I updated my ceph cluster and ceph clients to 14.2.21 to address the recent security issue ceph:
see also the ceph changelog (for nautilus):
the problem is now, that as soon as I enable the security fix with
ceph config set mon auth_allow_insecure_global_id_reclaim false
seafile blocks all access after a few minutes. if I revert the security fix with
ceph config set mon auth_allow_insecure_global_id_reclaim true
seafile (web-interface, client access) works again. the reason in my opinion is that seafile uses the shipped
which is most probably too old and does not yet implement the security fix (see above).
however, seafile also does not work with a newer librados.so.2 provided by the system. when I remove the shipped librados.so.2, seafserver cannot be started.
@Jonathan is there a way I can use the system librados.so.2 or is it possible that you ship an updated version of librados.so.2?
Many thanks and best regards,