git-server-git.apps.pok.os.sepia.ceph.com Git

author	Patrick Donnelly <pdonnell@ibm.com>
	Wed, 26 Mar 2025 01:59:34 +0000 (21:59 -0400)
committer	Patrick Donnelly <pdonnell@ibm.com>
	Mon, 5 Jan 2026 21:23:31 +0000 (16:23 -0500)
commit	fb158f5145d1555f05e3c6322aab221160478dd6
tree	9f280b45de2da8bdbd7e021815be06646610be95	tree \| snapshot
parent	9599de3b567feb03b49debf09af5559b626e1177	commit \| diff

mon/AuthMonitor: add dump-keys and wipe-rotating-service-keys

`auth dump-keys` allows examining the key types for each entity and also the
rotating session keys. This lets us confirm key upgrades are done as expected.

`wipe-rotating-service-keys` clears out existing non-auth service keys so that we do not
need to wait for the rotating key expiration. It is not disruptive so long as clients
renew their tickets when prompted by the auth epoch change.

Signed-off-by: Patrick Donnelly <pdonnell@ibm.com>

src/auth/cephx/CephxKeyServer.cc		diff \| blob \| history
src/auth/cephx/CephxKeyServer.h		diff \| blob \| history
src/mon/AuthMonitor.cc		diff \| blob \| history
src/mon/MonCommands.h		diff \| blob \| history
src/tools/ceph_monstore_tool.cc		diff \| blob \| history