keyring: default keyring file name is 'keyring'

update accordingly the tools, scripts, man page

diff --git a/man/cauthtool.8 b/man/cauthtool.8
index c19008309c599fb24ae7c68bc4a61afbc6b5070e..15faebd15d6998b9d18046a9323f24238acf7b9f 100644 (file)
--- a/man/cauthtool.8
+++ b/man/cauthtool.8
@@ -11,6 +11,7 @@ cauthtool \- ceph keyring manipulation tool
 [ \fB\-\-gen-key\fR ]
 [ \fB\-a\fR | \fB\-\-add-key \fIbase64_key\fP ]
 [ \fB\-\-caps\fR \fIcapfils\fP ]
+[ \fB\-b\fR | \fB\-\-bin\fR ]
 .SH DESCRIPTION
 .B cauthtool
 is a utility to create, view, and modify a Ceph keyring file.  A keyring
@@ -20,25 +21,28 @@ entity name, of the form \fI{client,mon,mds,osd}.name\fP.
 .SH OPTIONS
 .TP
 \fB\-l\fP, \fB\-\-list\fP
-will list all keys and capabilities present in the keyring.
+will list all keys and capabilities present in the keyring
 .TP
 \fB\-p\fP, \fB\-\-print\fP
-will print an encoded key for the specified \fIentityname\fP.  This is suitable for the mount -o secret= argument.
+will print an encoded key for the specified \fIentityname\fP.  This is suitable for the mount -o secret= argument
 .TP
 \fB\-c\fP, \fB\-\-create-keyring\fP
-will create a new keyring, overwriting any existing \fIkeyringfile\fP.
+will create a new keyring, overwriting any existing \fIkeyringfile\fP
 .TP
 \fB\-\-gen\-key\fP
-will generate a new secret key for the specified \fIentityname\fP:
+will generate a new secret key for the specified \fIentityname\fP
 .TP
 \fB\-\-add\-key\fP
-will add an encoded key to the keyring.
+will add an encoded key to the keyring
 .TP
 \fB\-\-cap\fI subsystem capability \fP
-will set the capability for given subsystem.
+will set the capability for given subsystem
 .TP
 \fB\-\-caps\fI capsfile \fP
-will set all of capabilities associated with a given key, for all subsystems.
+will set all of capabilities associated with a given key, for all subsystems
+.TP
+\fB\-b\fP, \fB\-\-bin\fP
+will create a binary formatted keyring
 
 .SH CAPABILITIES
 
@@ -80,19 +84,19 @@ subsystem (osd, mds, mon), and the value is the capability string (see above).
 .SH EXAMPLE
 To create a new keyring containing a key for \fIclient.foo\fP:
 .IP
-cauthtool -c -n client.foo --gen-key keyring.bin
+cauthtool -c -n client.foo --gen-key keyring
 .PP
 To associate some capabilities with the key (namely, the ability to mount a Ceph filesystem):
 .IP
-cauthtool -n client.foo --cap mds 'allow' --cap osd 'allow rw pool=data' --cap mon 'allow r' keyring.bin
+cauthtool -n client.foo --cap mds 'allow' --cap osd 'allow rw pool=data' --cap mon 'allow r' keyring
 .PP
 To display the contents of the keyring:
 .IP
-cauthtool -l keyring.bin
+cauthtool -l keyring
 .PP
 When mount a Ceph file system, you can grab the appropriately encoded secret key with
 .IP
-mount -t ceph serverhost:/ mountpoint -o name=foo,secret=`cauthtool -p -n client.foo keyring.bin`
+mount -t ceph serverhost:/ mountpoint -o name=foo,secret=`cauthtool -p -n client.foo keyring`
 .PP
 .SH AVAILABILITY
 .B cauthtool

diff --git a/src/cauthtool.cc b/src/cauthtool.cc
index 52427dc921f72fb3a78774bf28f879489cb5135c..d98becd5431edbe7f0886b240ff46133d84061a6 100644 (file)
--- a/src/cauthtool.cc
+++ b/src/cauthtool.cc
@@ -26,7 +26,22 @@ using namespace std;
 
 void usage()
 {
-  cout << " usage: [--create-keyring] [--gen-key] [--name=<name>] [--set-uid=uid] [--caps=<filename>] [--list] [--print-key] <filename>" << std::endl;
+  cout << "usage: cauthtool keyringfile [OPTIONS]...\n"
+       << "where the options are:\n"
+       << "  -l, --list                    will list all keys and capabilities present in\n"
+       << "                                the keyring\n"
+       << "  -p, --print                   will print an encoded key for the specified\n"
+       << "                                entityname. This is suitable for the\n"
+       << "                                'mount -o secret=..' argument\n"
+       << "  -c, --create-keyring          will create a new keyring, overwriting any\n"
+       << "                                existing keyringfile\n"
+       << "  --gen-key                     will generate a new secret key for the\n"
+       << "                                specified entityname\n"
+       << "  --add-key                     will add an encoded key to the keyring\n"
+       << "  --cap subsystem capability    will set the capability for given subsystem\n"
+       << "  --caps capsfile               will set all of capabilities associated with a\n"
+       << "                                given key, for all subsystems\n"
+       << "  -b, --bin                     will create a binary formatted keyring" << std::endl;
   exit(1);
 }
 

diff --git a/src/common/common_init.cc b/src/common/common_init.cc
index 4feec7648fb642ed826e6286bb98a26d0b5ee17f..71455089baf0f2390932edb45f7e2beb5f13708d 100644 (file)
--- a/src/common/common_init.cc
+++ b/src/common/common_init.cc
@@ -66,8 +66,15 @@ void common_set_defaults(bool daemon)
   }
 }
 
-static void keyring_init(const char *filename)
+static void keyring_init(const char *filesearch)
 {
+  const char *filename = filesearch;
+  string keyring_search = g_conf.keyring;
+  string new_keyring;
+  if (ceph_resolve_file_search(keyring_search, new_keyring)) {
+    filename = new_keyring.c_str();
+  }
+
   int ret = g_keyring.load(filename);
   if (ret) {
     derr << "keyring_init: failed to load " << filename << dendl;

diff --git a/src/mkcephfs.in b/src/mkcephfs.in
index ee9764e59c3d32e33c5b7e74c3ba0f83c4eb97b9..2a232a86eb8917c3a040c31186268f197578e4dd 100644 (file)
--- a/src/mkcephfs.in
+++ b/src/mkcephfs.in
@@ -86,7 +86,7 @@ if [ $allhosts -eq 0 ]; then
 fi
 
 if [ -z "$adminkeyring" ]; then
-    echo "mkcephfs requires '-k /path/to/admin/keyring'. default location is /etc/ceph/keyring.bin."
+    echo "mkcephfs requires '-k /path/to/admin/keyring'. default location is /etc/ceph/keyring."
     usage_exit
 fi
 
@@ -208,12 +208,12 @@ for name in $what; do
 
        if [ -n "$ssh" ]; then
            if [ -n "$user" ]; then
-               scp -p $adminkeyring $user@$host:$mon_data/admin_keyring.bin
+               scp -p $adminkeyring $user@$host:$mon_data/admin_keyring
            else
-               scp -p $adminkeyring $host:$mon_data/admin_keyring.bin
+               scp -p $adminkeyring $host:$mon_data/admin_keyring
            fi
        else
-           cp -av $adminkeyring $mon_data/admin_keyring.bin
+           cp -av $adminkeyring $mon_data/admin_keyring
        fi
     fi
 

diff --git a/src/vstart.sh b/src/vstart.sh
index 0c71362916805c960cc042d2b69f803af880fbd1..6d3ccb4c371bfb72c2e63b90c9ed89b961398c02 100755 (executable)
--- a/src/vstart.sh
+++ b/src/vstart.sh
@@ -350,7 +350,7 @@ if [ "$start_osd" -eq 1 ]; then
         osd journal size = 100
 EOF
                    [ "$cephx" -eq 1 ] && cat <<EOF >> $conf
-        keyring = dev/osd$osd/keyring.bin
+        keyring = dev/osd$osd/keyring
 EOF
            fi
            echo mkfs osd$osd
@@ -359,7 +359,7 @@ EOF
            $cmd
 
            if [ "$cephx" -eq 1 ]; then
-               key_fn=dev/osd$osd/keyring.bin
+               key_fn=dev/osd$osd/keyring
                $SUDO $CEPH_BIN/cauthtool --create-keyring --gen-key --name=osd.$osd \
                    --cap mon 'allow *' \
                    --cap osd 'allow *' \