[Gluster-devel] cluster/stripe on tmpfs
clist.uah at gmail.com
Tue Jan 22 21:47:14 UTC 2008
from man 5 ttr
derived from lecture of http://acl.bestbits.at/pipermail/acl-devel/2007-May/002034.html
EXTENDED ATTRIBUTE NAMESPACES
Attribute names are zero-terminated strings. The attribute name is always specified in the fully qualified namespace.attribute
form, eg. user.mime_type, trusted.md5sum, system.posix_acl_access, or security.selinux.
The namespace mechanism is used to define different classes of extended attributes. These different classes exist for several
reasons, e.g. the permissions and capabilities required for manipulating extended attributes of one namespace may differ to
Currently the security, system, trusted, and user extended attribute classes are defined as described below. Additional classes
may be added in the future.
Extended security attributes
The security attribute namespace is used by kernel security modules, such as Security Enhanced Linux. Read and write access
permissions to security attributes depend on the policy implemented for each security attribute by the security module. When no
security module is loaded, all processes have read access to extended security attributes, and write access is limited to pro-
cesses that have the CAP_SYS_ADMIN capability.
Extended system attributes
Extended system attributes are used by the kernel to store system objects such as Access Control Lists and Capabilities. Read
and write access permissions to system attributes depend on the policy implemented for each system attribute implemented by
filesystems in the kernel.
Trusted extended attributes
Trusted extended attributes are visible and accessible only to processes that have the CAP_SYS_ADMIN capability (the super user
usually has this capability). Attributes in this class are used to implement mechanisms in user space (i.e., outside the ker-
nel) which keep information in extended attributes to which ordinary processes should not have access.
Extended user attributes
Extended user attributes may be assigned to files and directories for storing arbitrary additional information such as the mime
type, character set or encoding of a file. The access permissions for user attributes are defined by the file permission bits.
The file permission bits of regular files and directories are interpreted differently from the file permission bits of special
files and symbolic links. For regular files and directories the file permission bits define access to the file's contents, while
for device special files they define access to the device described by the special file. The file permissions of symbolic links
are not used in access checks. These differences would allow users to consume filesystem resources in a way not controllable by
disk quotas for group or world writable special files and directories.
For this reason, extended user attributes are only allowed for regular files and directories, and access to extended user
attributes is restricted to the owner and to users with appropriate capabilities for directories with the sticky bit set (see
the chmod(1) manual page for an explanation of Sticky Directories).
El Martes, 22 de Enero de 2008 Nathan Dauchy escribió:
> I am trying to get the Gluster "cluster/stripe" translator to work with
> a "storage/posix" directory on a tmpfs file system. Although
> "cluster/unify" works, it presents a limit to file sizes which may be
> created that I was hoping to avoid with striping.
> The documentation here:
> indicates that "Stripe needs extended attribute support in the
> underlying FS".
> From what I have been able to find, "recent" kernels have extended
> attributes enabled when tmpfs is enabled. However, I get the following
> error when trying to create a file (directory creation is fine):
> # df -hP /tmp/scratch
> Filesystem Size Used Avail Use% Mounted on
> glusterfs 12G 24K 12G 1% /tmp/scratch
> # touch /tmp/scratch/foo
> touch: cannot touch `/tmp/scratch/foo': Operation not supported
> From this posting, it looks like there is also a "USER extended
> attributes" which might be needed in order to make striping work on a
> tmpfs filesystem:
> Can someone please clarify the difference between extended attributes
> and user extended attributes?
> Has anyone successfully gotten "cluster/stripe" working on a tmpfs file
> Does anyone have a lab setup where they could try the above patch and
> gluster on tmpfs? (If it works, I think it would be worth pushing the
> patch into the main kernel.org tree.)
> Might there be something else wrong that is preventing striping from
> working? Or a workaround to get striping working on filesystems without
> extended attributes?
> I am using fuse-2.7.2glfs8, glusterfs-1.3.7, and linux-188.8.131.52.
> Gluster-devel mailing list
> Gluster-devel at nongnu.org
Clist UAH @gmail!!
More information about the Gluster-devel