[Bugs] [Bug 1484427] Cannot map subfolder of gluster/ samba share when using vfs objects = glusterfs

bugzilla at redhat.com bugzilla at redhat.com
Wed Aug 30 11:28:42 UTC 2017


https://bugzilla.redhat.com/show_bug.cgi?id=1484427

Daniel Weller <d.weller at physik.uni-stuttgart.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
              Flags|needinfo?(d.weller at physik.u |
                   |ni-stuttgart.de)            |



--- Comment #5 from Daniel Weller <d.weller at physik.uni-stuttgart.de> ---
(In reply to Anoop C S from comment #4)
> (In reply to Daniel Weller from comment #0)
> > getfacl profiles/Administrator.V2/
> > # file: profiles/Administrator.V2/
> > # owner: administrator
> > # group: domain\040users
> > user::rwx
> > user:20512:rwx
> > group::---
> > group:10006:rwx
> > group:administrator:rwx
> > group:domain\040admins:rwx
> > group:domain\040users:---
> > mask::rwx
> > other::---
> > default:user::rwx
> > default:user:administrator:rwx
> > default:user:20512:rwx
> > default:group::---
> > default:group:10006:rwx
> > default:group:domain\040admins:rwx
> > default:group:domain\040users:---
> > default:mask::rwx
> > default:other::---
> 
> What is the uid for the user by which you are trying to access sub-directory?
> # getent passwd 'MY\<username>'
> 
> Also I need the following details:
> # wbinfo -r 'MY\<username>'
> 
> If my understanding is correct, 20512 corresponds to Administrator account.
> No other users from Domain 'MY' have permission to access the sub-directory.
> Please update the permissions in such a way that 'Domain Users' group is
> allowed to access the directory.

# getent passwd "MY\weller"
weller:*:21127:20513:Daniel Weller:/gluster/mnt/users/weller:/bin/bash

# wbinfo -r 'MY\weller'
21127
20513
21125
20512
20572
21120
21164
21162
21167
10002
10001


created a new volume, mounted, and set permission to full control for domain
users
# gluster volume create atest replica 2 172.17.1.3:/gluster/bricks/atest
172.17.1.4:/gluster/bricks/atest
# net conf addshare atest /gluster/mnt/atest writeable=y guest_ok=n
# net conf setparm atest "browsable" "yes"
# smbcontrol all reload-config

switch to windows, set permissions (share permissions: domain admins: full
control, domain users: change, security: add fullcontrol for domain users, this
folder subfolders and files)


# getfacl /gluster/mnt/atest

# file: .
# owner: administrator
# group: domain\040admins
user::rwx
user:20512:rwx
user:20513:rwx
group::rwx
group:administrator:rwx
group:domain\040admins:rwx
group:domain\040users:rwx
mask::rwx
other::rwx
default:user::rwx
default:user:administrator:rwx
default:user:20513:rwx
default:group::r-x
default:group:domain\040admins:r-x
default:group:domain\040users:rwx
default:mask::rwx
default:other::r-x


getfacl /gluster/mnt/atest/folder
getfacl: Removing leading '/' from absolute path names
# file: gluster/mnt/atest/folder
# owner: weller
# group: domain\040users
user::rwx
user:20513:rwx
group::rwx
group:domain\040users:rwx
group:weller:rwx
mask::rwx
other::r-x
default:user::rwx
default:user:20513:rwx
default:user:weller:rwx
default:group::r-x
default:group:domain\040users:rwx
default:mask::rwx
default:other::r-x



-> map network drive in windows (\\IP\atest as well as \\IP\atest\folder and
\\IP\atest\folder\subfolder) work fine

changed share export to vfs gluster:
net conf setparm atest "vfs objects" "glusterfs"
net conf setparm atest "glusterfs:volume" "atest"
net conf setparm atest "glusterfs:volfile_server" "172.17.1.3 172.17.1.4"
net conf setparm atest "glusterfs:logfile" "/var/log/samba/glusterfs-atest.log"
net conf setparm atest "glusterfs:loglevel" "7"
net conf setparm atest "kernel share modes" "no"
net conf setparm atest "path" "/"
smbcontrol all reload-config

switch to windows: verify that permissions are as set above: yes
map network drive:
\\IP\atest -> works
\\IP\atest\folder -> fails
...

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
You are on the CC list for the bug.
You are the assignee for the bug.


More information about the Bugs mailing list