]> git.proxmox.com Git - ceph.git/blame - ceph/qa/workunits/mon/auth_caps.sh
projects / ceph.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
buildsys: fix parallel builds
[ceph.git] / ceph / qa / workunits / mon / auth_caps.sh
CommitLineData
7c673cae
FG		 1#!/bin/bash
2
3set -e
4set -x
5declare -A keymap
6
7combinations="r w x rw rx wx rwx"
8
9for i in ${combinations}; do
10 k="foo_$i"
11 k=`ceph auth get-or-create-key client.$i mon "allow $i"` || exit 1
12 keymap["$i"]=$k
13done
14
15# add special caps
16# force blank cap with '--force'
17keymap["blank"]=`ceph auth get-or-create-key client.blank mon 'allow' --force` || exit 1
18keymap["all"]=`ceph auth get-or-create-key client.all mon 'allow *'` || exit 1
19
20tmp=`mktemp`
21ceph auth export > $tmp
22
23trap "rm $tmp" INT ERR EXIT QUIT 0
24
25expect() {
26
27 set +e
28
29 local expected_ret=$1
30 local ret
31
32 shift
33 cmd=$@
34
35 eval $cmd
36 ret=$?
37
38 set -e
39
40 if [[ $ret -ne $expected_ret ]]; then
41 echo "ERROR: running \'$cmd\': expected $expected_ret got $ret"
42 return 1
43 fi
44
45 return 0
46}
47
48read_ops() {
49 local caps=$1
50 local has_read=1 has_exec=1
51 local ret
52 local args
53
54 ( echo $caps | grep 'r' ) || has_read=0
55 ( echo $caps | grep 'x' ) || has_exec=0
56
57 if [[ "$caps" == "all" ]]; then
58 has_read=1
59 has_exec=1
60 fi
61
62 ret=13
63 if [[ $has_read -gt 0 && $has_exec -gt 0 ]]; then
64 ret=0
65 fi
66
67 args="--id $caps --key ${keymap[$caps]}"
68
69 expect $ret ceph auth get client.admin $args
70 expect $ret ceph auth get-key client.admin $args
71 expect $ret ceph auth export $args
72 expect $ret ceph auth export client.admin $args
73 expect $ret ceph auth list $args
74 expect $ret ceph auth print-key client.admin $args
75 expect $ret ceph auth print_key client.admin $args
76}
77
78write_ops() {
79
80 local caps=$1
81 local has_read=1 has_write=1 has_exec=1
82 local ret
83 local err
84 local args
85
86 ( echo $caps | grep 'r' ) || has_read=0
87 ( echo $caps | grep 'w' ) || has_write=0
88 ( echo $caps | grep 'x' ) || has_exec=0
89
90 if [[ "$caps" == "all" ]]; then
91 has_read=1
92 has_write=1
93 has_exec=1
94 fi
95
96 ret=13
97 if [[ $has_read -gt 0 && $has_write -gt 0 && $has_exec -gt 0 ]]; then
98 ret=0
99 fi
100
101 args="--id $caps --key ${keymap[$caps]}"
102
103 expect $ret ceph auth add client.foo $args
104 expect $ret "ceph auth caps client.foo mon 'allow *' $args"
105 expect $ret ceph auth get-or-create client.admin $args
106 echo "wtf -- before: err=$err ret=$ret"
107 err=$ret
108 [[ $ret -eq 0 ]] && err=22 # EINVAL
109 expect $err "ceph auth get-or-create client.bar mon 'allow' $args"
110 echo "wtf -- after: err=$err ret=$ret"
111 expect $ret "ceph auth get-or-create client.bar mon 'allow' --force $args"
112 expect $ret ceph auth get-or-create-key client.admin $args
113 expect $ret ceph auth get-or-create-key client.baz $args
114 expect $ret ceph auth del client.bar $args
115 expect $ret ceph auth del client.baz $args
116 expect $ret ceph auth del client.foo $args
117 expect $ret ceph auth import -i $tmp $args
118}
119
120echo "running combinations: ${!keymap[@]}"
121
122subcmd=$1
123
124for i in ${!keymap[@]}; do
125 echo "caps: $i"
126 if [[ -z "$subcmd" || "$subcmd" == "read" || "$subcmd" == "all" ]]; then
127 read_ops $i
128 fi
129
130 if [[ -z "$subcmd" || "$subcmd" == "write" || "$subcmd" == "all" ]]; then
131 write_ops $i
132 fi
133done
134
135# cleanup
136for i in ${combinations} blank all; do
137 ceph auth del client.$i || exit 1
138done
139
140echo "OK"
Ceph