diff options
| author | Sage Weil <sage@redhat.com> | 2017-03-14 03:37:29 +0100 |
|---|---|---|
| committer | Sage Weil <sage@redhat.com> | 2017-03-29 17:39:26 +0200 |
| commit | 6625fcd8fd1b847024f881008d1c2b33b18895e4 (patch) | |
| tree | c7c4d601ddb35c1edceda58d23c8d42e953de836 /systemd | |
| parent | vstart.sh: fix mgr caps (diff) | |
| download | ceph-6625fcd8fd1b847024f881008d1c2b33b18895e4.tar.xz ceph-6625fcd8fd1b847024f881008d1c2b33b18895e4.zip | |
systemd/ceph-mgr@.service: fix mgr mon cap
Signed-off-by: Sage Weil <sage@redhat.com>
Diffstat (limited to 'systemd')
| -rw-r--r-- | systemd/ceph-mgr@.service | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/systemd/ceph-mgr@.service b/systemd/ceph-mgr@.service index 4de0b8c2d9f..b6e9fb687f2 100644 --- a/systemd/ceph-mgr@.service +++ b/systemd/ceph-mgr@.service @@ -9,6 +9,7 @@ LimitNOFILE=1048576 LimitNPROC=1048576 EnvironmentFile=-/etc/sysconfig/ceph Environment=CLUSTER=ceph + # This ExecStartPre business is a hack to inject a key for the mgr daemon, # using whatever key already exists on the mon on this node to gain sufficient # permissions to create the mgr key. Failure is ignored at every step (the @@ -19,7 +20,8 @@ Environment=CLUSTER=ceph ExecStartPre=-/bin/sh -c "exec mkdir -p /var/lib/ceph/mgr/${CLUSTER}-%i" ExecStartPre=-/bin/sh -c "[ -f /var/lib/ceph/mgr/${CLUSTER}-%i/keyring ] || /usr/bin/ceph-authtool --create-keyring --gen-key --name=mgr.%i /var/lib/ceph/mgr/${CLUSTER}-%i/keyring" ExecStartPre=-/bin/sh -c "exec chown -R ceph.ceph /var/lib/ceph/mgr/${CLUSTER}-%i" -ExecStartPre=-/usr/bin/ceph -i /var/lib/ceph/mgr/${CLUSTER}-%i/keyring auth add mgr.%i mon 'allow *' --keyring=/var/lib/ceph/mon/${CLUSTER}-%i/keyring --name=mon. +ExecStartPre=-/usr/bin/ceph -i /var/lib/ceph/mgr/${CLUSTER}-%i/keyring auth add mgr.%i mon 'allow profile mgr' --keyring=/var/lib/ceph/mon/${CLUSTER}-%i/keyring --name=mon. + ExecStart=/usr/bin/ceph-mgr -f --cluster ${CLUSTER} --id %i --setuser ceph --setgroup ceph ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure |