Previously, read_key was printing out error messages when it failed.
But because some callers are fine with it failing on ENOENT, and they
all have more context anyway, it no longer does so and they need
their own logging output. Now they have it.
Signed-off-by: Greg Farnum <greg@inktank.com>
Users can now place shared or exclusive locks, can remove their own
locks, can break the locks of others, and can list locks. All these
functions are considered PUBLIC_EXEC to match the other rbd methods.
Signed-off-by: Greg Farnum <greg@inktank.com>
The callers report errors and pass up errors, so do not spam stderr with
this. Fixes the confusion that sparked #2595.
Signed-off-by: Sage Weil <sage@inktank.com>
Fixes#2542. The old behavior just merged src object attrs
and provided attributes. The new (and correct) behavior looks
at the x-[amz|rgw|...]-metadata-directive and either copies
the source attrs, or replaces them with the provided attrs.
Signed-off-by: Yehuda Sadeh <yehuda@inktank.com>
To support this, add a refresh_seq counter which is incremented every
time we get a notify. This way we can handle the concern from
7add136f90, in which we get a notify
in the middle of doing a refresh.
Signed-off-by: Greg Farnum <greg@inktank.com>
Reviewed-by: Josh Durgin <josh.durgin@inktank.com>
This should help us track down/verify #2535. It seems to happen on several
different systems, but we haven't figured out which ones yet.
This detects the bug, but does not attempt to correct it.
Signed-off-by: Sage Weil <sage@inktank.com>
Adding a configurable max_buckets per user. Bucket creation
verifies that max_buckets has not reached.
Backport: dho
Signed-off-by: Yehuda Sadeh <yehuda@inktank.com>
Reviewed-by: Sage Weil <sage@inktank.com>
Stop the qa noise we fix#2410. Looks like a freeze/thaw thing.
Maybe Jan's new freeze/thaw code will address this? That's probably
wishful thinking.
Signed-off-by: Sage Weil <sage@inktank.com>
The class needs to understand the semantics of possible actions in enough
detail to apply the capabilities it describes, so it makes sense to pass
all of that information into a check method here. That is preferable to
exposing the internal structure of the capability itself to an external
function to apply the same logic.
Specifically, this fixes the problem where we return the first matching
OSDCapSpec, not a union of all matching specs, and thus fixes a problem
where applying a cap like 'allow r, allow pool foo rwx' to a write
operation in pool foo.
Signed-off-by: Sage Weil <sage@inktank.com>
The intent was to do a cap like 'allow pools-that-i-own ...', but in
practice you just do 'allow pool <myuid> ...'.. the actual auid you
authenticate as is redundant, since the cap itself is authenticated.
Signed-off-by: Sage Weil <sage@inktank.com>
The problem:
- the unittests link against gtest, and gtest is not installed. that's
normally fine, but...
- rbd and rados api unit tests link against gtest, and are installed
by 'make install'. they are needed for teuthology runs, etc.
- if we build gtest as an .la library, we can only control whether *all*
or *no* .la libraries are linked statically.
- we want librados to be linked dynamically.
The solution:
- build gtest as .a instead of a libtool library
- link it statically, always.
Unit test binaries are bigger now. Oh well...
Fixes: #2331
Signed-off-by: Sage Weil <sage@inktank.com>
Like the other upstart configs, these assume the default value for
'rgw data'. Same pattern as ceph-mon and ceph-mds.
Fixes: #2415
Signed-off-by: Sage Weil <sage@inktank.com>
The old OSDCaps had a few undesireable features:
- deny
- weird 'default permissions' semantics when auid matches and no other
cap is specified
- difficult to understand, maintain parser
This version is renamed and has a few nice features:
- spirit grammar for parsing
- simple internal grant structure with simple semantics
- support for object prefix maches
- partial support for per-class (not yet implmeented by the OSD)
Signed-off-by: Sage Weil <sage@inktank.com>
See bug #2462.
The following sequence could cause a log assuming a non-empty pg
to an empty replica:
1. primary sends query to stray
2. stray sends notify to primary
3. primary sends purge to stray removing stray from peer_info
4. stray recieves query and sends a notify
5. stray recieves purge and purges its pg
6. primary recieves notify from stray and adds it to peer_info
note: peer_info[stray] is now wrong
7. acting set changes, primary is still primary, stray is replica
8. primary sends log to replica based on incorrect info from 6.
This patch adds a purged_peer set which is populated during purge_strays
and cleared during start_peering_interval. The primary will ignore
notifies from the peer once the peer is in this set.
Signed-off-by: Samuel Just <sam.just@inktank.com>
