Description of problem: Any permissions in MDS caps besides "allow *" and "allow w" must start with "allow r" or "allow rw". Otherwise the MDS cap is rejected. The error printed by MDS in this case is the generic error the MDS prints in every case of incorrect MDS caps. Unlike some other Ceph daemons, MDS doesn't permission like "allow w". Therefore, print a special error message so that users are specifically told that the permissions in the MDS caps, besides "all" and "*", must start with "r" or "rw". Such a message is printed in case of "ceph fs authorize" but the commands "ceph auth add", "ceph auth caps", "ceph auth get-or-create" and "ceph auth get-or-create-key" don't. Let's make these commands too print a special message. Version-Release number of selected component (if applicable): How reproducible: Everytime
[root@ceph-julpark-kd407z-node7 cephuser]# eph auth get-or-create client.name1 mon "allow *" mds "allow w" mgr "allow rw" osd "allow rw tag cephfs data=cephfs" -o /etc/ceph/ceph.client.name1.keyring bash: eph: command not found [root@ceph-julpark-kd407z-node7 cephuser]# ceph auth get-or-create client.name1 mon "allow *" mds "allow w" mgr "allow rw" osd "allow rw tag cephfs data=cephfs" -o /etc/ceph/ceph.client.name1.keyring Error EINVAL: Permission flags in MDS caps must start with 'r' or 'rw' or be '*' or 'all' [root@ceph-julpark-kd407z-node7 cephuser]# verified on 17.2.6-193.el9cp
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Red Hat Ceph Storage 6.1 Bug Fix update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2024:0747