auth: add mgr service type

Signed-off-by: John Spray <john.spray@redhat.com>

diff --git a/src/auth/Auth.h b/src/auth/Auth.h
index 9dc88ffde8eb9fc28a0e51e386276ca76b8739f6..c5bda0ccaf49f11b763842870afc37898ccb0923 100644 (file)
--- a/src/auth/Auth.h
+++ b/src/auth/Auth.h
@@ -238,7 +238,9 @@ public:
 static inline bool auth_principal_needs_rotating_keys(EntityName& name)
 {
   uint32_t ty(name.get_type());
-  return ((ty == CEPH_ENTITY_TYPE_OSD) || (ty == CEPH_ENTITY_TYPE_MDS));
+  return ((ty == CEPH_ENTITY_TYPE_OSD)
+      || (ty == CEPH_ENTITY_TYPE_MDS)
+      || (ty == CEPH_ENTITY_TYPE_MGR));
 }
 
 #endif

diff --git a/src/auth/cephx/CephxKeyServer.cc b/src/auth/cephx/CephxKeyServer.cc
index cda1554375d9991e0644ab603ff845373c75b246..6524e616fdeb79767a9b3e23d9ad47f2005844c6 100644 (file)
--- a/src/auth/cephx/CephxKeyServer.cc
+++ b/src/auth/cephx/CephxKeyServer.cc
@@ -156,6 +156,7 @@ bool KeyServer::_check_rotating_secrets()
   added += _rotate_secret(CEPH_ENTITY_TYPE_MON);
   added += _rotate_secret(CEPH_ENTITY_TYPE_OSD);
   added += _rotate_secret(CEPH_ENTITY_TYPE_MDS);
+  added += _rotate_secret(CEPH_ENTITY_TYPE_MGR);
 
   if (added) {
     ldout(cct, 10) << __func__ << " added " << added << dendl;

diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc
index 09425dd1aab84155add919925fccaff989d06798..d148d050095ea8674b84fb9aac952dbd70302f67 100644 (file)
--- a/src/mon/AuthMonitor.cc
+++ b/src/mon/AuthMonitor.cc
@@ -393,7 +393,8 @@ bool AuthMonitor::prep_auth(MonOpRequestRef op, bool paxos_writable)
     if (!m->get_connection()->has_feature(CEPH_FEATURE_MSG_AUTH)) {
       if (entity_name.get_type() == CEPH_ENTITY_TYPE_MON ||
          entity_name.get_type() == CEPH_ENTITY_TYPE_OSD ||
-         entity_name.get_type() == CEPH_ENTITY_TYPE_MDS) {
+         entity_name.get_type() == CEPH_ENTITY_TYPE_MDS ||
+         entity_name.get_type() == CEPH_ENTITY_TYPE_MGR) {
        if (g_conf->cephx_cluster_require_signatures ||
            g_conf->cephx_require_signatures) {
          dout(1) << m->get_source_inst()
@@ -417,7 +418,8 @@ bool AuthMonitor::prep_auth(MonOpRequestRef op, bool paxos_writable)
     int type;
     if (entity_name.get_type() == CEPH_ENTITY_TYPE_MON ||
        entity_name.get_type() == CEPH_ENTITY_TYPE_OSD ||
-       entity_name.get_type() == CEPH_ENTITY_TYPE_MDS)
+       entity_name.get_type() == CEPH_ENTITY_TYPE_MDS ||
+       entity_name.get_type() == CEPH_ENTITY_TYPE_MGR)
       type = mon->auth_cluster_required.pick(supported);
     else
       type = mon->auth_service_required.pick(supported);