[Gluster-devel] limiting client trust

Emmanuel Dreyfus manu at netbsd.org
Wed Jun 8 12:25:00 UTC 2011


As far as I understand, a glusterfs server fully trusts the clients
regarding uid/gid. It behaves just like NFS with -maproot=root.

It would beinteresting to have the ability to limit the trust. 
For instance, one could say that 192.0.2/24 can only perform file
operations with calling user uid range within 1000-2000.

I am ready to contribute a xlator for that.  Is that a desirable feature? 
Are there some problems in the proposed scheme? I am not sure of how
it could behave with auto healing replicas. I guess that means that 
a limited client can only heal a subset of the filesystem.

Emmanuel Dreyfus
manu at netbsd.org

More information about the Gluster-devel mailing list