 12 Jun 2018 17:03:45 +0200 Subject: [PATCH] cephfs: cephuser: set config and admin explicitly when creating/deleting users --- pkg/cephfs/cephuser.go | 31 +++++++++++++------------------ 1 file changed, 13 insertions(+), 18 deletions(-) diff --git a/pkg/cephfs/cephuser.go b/pkg/cephfs/cephuser.go index 3235e0272..abd152368 100644 --- a/pkg/cephfs/cephuser.go +++ b/pkg/cephfs/cephuser.go @@ -57,26 +57,16 @@ func getCephUser(userId string) (*cephEntity, error) { return &ents[0], nil } -func (e *cephEntity) create() error { - return execCommandJson(e, "ceph", "auth", "get-or-create", e.Entity, "mds", e.Caps.Mds, "osd", e.Caps.Osd, "mon", e.Caps.Mon) - -} - -func createCephUser(volOptions *volumeOptions, volUuid string, readOnly bool) (*cephEntity, error) { - access := "rw" - if readOnly { - access = "r" - } - +func createCephUser(volOptions *volumeOptions, cr *credentials, volUuid string) (*cephEntity, error) { caps := cephEntityCaps{ - Mds: fmt.Sprintf("allow %s path=%s", access, getVolumeRootPath_ceph(volUuid)), + Mds: fmt.Sprintf("allow rw path=%s", getVolumeRootPath_ceph(volUuid)), Mon: "allow r", - Osd: fmt.Sprintf("allow %s pool=%s namespace=%s", access, volOptions.Pool, getVolumeNamespace(volUuid)), + Osd: fmt.Sprintf("allow rw pool=%s namespace=%s", volOptions.Pool, getVolumeNamespace(volUuid)), } var ents []cephEntity args := [...]string{ - "auth", "-f", "json", + "auth", "-f", "json", "-c", getCephConfPath(volUuid), "-n", cephEntityClientPrefix + cr.id, "get-or-create", cephEntityClientPrefix + getCephUserName(volUuid), "mds", caps.Mds, "mon", caps.Mon, @@ -90,15 +80,20 @@ func createCephUser(volOptions *volumeOptions, volUuid string, readOnly bool) (* return &ents[0], nil } -func deleteCephUser(volUuid string) error { +func deleteCephUser(cr *credentials, volUuid string) error { userId := getCephUserName(volUuid) - if err := execCommandAndValidate("ceph", "auth", "rm", cephEntityClientPrefix+userId); err != nil { + args := [...]string{ + "-c", getCephConfPath(volUuid), "-n", cephEntityClientPrefix + cr.id, + "auth", "rm", cephEntityClientPrefix + userId, + } + + if err := execCommandAndValidate("ceph", args[:]...); err != nil { return err } - os.Remove(getCephKeyringPath(userId)) - os.Remove(getCephSecretPath(userId)) + os.Remove(getCephKeyringPath(volUuid, userId)) + os.Remove(getCephSecretPath(volUuid, userId)) return nil }