Fixes: http://tracker.ceph.com/issues/19790
Signed-off-by: Brad Hubbard <bhubbard@redhat.com>
(cherry picked from commit
a921882e7c676d68ed67b54301b49fd9bed42945)
Conflicts:
qa/suites/rados/singleton-nomsgr/all/pool-access.yaml - drop mgr.x
role, which is not needed in jewel and might even cause the test to
fail
src/osd/PrimaryLogPG.cc - this file doesn't exist in jewel, so apply
the change manually to ReplicatedPG.cc (i.e., by moving the
op->includes_pg_op() conditional below the
!op_has_sufficient_caps(op) conditional)
--- /dev/null
+roles:
+- [mon.a, osd.0, osd.1, client.0]
+tasks:
+- install:
+- ceph:
+- workunit:
+ clients:
+ all:
+ - rados/test_pool_access.sh
--- /dev/null
+#!/bin/bash -x
+
+set -e
+
+expect_1()
+{
+ set -x
+ set +e
+ "$@"
+ if [ $? == 1 ]; then return 0; else return 1; fi
+}
+
+
+key=`ceph auth get-or-create-key client.poolaccess1 mon 'allow r' osd 'allow *'`
+rados --id poolaccess1 --key $key -p rbd ls
+
+key=`ceph auth get-or-create-key client.poolaccess2 mon 'allow r' osd 'allow * pool=nopool'`
+expect_1 rados --id poolaccess2 --key $key -p rbd ls
+
+key=`ceph auth get-or-create-key client.poolaccess3 mon 'allow r' osd 'allow rw pool=nopool'`
+expect_1 rados --id poolaccess3 --key $key -p rbd ls
+
+echo OK
}
}
+ if (!op_has_sufficient_caps(op)) {
+ osd->reply_op_error(op, -EPERM);
+ return;
+ }
+
if (op->includes_pg_op()) {
if (pg_op_must_wait(m)) {
wait_for_all_missing(op);
return do_pg_op(op);
}
- if (!op_has_sufficient_caps(op)) {
- osd->reply_op_error(op, -EPERM);
- return;
- }
-
hobject_t head(m->get_oid(), m->get_object_locator().key,
CEPH_NOSNAP, m->get_pg().ps(),
info.pgid.pool(), m->get_object_locator().nspace);
projects / ceph.git / commitdiff