From c43c7744a5479a0c751599d5cd8791af7b5502c3 Mon Sep 17 00:00:00 2001
From: Sage Weil <sage@inktank.com>
Date: Tue, 22 May 2012 17:34:55 -0700
Subject: [PATCH] mon: require admin privs to issue any monitor commands

This is overkill, but a first step before pushing caps enforcement down
into each subfunction that processes monitor commands.

Fixes: #2443
Signed-off-by: Sage Weil <sage@inktank.com>
---
 src/mon/MonCaps.h  | 4 ++++
 src/mon/Monitor.cc | 7 +++----
 2 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/src/mon/MonCaps.h b/src/mon/MonCaps.h
index b6dfef88c0dc9..ca56b666a3678 100644
--- a/src/mon/MonCaps.h
+++ b/src/mon/MonCaps.h
@@ -92,6 +92,10 @@ public:
   void set_allow_all(bool allow) { allow_all = allow; }
   void set_auid(uint64_t uid) { auid = uid; }
 
+  bool get_allow_all() const {
+    return allow_all;
+  }
+
   void encode(bufferlist& bl) const;
   void decode(bufferlist::iterator& bl);
   void dump(Formatter *f) const;
diff --git a/src/mon/Monitor.cc b/src/mon/Monitor.cc
index 18417eaed03fb..d30fb5f3a869c 100644
--- a/src/mon/Monitor.cc
+++ b/src/mon/Monitor.cc
@@ -999,9 +999,6 @@ void Monitor::finish_election()
 
 bool Monitor::_allowed_command(MonSession *s, const vector<string>& cmd)
 {
-  if (s->caps.check_privileges(PAXOS_MONMAP, MON_CAP_ALL))
-    return true;
-
   for (list<list<string> >::iterator p = s->caps.cmd_allow.begin();
        p != s->caps.cmd_allow.end();
        ++p) {
@@ -1124,7 +1121,9 @@ void Monitor::handle_command(MMonCommand *m)
   }
 
   MonSession *session = m->get_session();
-  if (!session || !_allowed_command(session, m->cmd)) {
+  if (!session ||
+      (!session->caps.get_allow_all() &&
+       !_allowed_command(session, m->cmd))) {
     string rs = "Access denied";
     reply_command(m, -EACCES, rs, 0);
     return;
-- 
2.39.5