diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-21 11:54:28 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-21 11:54:28 +0000 |
commit | e6918187568dbd01842d8d1d2c808ce16a894239 (patch) | |
tree | 64f88b554b444a49f656b6c656111a145cbbaa28 /qa/workunits/mon/auth_key_rotation.sh | |
parent | Initial commit. (diff) | |
download | ceph-upstream/18.2.2.tar.xz ceph-upstream/18.2.2.zip |
Adding upstream version 18.2.2.upstream/18.2.2
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'qa/workunits/mon/auth_key_rotation.sh')
-rwxr-xr-x | qa/workunits/mon/auth_key_rotation.sh | 58 |
1 files changed, 58 insertions, 0 deletions
diff --git a/qa/workunits/mon/auth_key_rotation.sh b/qa/workunits/mon/auth_key_rotation.sh new file mode 100755 index 000000000..1a53bab6d --- /dev/null +++ b/qa/workunits/mon/auth_key_rotation.sh @@ -0,0 +1,58 @@ +#!/usr/bin/bash -ex + +function expect_false() +{ + set -x + if "$@"; then return 1; else return 0; fi +} + + +ceph auth export +ceph auth rm client.rot + +ceph auth get-or-create client.rot mon 'allow rwx' +ceph auth export client.rot | grep key +ceph auth export client.rot | expect_false grep pending.key + +ceph auth get-or-create-pending client.rot +ceph auth export client.rot | grep key +ceph auth export client.rot | grep pending.key + +ceph auth clear-pending client.rot +ceph auth export client.rot | expect_false grep pending.key + +ceph auth get-or-create-pending client.rot +ceph auth export client.rot | grep key +ceph auth export client.rot | grep pending.key +K=$(ceph auth export client.rot | grep 'key = ' | head -n 1 | awk '{print $3}') +PK=$(ceph auth export client.rot | grep pending.key | awk '{print $4}') +echo "K is $K" +echo "PK is $PK" +ceph -n client.rot --key $K -s + +ceph auth commit-pending client.rot +ceph auth export client.rot | expect_false grep pending.key +ceph auth export client.rot | grep key | grep $PK + +ceph auth get-or-create-pending client.rot +ceph auth export client.rot | grep key +ceph auth export client.rot | grep pending.key +K=$(ceph auth export client.rot | grep 'key = ' | head -n 1 | awk '{print $3}') +PK=$(ceph auth export client.rot | grep pending.key | awk '{print $4}') +echo "2, K is $K" +echo "2, PK is $PK" + +ceph auth export client.rot + +while ceph -n client.rot --key $K -s ; do + ceph auth export client.rot + ceph -n client.rot --key $PK -s + sleep 1 +done + +ceph auth export client.rot | expect_false grep pending.key +ceph auth export client.rot | grep key | grep $PK + +ceph -n client.rot --key $PK -s + +echo ok |