diff --git a/.commitlintrc.json b/.commitlintrc.json
index 1ea48804f9d41..f3f7c591a7c00 100644
--- a/.commitlintrc.json
+++ b/.commitlintrc.json
@@ -15,6 +15,7 @@
         "core",
         "csi",
         "docs",
+        "helm",
         "mds",
         "mgr",
         "mon",
diff --git a/build/rbac/rbac.yaml b/build/rbac/rbac.yaml
index d9eb6a9a95dcf..230d0173616a7 100644
--- a/build/rbac/rbac.yaml
+++ b/build/rbac/rbac.yaml
@@ -177,21 +177,6 @@ rules:
     resources: [serviceaccounts]
     verbs: [get]
 ---
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: rook-ceph-agent-mount
-  labels:
-    operator: rook
-    storage-backend: ceph
-rules:
-  - apiGroups:
-      - ''
-    resources:
-      - secrets
-    verbs:
-      - get
----
 # The cluster role for managing all the cluster-specific resources in a namespace
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRole
@@ -470,7 +455,6 @@ rules:
     verbs:
       - get
       - list
-# Use a default dict to avoid 'can't give argument to non-function' errors from text/template
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
@@ -636,22 +620,6 @@ subjects:
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
-metadata:
-  name: rook-ceph-system-psp-users
-  labels:
-    operator: rook
-    storage-backend: ceph
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: rook-ceph-system-psp-user
-subjects:
-  - kind: ServiceAccount
-    name: rook-ceph-system
-    namespace: rook-ceph
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
 metadata:
   name: rook-csi-cephfs-plugin-sa-psp
 roleRef:
diff --git a/cluster/charts/rook-ceph/templates/clusterrole.yaml b/cluster/charts/rook-ceph/templates/clusterrole.yaml
index f424b8b061cd3..a1b37c6c2e695 100644
--- a/cluster/charts/rook-ceph/templates/clusterrole.yaml
+++ b/cluster/charts/rook-ceph/templates/clusterrole.yaml
@@ -296,24 +296,6 @@ rules:
   verbs:
   - get
   - list
-# Use a default dict to avoid 'can't give argument to non-function' errors from text/template
-{{- if ne ((.Values.agent | default (dict "mountSecurityMode" "")).mountSecurityMode | default "") "Any" }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
-  name: rook-ceph-agent-mount
-  labels:
-    operator: rook
-    storage-backend: ceph
-rules:
-- apiGroups:
-  - ""
-  resources:
-  - secrets
-  verbs:
-  - get
-{{- end }}
 ---
 kind: ClusterRole
 apiVersion: rbac.authorization.k8s.io/v1
diff --git a/cluster/charts/rook-ceph/templates/clusterrolebinding.yaml b/cluster/charts/rook-ceph/templates/clusterrolebinding.yaml
index 1ec060475417c..ec036d70301f0 100644
--- a/cluster/charts/rook-ceph/templates/clusterrolebinding.yaml
+++ b/cluster/charts/rook-ceph/templates/clusterrolebinding.yaml
@@ -153,23 +153,6 @@ subjects:
 ---
 apiVersion: rbac.authorization.k8s.io/v1
 kind: ClusterRoleBinding
-metadata:
-  name: rook-ceph-system-psp-users
-  labels:
-    operator: rook
-    storage-backend: ceph
-    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
-roleRef:
-  apiGroup: rbac.authorization.k8s.io
-  kind: ClusterRole
-  name: rook-ceph-system-psp-user
-subjects:
-- kind: ServiceAccount
-  name: rook-ceph-system
-  namespace: {{ .Release.Namespace }}
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
 metadata:
   name: rook-csi-cephfs-provisioner-sa-psp
 roleRef: