[Gluster-users] ACL
Thai. Ngo Bao
thainb at vng.com.vn
Fri Oct 21 02:51:32 UTC 2011
Hi Anush,
Thanks for the info. Also, I wonder if gluster concerns with some feature allowing glusterfs to export subdirectories for clients by gluster native protocol like NFS?
Thanks,
~Thai
From: Anush Shetty [mailto:anush at gluster.com]
Sent: Thursday, October 20, 2011 1:37 PM
To: Thai. Ngo Bao; gluster-users at gluster.org
Subject: RE: [Gluster-users] ACL
Hi Thai,
As of now, there are no provisions to mount GlusterFS client as a normal user.
-
Anush
________________________________
From: gluster-users-bounces at gluster.org [gluster-users-bounces at gluster.org] on behalf of Thai. Ngo Bao [thainb at vng.com.vn]
Sent: 20 October 2011 12:00:44
To: Anush Shetty; gluster-users at gluster.org
Subject: Re: [Gluster-users] ACL
Hi Anush,
Thanks for your response. I do know that there is almost no difference in behavior of these 2 cases (POSIX ACL) except the thing I concerned with by the test. Please correct me if I am wrong.
It turns out that glusterfs ACL has no effect if client mounts gluster volume under root user. That's why I asked in previous email if we can anyhow force (from glusterfs servers) clients to mount under a normal user instead of root.
What do you think?
~Thai
From: Anush Shetty [mailto:anush at gluster.com]
Sent: Thursday, October 20, 2011 1:03 PM
To: Thai. Ngo Bao; gluster-users at gluster.org
Subject: RE: [Gluster-users] ACL
Hi Thai,
Have you tried these steps without glusterfs in the picture? I see no difference in behaviour when tried directly on the backend filesystem.
-
Anush
________________________________
From: Thai. Ngo Bao [thainb at vng.com.vn]
Sent: 20 October 2011 08:04:31
To: Anush Shetty; gluster-users at gluster.org
Subject: RE: [Gluster-users] ACL
Hi Anush,
Thanks for your quick reply. There was no error when set ACL. Below is what I has done at Client Side:
1. Under root user: mount -t glusterfs IP_server:/volume_name -o acl /mnt
2. Under root user at client, create a folder named thainb: mkdir -p /mnt/thainb
3. Under root user: chown -R thainb:thainb /mnt/thainb
4. Under root user: set -m u:thainb:rw /mnt/thainb
5. su thainb
6. create some folder and file under thainb folder
7. su peter
8. remove file and folder
9. Permission denied log from glusterfs:
[2011-10-20 08:58:17.603705] W [fuse-bridge.c:847:fuse_err_cbk] 0-glusterfs-fuse: 2646: ACCESS() /thainb/readme => -1 (Permission denied)
[2011-10-20 08:58:19.7369] W [fuse-bridge.c:908:fuse_unlink_cbk] 0-glusterfs-fuse: 2648: UNLINK() /thainb/readme => -1 (Permission denied)
10. Exit su and under root user, remove file and folder
11. No log from gluster
-----------snip---------------------
[root at GSO_DB_Local4 thainb]# su peter
[peter at GSO_DB_Local4 thainb]$ ls -al
total 56
drwxrwxr-x+ 3 thainb thainb 8192 Oct 20 08:56 .
drwxr-xr-x 26 root root 8192 Oct 20 08:34 ..
-rw-rw-r-- 1 thainb thainb 6 Oct 20 08:56 readme
drwxrwxr-x 2 thainb thainb 8192 Oct 20 08:40 test
[peter at GSO_DB_Local4 thainb]$ rm readme
rm: remove write-protected regular file `readme'? y
rm: cannot remove `readme': Permission denied
[peter at GSO_DB_Local4 thainb]$ exit
exit
[root at GSO_DB_Local4 thainb]# ls
readme test
[root at GSO_DB_Local4 thainb]# rm readme
rm: remove regular file `readme'? y
[root at GSO_DB_Local4 thainb]# rm -f test
rm: cannot remove `test': Is a directory
[root at GSO_DB_Local4 thainb]# rm -rf test
[root at GSO_DB_Local4 thainb]# ls
[root at GSO_DB_Local4 thainb]# getfacl .
# file: .
# owner: thainb
# group: thainb
user::rwx
user:thainb:rw-
group::r-x
mask::rwx
other::r-x
[root at GSO_DB_Local4 thainb]# pwd
/mnt/thainb
[root at GSO_DB_Local4 thainb]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda3 74G 7.1G 63G 11% /
/dev/sda1 99M 12M 82M 13% /boot
tmpfs 2.0G 0 2.0G 0% /dev/shm
/dev/sda3 74G 7.1G 63G 11% /data
glusterfs#lab3:/farm53 148G 9.5G 131G 7% /mnt
-------------end----------------------
What do you suggest?
Thanks,
~Thai
From: Anush Shetty [mailto:anush at gluster.com]
Sent: Wednesday, October 19, 2011 5:58 PM
To: Thai. Ngo Bao; gluster-users at gluster.org
Subject: RE: [Gluster-users] ACL
Hi,
Do you see any error messages when you try to set ACL? Can you also paste the logs here?
-
Anush
________________________________
From: gluster-users-bounces at gluster.org [gluster-users-bounces at gluster.org] on behalf of Thai. Ngo Bao [thainb at vng.com.vn]
Sent: 19 October 2011 16:16:36
To: gluster-users at gluster.org
Subject: [Gluster-users] ACL
Hi,
I am testing gluster 3.2.4 with ACL on small linux cluster:
1. All exports (bricks) mounted with -o acl option
2. All the glusterfs clients mounted with -o acl option
Acl works perfectly when clients mount under normal users but it will not work if clients mount under root user. What am I missing? How can we force clients to mount under normal user rather than root user?
Thanks,
~Thai
________________________________
No virus found in this message.
Checked by AVG - www.avg.com<http://www.avg.com>
Version: 2012.0.1831 / Virus Database: 2092/4562 - Release Date: 10/19/11
________________________________
No virus found in this message.
Checked by AVG - www.avg.com<http://www.avg.com>
Version: 2012.0.1831 / Virus Database: 2092/4562 - Release Date: 10/19/11
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://supercolony.gluster.org/pipermail/gluster-users/attachments/20111021/b999ac9a/attachment.html>
More information about the Gluster-users
mailing list