diff options
| author | Wido den Hollander <wido@widodh.nl> | 2013-09-23 13:51:26 +0200 |
|---|---|---|
| committer | Wido den Hollander <wido@widodh.nl> | 2013-09-23 13:52:51 +0200 |
| commit | 991139bc0de1147171a08c21cfffd0dc57cd2b81 (patch) | |
| tree | 760a861ff68ef84efa68f0911c2c19bdc0900c43 | |
| parent | 08a97ae45f4df58a6a8ea8a6400934d860cf5eb4 (diff) | |
| download | ceph-991139bc0de1147171a08c21cfffd0dc57cd2b81.tar.gz | |
doc: When bootstrapping mon set the correct caps for client.admin
Otherwise client.admin will be privilege-less and the admin can't
access the cluster.
| -rw-r--r-- | doc/dev/mon-bootstrap.rst | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/dev/mon-bootstrap.rst b/doc/dev/mon-bootstrap.rst index 9ce0070b791..0a4a9a2981e 100644 --- a/doc/dev/mon-bootstrap.rst +++ b/doc/dev/mon-bootstrap.rst @@ -42,7 +42,7 @@ with a command like:: When creating a new monitor cluster, the keyring should also contain a ``client.admin`` key that can be used to administer the system:: - ceph-authtool /path/to/keyring --gen-key -n client.admin + ceph-authtool /path/to/keyring --gen-key -n client.admin --set-uid=0 --cap mon 'allow *' --cap osd 'allow *' --cap mds 'allow' The resulting keyring is fed to ``ceph-mon --mkfs`` with the ``--keyring <keyring>`` command-line argument. |