[pve-devel] [PATCH storage v4 3/4] Add simple keyring check for cephfs/rbd

[Alwin Antreich]

Signed-off-by: Alwin Antreich <a.antreich at proxmox.com>
---
 PVE/Storage/CephTools.pm | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/PVE/Storage/CephTools.pm b/PVE/Storage/CephTools.pm
index 7aa6069..c020483 100644
--- a/PVE/Storage/CephTools.pm
+++ b/PVE/Storage/CephTools.pm
@@ -5,6 +5,35 @@ use warnings;
 use Net::IP;
 use PVE::Tools qw(run_command);
 
+my $ceph_check_keyfile = sub {
+    my ($filename, $scfg) = @_;
+
+    if (-f $filename) {
+	my $fh = IO::File->new($filename, "r") ||
+	    die "unable to open '$filename' - $!\n";
+
+	my $section;
+
+	while (defined(my $line = <$fh>)) {
+	    next if !$line;
+
+	    $section = $1 if $line =~ m/^\[(\S+)\]$/;
+
+	    if ($scfg->{type} eq 'rbd') {
+		if ((!$section) && (!$section =~ m/^$/)) {
+		    warn "Not a proper $scfg->{type} authentication file: $filename\n";
+		}
+	    } elsif ($scfg->{type} eq 'cephfs') {
+		if ($section || ($line =~ s/^\s+//)) {
+		    warn "Not a proper $scfg->{type} authentication file: $filename\n";
+		}
+	    }
+	}
+    }
+
+    return undef;
+};
+
 sub hostlist {
     my ($list_text, $separator) = @_;
 
@@ -29,6 +58,10 @@ sub ceph_connect_option {
 
     $cmd_option->{ceph_conf} = $pveceph_config if $pveceph_managed;
 
+    if (-e $keyfile) {
+	$ceph_check_keyfile->($keyfile, $scfg);
+    }
+
     if (-e $ceph_storeid_conf) {
 	if ($pveceph_managed) {
 	    warn "ignoring custom ceph config for storage '$storeid', 'monhost' is not set (assuming pveceph managed cluster)!\n";
-- 
2.11.0