[Gluster-devel] limiting client trust
Emmanuel Dreyfus
manu at netbsd.org
Wed Jun 8 12:25:00 UTC 2011
Hello
As far as I understand, a glusterfs server fully trusts the clients
regarding uid/gid. It behaves just like NFS with -maproot=root.
It would beinteresting to have the ability to limit the trust.
For instance, one could say that 192.0.2/24 can only perform file
operations with calling user uid range within 1000-2000.
I am ready to contribute a xlator for that. Is that a desirable feature?
Are there some problems in the proposed scheme? I am not sure of how
it could behave with auto healing replicas. I guess that means that
a limited client can only heal a subset of the filesystem.
--
Emmanuel Dreyfus
manu at netbsd.org
More information about the Gluster-devel
mailing list