git-server-git.apps.pok.os.sepia.ceph.com Git

author	Patrick Donnelly <pdonnell@ibm.com>
	Wed, 26 Mar 2025 01:59:34 +0000 (21:59 -0400)
committer	Patrick Donnelly <pdonnell@ibm.com>
	Mon, 29 Dec 2025 22:29:59 +0000 (17:29 -0500)
commit	93ba95701089420c77b4151d363424dc5a04278e
tree	b84dfab9c88119b266707d560a5dd36dbe651f8c	tree \| snapshot
parent	fb05873f66d0a26a051cd5e6eb10f73b74640466	commit \| diff

mon/AuthMonitor: add dump-keys and wipe-rotating-service-keys

`auth dump-keys` allows examining the key types for each entity and also the
rotating session keys. This lets us confirm key upgrades are done as expected.

`wipe-rotating-service-keys` clears out existing non-auth service keys so that we do not
need to wait for the rotating key expiration. It is not disruptive so long as clients
renew their tickets when prompted by the auth epoch change.

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>

src/auth/cephx/CephxKeyServer.cc		diff \| blob \| history
src/auth/cephx/CephxKeyServer.h		diff \| blob \| history
src/mon/AuthMonitor.cc		diff \| blob \| history
src/mon/MonCommands.h		diff \| blob \| history
src/tools/ceph_monstore_tool.cc		diff \| blob \| history