mon/MonCap: bootstrap-* need to subscribe to osdmap, monmap

Signed-off-by: Sage Weil <sage@inktank.com>

diff --git a/src/mon/MonCap.cc b/src/mon/MonCap.cc
index bf8eb6fb79df1e85e1924137cb06b1690d7a9e29..6f1055091e003456a7c6ca8aedf2bf0c4a8b67d0 100644 (file)
--- a/src/mon/MonCap.cc
+++ b/src/mon/MonCap.cc
@@ -143,6 +143,8 @@ void MonCapGrant::expand_profile(entity_name_t name) const
     profile_grants.push_back(MonCapGrant("config-key delete", "key", StringConstraint("", prefix)));
   }
   if (profile == "bootstrap-osd") {
+    profile_grants.push_back(MonCapGrant("mon", MON_CAP_R));  // read monmap
+    profile_grants.push_back(MonCapGrant("osd", MON_CAP_R));  // read osdmap
     profile_grants.push_back(MonCapGrant("mon getmap"));
     profile_grants.push_back(MonCapGrant("osd create"));
     profile_grants.push_back(MonCapGrant("osd crush set"));  // FIXME: constraint this further?
@@ -152,6 +154,8 @@ void MonCapGrant::expand_profile(entity_name_t name) const
     profile_grants.back().command_args["caps_osd"] = StringConstraint("allow *", "");
   }
   if (profile == "bootstrap-mds") {
+    profile_grants.push_back(MonCapGrant("mon", MON_CAP_R));  // read monmap
+    profile_grants.push_back(MonCapGrant("osd", MON_CAP_R));  // read osdmap
     profile_grants.push_back(MonCapGrant("mon getmap"));
     profile_grants.push_back(MonCapGrant("auth get-or-create"));  // FIXME: this can expose other mds keys
     profile_grants.back().command_args["name"] = StringConstraint("", "mds.");