doc: When bootstrapping mon set the correct caps for client.admin

Otherwise client.admin will be privilege-less and the admin can't
access the cluster.

diff --git a/doc/dev/mon-bootstrap.rst b/doc/dev/mon-bootstrap.rst
index 9ce0070b791c456a20e67c46ec3a65d85d2aade2..0a4a9a2981e8250a28c24c3178e0c1835dd93a96 100644 (file)
--- a/doc/dev/mon-bootstrap.rst
+++ b/doc/dev/mon-bootstrap.rst
@@ -42,7 +42,7 @@ with a command like::
 When creating a new monitor cluster, the keyring should also contain a ``client.admin`` key that can be used
 to administer the system::
 
-        ceph-authtool /path/to/keyring --gen-key -n client.admin
+        ceph-authtool /path/to/keyring --gen-key -n client.admin --set-uid=0 --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow'
 
 The resulting keyring is fed to ``ceph-mon --mkfs`` with the ``--keyring <keyring>`` command-line argument.