[Bug 1847822] Re: CephFS authorize fails with unknown cap type

James Page james.page at ubuntu.com
Tue Jan 21 13:31:17 UTC 2020 

This bug was fixed in the package ceph - 12.2.12-0ubuntu0.18.04.4~cloud0
---------------

 ceph (12.2.12-0ubuntu0.18.04.4~cloud0) xenial-queens; urgency=medium
 .
   * New update for the Ubuntu Cloud Archive.
 .
 ceph (12.2.12-0ubuntu0.18.04.4) bionic; urgency=medium
 .
   [ Billy Olsen ]
   * Do not validate fs caps on authorize (LP: #1847822):
     - d/p/dont-validate-fs-caps-on-authorize.patch: Do not validate
       the filesystem caps with a new client connection to the monitor
       when authorizing a client connection.
 .
   [ Dan Hill ]
   * d/p/issue38454.patch: Cherry pick of fixes for misc RGW bugs
     and cleanup of garbage collection code (LP: #1843085).
 .
   [ Dariusz Gadomski ]
   * d/p/issue37490.patch: Cherry pick fix to optimize LVM queries
     in ceph-volume, resolving performance issues in systems under
     heavy load or with large numbers of disks (LP: #1850754).


** Changed in: cloud-archive/queens
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
OpenStack, which is subscribed to Ubuntu Cloud Archive.
https://bugs.launchpad.net/bugs/1847822

Title:
  CephFS authorize fails with unknown cap type

Status in Ubuntu Cloud Archive:
  Fix Released
Status in Ubuntu Cloud Archive queens series:
  Fix Released
Status in ceph package in Ubuntu:
  Fix Released
Status in ceph source package in Bionic:
  Fix Released

Bug description:
  [Impact]

  Attempting to provide access to a user within Ceph to a specific mount
  path fails with unknown cap type. This appears to be due to the
  monitor not knowing how to validate the caps that are provided with
  the mount path per upstream bug https://tracker.ceph.com/issues/39395
  and subsequent pull requests.

  This is fixed in Mimic (13.1.0+) and included in the current Luminous
  devel release (upcoming 12.2.13).

  
  [Test Case]

  Steps to recreate:

  1. Install ceph w/ ceph-fs.

  2. Mount ceph filesystem and create subdirectory for restricting access
  $ ceph-fuse -k /etc/ceph/ceph.client.foo.keyring --id foo -m 10.5.0.5:6789 /mnt/ceph-fs
  $ mkdir /mnt/ceph-fs/bar

  3. Authorize access for ceph user to rw a directory
  $ ceph fs authorize ceph-fs client.foo /bar rw

  Expected Results:

  The authorize command to succeed

  Actual Results:

  Error EINVAL: unknown cap type '/bar'

  [Regression Potential]

  Regression potential is low as this has already been fixed upstream
  and has seen additional testing without additional problem reports
  from the change. The change does affect the validation of
  capabilities, so if a problem were to arise it would likely be in the
  verification of capabilities when the code is parsing.

  [Other Info]

  Upstream pull-request: https://github.com/ceph/ceph/pull/28666

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-archive/+bug/1847822/+subscriptions

More information about the Ubuntu-openstack-bugs mailing list