Re: [ceph-users] Mount CephFS with dedicated user fails: mount error 13 = Permission denied
For permanent fix, you need to fix this using patched kernel or upgrade to 4.9 kernel or higher(which has the patch fix) http://tracker.ceph.com/issues/17191 Using [mds] allow r gives users “read” permission to “/” share ie any directory/files under “/” , Example “/dir1”,”dir2” or “/MTY” can be read using the KEY and USER(client.mtyadm). If this is not concern to you, then I guess you are fine, else consider upgrading the kernel or get your current kernel patched for this cephFS kernel client fix. caps: [mds] allow r,allow rw path=/MTY -- Deepak From: ceph-users [mailto:ceph-users-boun...@lists.ceph.com] On Behalf Of c.mo...@web.de Sent: Monday, July 24, 2017 7:00 AM To: Дмитрий Глушенок Cc: ceph-users@lists.ceph.com Subject: Re: [ceph-users] Mount CephFS with dedicated user fails: mount error 13 = Permission denied THX. Mount is working now. The auth list for user mtyadm is now: client.mtyadm key: AQAlyXVZEfsYNRAAM4jHuV1Br7lpRx1qaINO+A== caps: [mds] allow r,allow rw path=/MTY caps: [mon] allow r caps: [osd] allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata 24. Juli 2017 13:25, "Дмитрий Глушенок" mailto:%22%d0%94%d0%bc%d0%b8%d1%82%d1%80%d0%b8%d0%b9%20%d0%93%d0%bb%d1%83%d1%88%d0%b5%d0%bd%d0%be%d0%ba%22%20%3cgl...@jet.msk.su%3e>> schrieb: Check your kernel version, prior to 4.9 it was needed to allow read on root path: http://lists.ceph.com/pipermail/ceph-users-ceph.com/2016-December/014804.html 24 июля 2017 г., в 12:36, c.mo...@web.de<mailto:c.mo...@web.de> написал(а): Hello! I want to mount CephFS with a dedicated user in order to avoid putting the admin key on every client host. Therefore I created a user account ceph auth get-or-create client.mtyadm mon 'allow r' mds 'allow rw path=/MTY' osd 'allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata' -o /etc/ceph/ceph.client.mtyadm.keyring and wrote out the keyring ceph-authtool -p -n client.mtyadm ceph.client.mtyadm.keyring > ceph.client.mtyadm.key This user is now displayed in auth list: client.mtyadm key: AQBYu3VZLg66LBAAGM1jW+cvNE6BoJWfsORZKA== caps: [mds] allow rw path=/MTY caps: [mon] allow r caps: [osd] allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata When I try to mount directory /MTY on the client host I get this error: ld2398:/etc/ceph # mount -t ceph ldcephmon1,ldcephmon2,ldcephmon2:/MTY /mnt/cephfs -o name=mtyadm,secretfile=/etc/ceph/ceph.client.mtyadm.key mount error 13 = Permission denied The mount works using admin though: ld2398:/etc/ceph # mount -t ceph ldcephmon1,ldcephmon2,ldcephmon2:/MTY /mnt/cephfs -o name=admin,secretfile=/etc/ceph/ceph.client.admin.key ld2398:/etc/ceph # mount | grep cephfs 10.96.5.37,10.96.5.38,10.96.5.38:/MTY on /mnt/cephfs type ceph (rw,relatime,name=admin,secret=,acl) What is causing this mount error? THX ___ ceph-users mailing list ceph-users@lists.ceph.com<mailto:ceph-users@lists.ceph.com> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com -- Dmitry Glushenok Jet Infosystems --- This email message is for the sole use of the intended recipient(s) and may contain confidential information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. --- ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
Re: [ceph-users] Mount CephFS with dedicated user fails: mount error 13 = Permission denied
THX. Mount is working now. The auth list for user mtyadm is now: client.mtyadm key: AQAlyXVZEfsYNRAAM4jHuV1Br7lpRx1qaINO+A== caps: [mds] allow r,allow rw path=/MTY caps: [mon] allow r caps: [osd] allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata 24. Juli 2017 13:25, "Дмитрий Глушенок" schrieb: Check your kernel version, prior to 4.9 it was needed to allow read on root path: http://lists.ceph.com/pipermail/ceph-users-ceph.com/2016-December/014804.html (http://lists.ceph.com/pipermail/ceph-users-ceph.com/2016-December/014804.html) 24 июля 2017 г., в 12:36, c.mo...@web.de (mailto:c.mo...@web.de) написал(а): Hello! I want to mount CephFS with a dedicated user in order to avoid putting the admin key on every client host. Therefore I created a user account ceph auth get-or-create client.mtyadm mon 'allow r' mds 'allow rw path=/MTY' osd 'allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata' -o /etc/ceph/ceph.client.mtyadm.keyring and wrote out the keyring ceph-authtool -p -n client.mtyadm ceph.client.mtyadm.keyring > ceph.client.mtyadm.key This user is now displayed in auth list: client.mtyadm key: AQBYu3VZLg66LBAAGM1jW+cvNE6BoJWfsORZKA== caps: [mds] allow rw path=/MTY caps: [mon] allow r caps: [osd] allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata When I try to mount directory /MTY on the client host I get this error: ld2398:/etc/ceph # mount -t ceph ldcephmon1,ldcephmon2,ldcephmon2:/MTY /mnt/cephfs -o name=mtyadm,secretfile=/etc/ceph/ceph.client.mtyadm.key mount error 13 = Permission denied The mount works using admin though: ld2398:/etc/ceph # mount -t ceph ldcephmon1,ldcephmon2,ldcephmon2:/MTY /mnt/cephfs -o name=admin,secretfile=/etc/ceph/ceph.client.admin.key ld2398:/etc/ceph # mount | grep cephfs 10.96.5.37,10.96.5.38,10.96.5.38:/MTY on /mnt/cephfs type ceph (rw,relatime,name=admin,secret=,acl) What is causing this mount error? THX ___ ceph-users mailing list ceph-users@lists.ceph.com (mailto:ceph-users@lists.ceph.com) http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com (http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com) -- Dmitry Glushenok Jet Infosystems ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
Re: [ceph-users] Mount CephFS with dedicated user fails: mount error 13 = Permission denied
Check your kernel version, prior to 4.9 it was needed to allow read on root path: http://lists.ceph.com/pipermail/ceph-users-ceph.com/2016-December/014804.html > 24 июля 2017 г., в 12:36, c.mo...@web.de написал(а): > > Hello! > > I want to mount CephFS with a dedicated user in order to avoid putting the > admin key on every client host. > Therefore I created a user account > ceph auth get-or-create client.mtyadm mon 'allow r' mds 'allow rw path=/MTY' > osd 'allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata' -o > /etc/ceph/ceph.client.mtyadm.keyring > and wrote out the keyring > ceph-authtool -p -n client.mtyadm ceph.client.mtyadm.keyring > > ceph.client.mtyadm.key > > This user is now displayed in auth list: > client.mtyadm >key: AQBYu3VZLg66LBAAGM1jW+cvNE6BoJWfsORZKA== >caps: [mds] allow rw path=/MTY >caps: [mon] allow r >caps: [osd] allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata > > When I try to mount directory /MTY on the client host I get this error: > ld2398:/etc/ceph # mount -t ceph ldcephmon1,ldcephmon2,ldcephmon2:/MTY > /mnt/cephfs -o name=mtyadm,secretfile=/etc/ceph/ceph.client.mtyadm.key > mount error 13 = Permission denied > > The mount works using admin though: > ld2398:/etc/ceph # mount -t ceph ldcephmon1,ldcephmon2,ldcephmon2:/MTY > /mnt/cephfs -o name=admin,secretfile=/etc/ceph/ceph.client.admin.key > ld2398:/etc/ceph # mount | grep cephfs > 10.96.5.37,10.96.5.38,10.96.5.38:/MTY on /mnt/cephfs type ceph > (rw,relatime,name=admin,secret=,acl) > > What is causing this mount error? > > THX > ___ > ceph-users mailing list > ceph-users@lists.ceph.com > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com -- Dmitry Glushenok Jet Infosystems ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
Re: [ceph-users] Mount CephFS with dedicated user fails: mount error 13 = Permission denied
Hi, I think you there is missing perm for the mds. Try adding allow r to mds permissions. Something like ceph auth get-or-create client.mtyadm mon 'allow r' mds '*allow r*, allow rw path=/MTY' osd 'allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata' -o /etc/ceph/ceph.client.mtyadm.keyring Jaime On 24/07/17 10:36, c.mo...@web.de wrote: Hello! I want to mount CephFS with a dedicated user in order to avoid putting the admin key on every client host. Therefore I created a user account ceph auth get-or-create client.mtyadm mon 'allow r' mds 'allow rw path=/MTY' osd 'allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata' -o /etc/ceph/ceph.client.mtyadm.keyring and wrote out the keyring ceph-authtool -p -n client.mtyadm ceph.client.mtyadm.keyring > ceph.client.mtyadm.key This user is now displayed in auth list: client.mtyadm key: AQBYu3VZLg66LBAAGM1jW+cvNE6BoJWfsORZKA== caps: [mds] allow rw path=/MTY caps: [mon] allow r caps: [osd] allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata When I try to mount directory /MTY on the client host I get this error: ld2398:/etc/ceph # mount -t ceph ldcephmon1,ldcephmon2,ldcephmon2:/MTY /mnt/cephfs -o name=mtyadm,secretfile=/etc/ceph/ceph.client.mtyadm.key mount error 13 = Permission denied The mount works using admin though: ld2398:/etc/ceph # mount -t ceph ldcephmon1,ldcephmon2,ldcephmon2:/MTY /mnt/cephfs -o name=admin,secretfile=/etc/ceph/ceph.client.admin.key ld2398:/etc/ceph # mount | grep cephfs 10.96.5.37,10.96.5.38,10.96.5.38:/MTY on /mnt/cephfs type ceph (rw,relatime,name=admin,secret=,acl) What is causing this mount error? THX ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com -- Jaime Ibar High Performance & Research Computing, IS Services Lloyd Building, Trinity College Dublin, Dublin 2, Ireland. http://www.tchpc.tcd.ie/ | ja...@tchpc.tcd.ie Tel: +353-1-896-3725 ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
[ceph-users] Mount CephFS with dedicated user fails: mount error 13 = Permission denied
Hello! I want to mount CephFS with a dedicated user in order to avoid putting the admin key on every client host. Therefore I created a user account ceph auth get-or-create client.mtyadm mon 'allow r' mds 'allow rw path=/MTY' osd 'allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata' -o /etc/ceph/ceph.client.mtyadm.keyring and wrote out the keyring ceph-authtool -p -n client.mtyadm ceph.client.mtyadm.keyring > ceph.client.mtyadm.key This user is now displayed in auth list: client.mtyadm key: AQBYu3VZLg66LBAAGM1jW+cvNE6BoJWfsORZKA== caps: [mds] allow rw path=/MTY caps: [mon] allow r caps: [osd] allow rw pool=hdb-backup,allow rw pool=hdb-backup_metadata When I try to mount directory /MTY on the client host I get this error: ld2398:/etc/ceph # mount -t ceph ldcephmon1,ldcephmon2,ldcephmon2:/MTY /mnt/cephfs -o name=mtyadm,secretfile=/etc/ceph/ceph.client.mtyadm.key mount error 13 = Permission denied The mount works using admin though: ld2398:/etc/ceph # mount -t ceph ldcephmon1,ldcephmon2,ldcephmon2:/MTY /mnt/cephfs -o name=admin,secretfile=/etc/ceph/ceph.client.admin.key ld2398:/etc/ceph # mount | grep cephfs 10.96.5.37,10.96.5.38,10.96.5.38:/MTY on /mnt/cephfs type ceph (rw,relatime,name=admin,secret=,acl) What is causing this mount error? THX ___ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com