2247586 – [cephfs][mds] mds "allow w" needs appropriate guide for customers

Bug 2247586 - [cephfs][mds] mds "allow w" needs appropriate guide for customers

Summary: [cephfs][mds] mds "allow w" needs appropriate guide for customers

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	CephFS
Sub Component:
Version:	6.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Target Release:	7.1
Assignee:	Rishabh Dave
QA Contact:	julpark
Docs Contact:	Akash Raj
URL:
Whiteboard:
Depends On:
Blocks:	2267614 2298578 2298579
TreeView+	depends on / blocked

Reported:	2023-11-02 06:45 UTC by julpark
Modified:	2024-11-16 04:25 UTC (History)
CC List:	9 users (show)
Fixed In Version:	ceph-18.2.1-2.el9cp
Doc Type:	Enhancement
Doc Text:	.Ceph commands that add or modify MDS caps give an explanation about why the MDS caps passed by user was rejected Previously, Ceph commands that add or modify MDS caps printed "Error EINVAL: mds capability parse failed, stopped at 'allow w' of 'allow w'". With this enhancement, the commands give an explanation about why the MDS caps passed by user were rejected and print Error EINVAL: Permission flags in MDS caps must start with 'r' or 'rw' or be '*' or 'all'.
Clone Of:
Environment:
Last Closed:	2024-06-13 14:22:48 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Ceph Project Bug Tracker	61666	None	None	None	2023-12-15 02:35:23 UTC
Red Hat Issue Tracker	RHCEPH-7843	None	None	None	2023-11-02 09:41:41 UTC
Red Hat Product Errata	RHSA-2024:3925	None	None	None	2024-06-13 14:22:55 UTC

Description julpark 2023-11-02 06:45:43 UTC

Description of problem:

mds "allow w" shows:

[root@ceph1-julpark-odcb5p-node7 dir1]# ceph auth get-or-create client.test mds "allow w"
Error EINVAL: mds capability parse failed, stopped at 'allow w' of 'allow w'

Version-Release number of selected component (if applicable):


How reproducible:

ceph auth get-or-create client.test mds "allow w"

Steps to Reproduce:
1.
2.
3.

Actual results:

Error EINVAL: mds capability parse failed, stopped at 'allow w' of 'allow w'

Expected results:

Having a not allowed caps change should show detailed explanation.

Even though it is expected, it should tell customer why it is invalid OR
It should be listed in the documentation.

A user’s key allows the user to authenticate with the Ceph Storage Cluster. The user’s capabilities authorize the user to read, write, or execute on Ceph monitors (mon), Ceph OSDs (osd) or Ceph Metadata Servers (mds).

-> it looks like I can assign mds "w" cap.

Additional info:

Comment 1 RHEL Program Management 2023-11-02 06:45:51 UTC

Please specify the severity of this bug. Severity is defined here:
https://bugzilla.redhat.com/page.cgi?id=fields.html#bug_severity.

Comment 10 errata-xmlrpc 2024-06-13 14:22:48 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Critical: Red Hat Ceph Storage 7.1 security, enhancements, and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2024:3925

Comment 12 Red Hat Bugzilla 2024-11-16 04:25:12 UTC

The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days

Note You need to log in before you can comment on or make changes to this bug.