[Bugs] [Bug 1429117] New: auth failure after upgrade to GlusterFS 3.10

bugzilla at redhat.com bugzilla at redhat.com
Sat Mar 4 16:10:22 UTC 2017 

https://bugzilla.redhat.com/show_bug.cgi?id=1429117

            Bug ID: 1429117
           Summary: auth failure after upgrade to GlusterFS 3.10
           Product: GlusterFS
           Version: 3.10
         Component: access-control
          Severity: urgent
          Assignee: bugs at gluster.org
          Reporter: news at ascora.de
                CC: bugs at gluster.org



Description of problem:
We enabled the IP based auth feature with
gluster volume set store_temp auth.allow xxx.xxx.xxx...
This worked fine up to GlusterFS 3.9. After upgrading to 3.10, we noticed that
we cannot mount any volume from a remove client anymore.
Looking at the brick logs we found:

[2017-03-04 15:56:17.469490] I [MSGID: 115091]
[server-handshake.c:659:server_setvolume] 0-store_temp-server: Failed to get
client opversion
[2017-03-04 15:56:17.469520] E [MSGID: 115004]
[authenticate.c:224:gf_authenticate] 0-auth: no authentication module is
interested in accepting remote-client (null)
[2017-03-04 15:56:17.469602] E [MSGID: 115001]
[server-handshake.c:718:server_setvolume] 0-store_temp-server: Cannot
authenticate client from
backupserver-9596-2017/03/04-15:56:17:438653-store_temp-client-2-0-0 3.9.1
[Permission denied]
[2017-03-04 15:56:28.472405] I [MSGID: 115036] [server.c:559:server_rpc_notify]
0-store_temp-server: disconnecting connection from
backupserver-9596-2017/03/04-15:56:17:438653-store_temp-client-2-0-0
[2017-03-04 15:56:28.472518] I [MSGID: 101055] [client_t.c:436:gf_client_unref]
0-store_temp-server: Shutting down connection
backupserver-9596-2017/03/04-15:56:17:438653-store_temp-client-2-0-0

This problem exists even when creating completely new volumes. We already
restarted and even rebooted all GlusterFS peers and the clients as well. All
peers and all clients have been upgraded to 3.10


Version-Release number of selected component (if applicable):
3.10

How reproducible:
-Create a new volume 
-enable auth.allow based on IPs

Steps to Reproduce:
1. gluster volume create store_temp disperse 3 redundancy 1 ...
2. gluster volume set store_temp auth.allow xxx.xxx.xxx.xxx
3. gluster volume start store_temp
4. gluster mount ... (on a client)

Actual results:
-error message at clients "failed to set the volume [Permission denied]"
-error message at server: "no authentication module is interested in accepting
remote-client (null)"

Expected results:
successful mount

Additional info:
Ubuntu 16.04

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.

More information about the Bugs mailing list