From bbc66310efc19c5801d49a54c0ff264c57097e48 Mon Sep 17 00:00:00 2001
From: John Spray <john.spray@redhat.com>
Date: Wed, 25 May 2016 19:42:04 +0100
Subject: [PATCH] auth: add mgr service type

Signed-off-by: John Spray <john.spray@redhat.com>
---
 src/auth/Auth.h                  | 4 +++-
 src/auth/cephx/CephxKeyServer.cc | 1 +
 src/mon/AuthMonitor.cc           | 6 ++++--
 3 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/auth/Auth.h b/src/auth/Auth.h
index 9dc88ffde8e..c5bda0ccaf4 100644
--- a/src/auth/Auth.h
+++ b/src/auth/Auth.h
@@ -238,7 +238,9 @@ public:
 static inline bool auth_principal_needs_rotating_keys(EntityName& name)
 {
   uint32_t ty(name.get_type());
-  return ((ty == CEPH_ENTITY_TYPE_OSD) || (ty == CEPH_ENTITY_TYPE_MDS));
+  return ((ty == CEPH_ENTITY_TYPE_OSD)
+      || (ty == CEPH_ENTITY_TYPE_MDS)
+      || (ty == CEPH_ENTITY_TYPE_MGR));
 }
 
 #endif
diff --git a/src/auth/cephx/CephxKeyServer.cc b/src/auth/cephx/CephxKeyServer.cc
index cda1554375d..6524e616fde 100644
--- a/src/auth/cephx/CephxKeyServer.cc
+++ b/src/auth/cephx/CephxKeyServer.cc
@@ -156,6 +156,7 @@ bool KeyServer::_check_rotating_secrets()
   added += _rotate_secret(CEPH_ENTITY_TYPE_MON);
   added += _rotate_secret(CEPH_ENTITY_TYPE_OSD);
   added += _rotate_secret(CEPH_ENTITY_TYPE_MDS);
+  added += _rotate_secret(CEPH_ENTITY_TYPE_MGR);
 
   if (added) {
     ldout(cct, 10) << __func__ << " added " << added << dendl;
diff --git a/src/mon/AuthMonitor.cc b/src/mon/AuthMonitor.cc
index 09425dd1aab..d148d050095 100644
--- a/src/mon/AuthMonitor.cc
+++ b/src/mon/AuthMonitor.cc
@@ -393,7 +393,8 @@ bool AuthMonitor::prep_auth(MonOpRequestRef op, bool paxos_writable)
     if (!m->get_connection()->has_feature(CEPH_FEATURE_MSG_AUTH)) {
       if (entity_name.get_type() == CEPH_ENTITY_TYPE_MON ||
 	  entity_name.get_type() == CEPH_ENTITY_TYPE_OSD ||
-	  entity_name.get_type() == CEPH_ENTITY_TYPE_MDS) {
+	  entity_name.get_type() == CEPH_ENTITY_TYPE_MDS ||
+	  entity_name.get_type() == CEPH_ENTITY_TYPE_MGR) {
 	if (g_conf->cephx_cluster_require_signatures ||
 	    g_conf->cephx_require_signatures) {
 	  dout(1) << m->get_source_inst()
@@ -417,7 +418,8 @@ bool AuthMonitor::prep_auth(MonOpRequestRef op, bool paxos_writable)
     int type;
     if (entity_name.get_type() == CEPH_ENTITY_TYPE_MON ||
 	entity_name.get_type() == CEPH_ENTITY_TYPE_OSD ||
-	entity_name.get_type() == CEPH_ENTITY_TYPE_MDS)
+	entity_name.get_type() == CEPH_ENTITY_TYPE_MDS ||
+	entity_name.get_type() == CEPH_ENTITY_TYPE_MGR)
       type = mon->auth_cluster_required.pick(supported);
     else
       type = mon->auth_service_required.pick(supported);
-- 
2.39.5