doc/release-notes: ensure RBD users can blacklist prior to upgrade

Fixes: http://tracker.ceph.com/issues/21353
Signed-off-by: Jason Dillaman <dillaman@redhat.com>

diff --git a/doc/release-notes.rst b/doc/release-notes.rst
index 884ce1722611d5bb293dfdc21562dad1b64ce673..6fbaa897f31f1236d90296ef29742d4d8aa671c2 100644 (file)
--- a/doc/release-notes.rst
+++ b/doc/release-notes.rst
@@ -163,7 +163,8 @@ Major Changes from Kraken
   * Specifying user authorization capabilities for RBD clients has been
     simplified. The general syntax for using RBD capability profiles is
     "mon 'profile rbd' osd 'profile rbd[-read-only][ pool={pool-name}[, ...]]'".
-    For more details see "User Management" in the documentation.
+    For more details see :doc:`rados/operations/user-management`
+    in the documentation.
 
 - *CephFS*:
 
@@ -417,6 +418,12 @@ Upgrade from Jewel or Kraken
 
      # ceph osd set noout
 
+#. Verify that all RBD client users have sufficient caps to blacklist
+   other client users. RBD client users with only ``"allow r"``
+   monitor caps should to be updated as follows::
+
+     # ceph auth caps client.<ID> mon 'allow r, allow command "osd blacklist"'
+
 #. Upgrade monitors by installing the new packages and restarting the
    monitor daemons.  Note that, unlike prior releases, the ceph-mon
    daemons *must* be upgraded first::