From: Greg Farnum <gregf@hq.newdream.net>
Date: Wed, 5 May 2010 20:55:49 +0000 (-0700)
Subject: osd: fix critical cap parsing bugs and documentation.
X-Git-Tag: v0.20.1~16
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=a22732587318e2ab50b345e86333f8dc7ba26378;p=ceph.git

osd: fix critical cap parsing bugs and documentation.
---

diff --git a/man/cauthtool.8 b/man/cauthtool.8
index 7415a1bc3f1..3bf5c160a59 100644
--- a/man/cauthtool.8
+++ b/man/cauthtool.8
@@ -42,7 +42,7 @@ subsystem (osd, mds, mon).  The value is a comma separated list of allow, deny c
 specifier containing one or more of \fIrwx\fP, for read, write, and execute permission.  If you want to declare the key an administrator (with full privileges on everything), use the shorthand 'subsystem = "allow *"'. For
 example,
 .IP
-osd = "allow rwx [pool foo] [auid bar]"  # can read, write, and execute objects
+osd = "allow rwx [pool=foo[,bar]]|[uid=baz[,bay]]"  # can read, write, and execute objects
 .IP
 mds = "allow"      # can access mds server
 .IP
@@ -56,7 +56,7 @@ A client mounting the file system with minimal permissions would need caps like
 .IP
 mds = "allow"
 .IP
-osd = "allow rw pool data"
+osd = "allow rw; allow rw pool = data_pool_num"
 .IP
 mon = "allow r"
 .PP
diff --git a/src/osd/OSDCaps.cc b/src/osd/OSDCaps.cc
index 9f80bf1aef5..b88dbe40882 100644
--- a/src/osd/OSDCaps.cc
+++ b/src/osd/OSDCaps.cc
@@ -125,9 +125,10 @@ do { \
         } else if (is_rwx(token, cap_val)) {
           ASSERT_STATE(op_allow || op_deny);
         } else if (token.compare(";") != 0) {
-          ASSERT_STATE(got_eq);
+	  ASSERT_STATE(got_eq);
           if (token.compare(",") == 0) {
             ASSERT_STATE(!last_is_comma);
+	    last_is_comma = true;
           } else {
             last_is_comma = false;
             int num = strtol(token.c_str(), NULL, 10);
@@ -139,10 +140,10 @@ do { \
           if (got_eq) {
             ASSERT_STATE(num_list.size() > 0);
             list<int>::iterator iter;
-	    map<int, OSDCap>& working_map = pools_map;
-	    if (cmd_uid) working_map = auid_map;
+	    map<int, OSDCap> *working_map = &pools_map;
+	    if (cmd_uid) working_map = &auid_map;
             for (iter = num_list.begin(); iter != num_list.end(); ++iter) {
-              OSDCap& cap = working_map[*iter];
+              OSDCap& cap = (*working_map)[*iter];
               if (op_allow) {
                 cap.allow |= cap_val;
               } else {