[Gluster-users] Gluster 3.1.2 and rpc-auth patch

Benjamin Cleyet-marrel benjamin.cleyet-marrel at openwide.fr
Wed Feb 2 14:01:16 UTC 2011 

----- Original Message -----
> From: "Benjamin Cleyet-marrel" <benjamin.cleyet-marrel at openwide.fr>
> To: gluster-users at gluster.org
> Sent: Mercredi 2 Février 2011 14:56:51
> Subject: Gluster 3.1.2 and rpc-auth patch
> Hi,
> 
> Fist of all thanks for all the work you put into gluster this product
> is fantastic.
> 
> In our setup, we have to have some kind of nfs authentication.
> Not beeing able to set the rpc-auth option using the cli was a big
> draw-back for us.
> 
> Setting the option auth.allow only set the gluster auth.addr.allow
> option in the bricks themselves but did not do any good regarding nfs
> access.
> 
> Setting the option option rpc-auth.addr.MyVolume.allow *
> directly into the config file /etc/glusterd/nfs/nfs-server.vol
> did not worked as each modification (ie gluster start volume MyVolume)
> would overwrite changes
> 
> After browsing the web/mailing list and trying to find a workaround to
> implement nfs auth we decided to patch the source code to add an extra
> option to the gluster "volume set" framwork. Which was a rather easy
> task considering the quality of the source code.
> 
> A few lines in glusterd-volgen.c did the trick
> It worked for us, so here is the patch which allow users to issue:
> gluster volume set MyVolume rpc-auth.allow "10.*,192.*"
> default is still "*"
> 
> 
> 
> Cheers
> 
> 
> --
> Benjamin Cleyet-Marrel
> Directeur de l'ingénierie
> Open Wide Outsourcing
> http://outsourcing.openwide.fr

Hum The patch did not make it the first time so here it is inline.
Cheers



--- glusterd-volgen.c.orig	2011-02-02 10:56:22.932266001 +0100
+++ glusterd-volgen.c	2011-02-02 14:53:49.815904002 +0100
@@ -138,6 +138,7 @@
 
         {"nfs.enable-ino32",                     "nfs/server",                "nfs.enable-ino32",},
         {"nfs.mem-factor",                       "nfs/server",                "nfs.mem-factor",},
+	{"rpc-auth.allow",	"nfs/server", },
 
         {NULL,                                                                }
 };
@@ -1245,6 +1246,7 @@
         xlator_t           *nfsxl         = NULL;
         char               *skey          = NULL;
         char               *enable_ino32  = NULL;
+        char               *rpc_auth  = NULL;
         char               *mem_factor     = NULL;
         char                volume_id[64] = {0,};
         int                 ret           = 0;
@@ -1281,17 +1283,27 @@
                 if (voliter->status != GLUSTERD_STATUS_STARTED)
                         continue;
 
-                ret = gf_asprintf (&skey, "rpc-auth.addr.%s.allow",
-                                   voliter->volname);
-                if (ret == -1) {
-                        gf_log ("", GF_LOG_ERROR, "Out of memory");
-                        goto out;
-                }
-                ret = xlator_set_option (nfsxl, skey, "*");
-                GF_FREE (skey);
+                ret = glusterd_volinfo_get (voliter,
+                                            "rpc-auth.allow",
+                                            &rpc_auth);
                 if (ret)
                         goto out;
 
+
+		ret = gf_asprintf (&skey, "rpc-auth.addr.%s.allow", voliter->volname);
+                if (ret == -1) {
+                        gf_log ("", GF_LOG_ERROR, "Out of memory");
+                	goto out;
+		}
+                if (rpc_auth) {
+			ret = xlator_set_option (nfsxl, skey, rpc_auth);
+		} else {
+			ret = xlator_set_option (nfsxl, skey, "*");
+		}
+               	GF_FREE (skey);
+		if (ret)
+                	goto out;
+
                 ret = gf_asprintf (&skey, "nfs3.%s.volume-id",
                                    voliter->volname);
                 if (ret == -1) {

More information about the Gluster-users mailing list