Adding a configurable max_buckets per user. Bucket creation
verifies that max_buckets has not reached.
Backport: dho
Signed-off-by: Yehuda Sadeh <yehuda@inktank.com>
Reviewed-by: Sage Weil <sage@inktank.com>
Stop the qa noise we fix#2410. Looks like a freeze/thaw thing.
Maybe Jan's new freeze/thaw code will address this? That's probably
wishful thinking.
Signed-off-by: Sage Weil <sage@inktank.com>
The class needs to understand the semantics of possible actions in enough
detail to apply the capabilities it describes, so it makes sense to pass
all of that information into a check method here. That is preferable to
exposing the internal structure of the capability itself to an external
function to apply the same logic.
Specifically, this fixes the problem where we return the first matching
OSDCapSpec, not a union of all matching specs, and thus fixes a problem
where applying a cap like 'allow r, allow pool foo rwx' to a write
operation in pool foo.
Signed-off-by: Sage Weil <sage@inktank.com>
The intent was to do a cap like 'allow pools-that-i-own ...', but in
practice you just do 'allow pool <myuid> ...'.. the actual auid you
authenticate as is redundant, since the cap itself is authenticated.
Signed-off-by: Sage Weil <sage@inktank.com>
The problem:
- the unittests link against gtest, and gtest is not installed. that's
normally fine, but...
- rbd and rados api unit tests link against gtest, and are installed
by 'make install'. they are needed for teuthology runs, etc.
- if we build gtest as an .la library, we can only control whether *all*
or *no* .la libraries are linked statically.
- we want librados to be linked dynamically.
The solution:
- build gtest as .a instead of a libtool library
- link it statically, always.
Unit test binaries are bigger now. Oh well...
Fixes: #2331
Signed-off-by: Sage Weil <sage@inktank.com>
Like the other upstart configs, these assume the default value for
'rgw data'. Same pattern as ceph-mon and ceph-mds.
Fixes: #2415
Signed-off-by: Sage Weil <sage@inktank.com>
The old OSDCaps had a few undesireable features:
- deny
- weird 'default permissions' semantics when auid matches and no other
cap is specified
- difficult to understand, maintain parser
This version is renamed and has a few nice features:
- spirit grammar for parsing
- simple internal grant structure with simple semantics
- support for object prefix maches
- partial support for per-class (not yet implmeented by the OSD)
Signed-off-by: Sage Weil <sage@inktank.com>
See bug #2462.
The following sequence could cause a log assuming a non-empty pg
to an empty replica:
1. primary sends query to stray
2. stray sends notify to primary
3. primary sends purge to stray removing stray from peer_info
4. stray recieves query and sends a notify
5. stray recieves purge and purges its pg
6. primary recieves notify from stray and adds it to peer_info
note: peer_info[stray] is now wrong
7. acting set changes, primary is still primary, stray is replica
8. primary sends log to replica based on incorrect info from 6.
This patch adds a purged_peer set which is populated during purge_strays
and cleared during start_peering_interval. The primary will ignore
notifies from the peer once the peer is in this set.
Signed-off-by: Samuel Just <sam.just@inktank.com>
Check the authenticated peer name directly; don't store a copy in the
OSDCaps struct. Also set the entity_name member of the session!
Signed-off-by: Sage Weil <sage@inktank.com>
We depend on leveldb, which only builds on
amd64 armel armhf i386 ia64 mipsel
Reported-by: Laszlo Boszormenyi (GCS) <gcs@debian.hu>
Signed-off-by: Sage Weil <sage@inktank.com>
