[pve-devel] [PATCH storage v5 2/3] Add simple keyring check for cephfs/rbd

Alwin Antreich a.antreich at proxmox.com
Mon Jun 25 17:50:57 CEST 2018


Signed-off-by: Alwin Antreich <a.antreich at proxmox.com>
---
 PVE/Storage/CephTools.pm | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/PVE/Storage/CephTools.pm b/PVE/Storage/CephTools.pm
index 7aa6069..3e2cede 100644
--- a/PVE/Storage/CephTools.pm
+++ b/PVE/Storage/CephTools.pm
@@ -5,6 +5,35 @@ use warnings;
 use Net::IP;
 use PVE::Tools qw(run_command);
 
+my $ceph_check_keyfile = sub {
+    my ($filename, $scfg) = @_;
+
+    if (-f $filename) {
+	my $content = PVE::Tools::file_get_contents($filename);
+	my @lines = split /\n/, $content;
+
+	my $section;
+
+	foreach my $line (@lines) {
+	    next if !$line;
+
+	    $section = $1 if $line =~ m/^\[(\S+)\]$/;
+
+	    if ($scfg->{type} eq 'rbd') {
+		if ((!$section) && (!$section =~ m/^$/)) {
+		    warn "Not a proper $scfg->{type} authentication file: $filename\n";
+		}
+	    } elsif ($scfg->{type} eq 'cephfs') {
+		if ($section || ($line =~ s/^\s+//)) {
+		    warn "Not a proper $scfg->{type} authentication file: $filename\n";
+		}
+	    }
+	}
+    }
+
+    return undef;
+};
+
 sub hostlist {
     my ($list_text, $separator) = @_;
 
@@ -29,6 +58,10 @@ sub ceph_connect_option {
 
     $cmd_option->{ceph_conf} = $pveceph_config if $pveceph_managed;
 
+    if (-e $keyfile) {
+	$ceph_check_keyfile->($keyfile, $scfg);
+    }
+
     if (-e $ceph_storeid_conf) {
 	if ($pveceph_managed) {
 	    warn "ignoring custom ceph config for storage '$storeid', 'monhost' is not set (assuming pveceph managed cluster)!\n";
-- 
2.11.0





More information about the pve-devel mailing list