Comment 2 for bug 1904015

Revision history for this message
Giulio Fidente (gfidente) wrote :

I am looking at if we can implement some safety measures in the Ceph cluster; for example it would be nice if we had the ability to configure a cephx account for it to be allowed to create entried but edit/delete only those it created in the first place

from the ceph docs [1] it doesn't look like the authorization (capabilities) for a user can be configured to do so; if a cephx user has admin rights it can mess up with any existing user

I will dig more and see what if anything is possible