doc: radosgw needs 'mon = allow rw' to create its own pools

Fixes: #5674
Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Yehuda Sadeh <yehuda@inktank.com>

diff --git a/PendingReleaseNotes b/PendingReleaseNotes
index a9880942b5a7e1c37bf22609b8426df999e4cb0e..33959991410a8a29c7fee6bf4bfc2d93aad579b7 100644 (file)
--- a/PendingReleaseNotes
+++ b/PendingReleaseNotes
@@ -19,3 +19,8 @@ v0.67
   commandline tool.  ceph_rest_api.py can be used as a WSGI application
   for deployment in a more-capable web server.  See ceph-rest-api.8
   for more.
+
+* The radosgw caps were inconsistently documented to be either 'mon =
+  allow r' or 'mon = allow rw'.  The 'mon = allow rw' is required for
+  radosgw to create its own pools.  All documentation has been updated
+  accordingly.
\ No newline at end of file

diff --git a/doc/install/rpm.rst b/doc/install/rpm.rst
index d5d6bf196c28cc7947ab44530e0373e9924b7bbc..172f3f809a3fd8266f391cab2255f9d47c9945b1 100644 (file)
--- a/doc/install/rpm.rst
+++ b/doc/install/rpm.rst
@@ -198,7 +198,7 @@ Installing Ceph Object Storage
 #. Create a user key. ::
 
        ceph-authtool -C -n client.radosgw.gateway --gen-key /etc/ceph/keyring.radosgw.gateway
-       ceph-authtool -n client.radosgw.gateway --cap mon 'allow r' --cap osd 'allow rwx' /etc/ceph/keyring.radosgw.gateway
+       ceph-authtool -n client.radosgw.gateway --cap mon 'allow rw' --cap osd 'allow rwx' /etc/ceph/keyring.radosgw.gateway
        ceph auth add client.radosgw.gateway --in-file=/etc/ceph/keyring.radosgw.gateway
        
        

diff --git a/doc/man/8/radosgw.rst b/doc/man/8/radosgw.rst
index 46511f9afe63f3f71c1c8da63c4a5b9c79859544..0fb114973f55d9df6f8733c2d83b56a437c76f70 100644 (file)
--- a/doc/man/8/radosgw.rst
+++ b/doc/man/8/radosgw.rst
@@ -86,7 +86,7 @@ You will also have to generate a key for the radosgw to use for
 authentication with the cluster::
 
         ceph-authtool -C -n client.radosgw.gateway --gen-key /etc/ceph/keyring.radosgw.gateway
-        ceph-authtool -n client.radosgw.gateway --cap mon 'allow r' --cap osd 'allow rwx' /etc/ceph/keyring.radosgw.gateway
+        ceph-authtool -n client.radosgw.gateway --cap mon 'allow rw' --cap osd 'allow rwx' /etc/ceph/keyring.radosgw.gateway
 
 And add the key to the auth entries::
 

diff --git a/doc/rados/operations/authentication.rst b/doc/rados/operations/authentication.rst
index d56f6ef584a95fa0e6b04d3872b26ea5b1bdbde3..0b71d08b0c49dbe50dbffe7aa42bd0e6dd2e13c6 100644 (file)
--- a/doc/rados/operations/authentication.rst
+++ b/doc/rados/operations/authentication.rst
@@ -196,7 +196,7 @@ capabilities necessary for the daemon to function, are shown below.
 ``radosgw``
 
 :Location: ``$rgw_data/keyring``
-:Capabilities: ``mon 'allow r' osd 'allow rwx'``
+:Capabilities: ``mon 'allow rw' osd 'allow rwx'``
 
 
 Note that the monitor keyring contains a key but no capabilities, and

diff --git a/doc/radosgw/config.rst b/doc/radosgw/config.rst
index d7526fdd77637f452a8cd281f2fdcbf46b58437d..39ee8fccdf9b9ec05bddb77067298566e3e8f923 100644 (file)
--- a/doc/radosgw/config.rst
+++ b/doc/radosgw/config.rst
@@ -164,7 +164,7 @@ Generate a key so that RADOS Gateway can identify a user name and authenticate
 the user with the cluster. Then, add capabilities to the key. For example:: 
 
        sudo ceph-authtool /etc/ceph/keyring.radosgw.gateway -n client.radosgw.gateway --gen-key
-       sudo ceph-authtool -n client.radosgw.gateway --cap osd 'allow rwx' --cap mon 'allow r' /etc/ceph/keyring.radosgw.gateway
+       sudo ceph-authtool -n client.radosgw.gateway --cap osd 'allow rwx' --cap mon 'allow rw' /etc/ceph/keyring.radosgw.gateway
        
 
 Add to Ceph Keyring Entries