From 935b4c48aea35318472efec3f7a8b776d1469a82 Mon Sep 17 00:00:00 2001
From: "Joshua M. Boniface" <joshua@boniface.me>
Date: Fri, 1 Sep 2023 15:42:20 -0400
Subject: [PATCH] Correct bug with libvirt permissions

---
 roles/pvc/tasks/libvirt/bootstrap.yml | 2 +-
 roles/pvc/tasks/libvirt/main.yml      | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/roles/pvc/tasks/libvirt/bootstrap.yml b/roles/pvc/tasks/libvirt/bootstrap.yml
index 5e75597..d4fc49c 100644
--- a/roles/pvc/tasks/libvirt/bootstrap.yml
+++ b/roles/pvc/tasks/libvirt/bootstrap.yml
@@ -1,3 +1,3 @@
 ---
 - name: create Libvirt keyring
-  command: ceph auth get-or-create client.libvirt mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=pvc*'
+  command: ceph auth get-or-create client.libvirt mon 'allow r' osd 'allow class-read object_prefix rbd_children, allow rwx pool=*'
diff --git a/roles/pvc/tasks/libvirt/main.yml b/roles/pvc/tasks/libvirt/main.yml
index f1c16a4..9e2f339 100644
--- a/roles/pvc/tasks/libvirt/main.yml
+++ b/roles/pvc/tasks/libvirt/main.yml
@@ -11,6 +11,12 @@
       - libjemalloc2
     state: latest
 
+- name: add libvirt user to ceph group
+  user:
+    name: libvirt-qemu
+    groups: ceph
+    append: yes
+
 - name: install libvirt configuration
   template:
     src: libvirt/{{ item }}.j2