[Gluster-users] ACLs only apply to primary group?

Anush Shetty ashetty at redhat.com
Mon Feb 20 07:32:02 UTC 2012


Hi James,

Can you please send us the relevant client and server log?

We were unable to reproduce this issue in-house. So log files will help 
us further investigate this issues.

Thanks,
Anush



On 02/17/2012 10:46 PM, James Yale wrote:
> Hi,
>
> I wonder if someone confirm this behaviour or point out my obvious
> mistake - gluster mounts via the native (fuse) client don't seem to
> work properly with POSIX ACLs, example:
>
> [jim at puppet ~]$ ls -la /mnt/
> total 24
> drwxr-xr-x   4 root root 4096 Feb 16 16:49 .
> dr-xr-xr-x  23 root root 4096 Feb 17 10:32 ..
> drwx-----x   3 root root 4096 Feb 15 03:00 arccontent
> drwxrwx--x+  5 root root 4096 Feb 16 13:55 webcontent
>
> Two gluster file systems mounted, one mounted with ACL support.
>
> [jim at puppet ~]$ getfacl /mnt/webcontent/
> getfacl: Removing leading '/' from absolute path names
> # file: mnt/webcontent/
> # owner: root
> # group: root
> user::rwx
> group::r-x
> group:webadmins:rwx
> mask::rwx
> other::--x
> default:user::rwx
> default:group::r-x
> default:group:webadmins:rwx
> default:mask::rwx
> default:other::--x
>
> Fairly straightforward permissions but anyone in the webadmins group
> should get rwx on everything below the mount point.
>
> [jim at puppet ~]$ groups
> jim wheel webadmins
>
> [jim at puppet ~]$ ls -la /mnt/webcontent/
> ls: cannot open directory /mnt/webcontent/: Permission denied
>
> [jim at puppet ~]$ sudo setfacl -R -m group:jim:rwx /mnt/webcontent
>
> Add permissions for primary group
>
> [jim at puppet ~]$ ls -la /mnt/webcontent/
> total 52
> drwxrwx--x+ 5 root root  4096 Feb 16 13:55 .
> drwxr-xr-x  4 root root  4096 Feb 16 16:49 ..
> drwxrwx--x+ 3 root root  4096 Feb 15 15:19 httpd
> drwxrwx---+ 2 root root 16384 Feb  9 16:52 lost+found
> -rw-rwxr--+ 1 root root     0 Feb 16 13:55 moo
> drwxrwx--x+ 2 root root  4096 Feb 15 23:25 test
>
> And my user can read the directory.
>
> I was having problems with FUSE disallowing other users other than the
> mounted user earlier on glusterfs-3.2.5-6.el6.x86_64 but that doesn't
> seem to be the case on glusterfs-3.2.5-7.el6.x86_64 (or another update
> made the difference). As an interesting addition, mtab doesn't report
> acl support on the mountpoint:
>
> gluster1:/gluster-webcontent on /mnt/webcontent type
> fuse.glusterfs(rw,allow_other,max_read=131072)
>
>
> Any suggestions for what to try next would be most appreciated.
>
> Thanks,
>
> James
> _______________________________________________
> Gluster-users mailing list
> Gluster-users at gluster.org
> http://gluster.org/cgi-bin/mailman/listinfo/gluster-users




More information about the Gluster-users mailing list