[Gluster-users] server.allow-insecure doesn't work in 3.4.2?

Mingfan Lu mingfan.lu at gmail.com
Tue Apr 22 06:42:50 UTC 2014 

yes. After I restart the volume, it works.  But it should be a workaround
for sometimes it is impossible to restart the volume in proeuction
envriment.


On Tue, Apr 22, 2014 at 2:09 PM, Humble Devassy Chirammal <
humble.devassy at gmail.com> wrote:

> Hi Mingfan,
>
> Can you please try to restart the subjected volume [1]  and find the
> result?
>
> http://review.gluster.org/#/c/7412/7/doc/release-notes/3.5.0.md
>
> --Humble
>
>
> On Tue, Apr 22, 2014 at 10:46 AM, Mingfan Lu <mingfan.lu at gmail.com> wrote:
>
>> I saw something in
>> https://forge.gluster.org/gluster-docs-project/pages/GlusterFS_34_Release_Notes
>>  I wonder whether I should restart the glusterd?
>> Known Issues:
>>
>>    -
>>
>>    The following configuration changes are necessary for qemu and samba
>>    integration with libgfapi to work seamlessly:
>>
>>         1) gluster volume set <volname> server.allow-insecure on
>>
>>         2) Edit /etc/glusterfs/glusterd.vol to contain this line:
>>                option rpc-auth-allow-insecure on
>>
>>        Post 2), restarting glusterd would be necessary.
>>
>>
>>
>>
>>
>> On Tue, Apr 22, 2014 at 11:55 AM, Mingfan Lu <mingfan.lu at gmail.com>wrote:
>>
>>> I have created a volume named test_auth and set server.allow-insecure on
>>>
>>> Volume Name: test_auth
>>> Type: Distribute
>>> Volume ID: d9bdc43e-15ce-4072-8d89-a34063e82427
>>> Status: Started
>>> Number of Bricks: 3
>>> Transport-type: tcp
>>> Bricks:
>>> Brick1: server1:/mnt/xfsd/test_auth
>>> Brick2: server2:/mnt/xfsd/test_auth
>>> Brick3: server3:/mnt/xfsd/test_auth
>>> Options Reconfigured:
>>> server.allow-insecure: on
>>>
>>> and then, I tried to mount the volume using client-bind-insecure option,
>>> but failed to mount.
>>>
>>> /usr/sbin/glusterfs --volfile-id=test_auth --volfile-server=server1
>>> /mnt/test_auth_bind_insecure --client-bind-insecure
>>>
>>> I got the error message in servers' logs:
>>> server1 : [2014-04-22 03:44:52.817165] E [addr.c:143:gf_auth]
>>> 0-auth/addr: client is bound to port 37756 which is not privileged
>>> server2: [2014-04-22 03:44:52.810565] E [addr.c:143:gf_auth]
>>> 0-auth/addr: client is bound to port 16852 which is not privileged
>>> server3: [2014-04-22 03:44:52.811844] E [addr.c:143:gf_auth]
>>> 0-auth/addr: client is bound to port 17733 which is not privileged
>>>
>>> I got the error messages like:
>>>
>>> [2014-04-22 03:43:59.757024] W
>>> [client-handshake.c:1365:client_setvolume_cbk] 0-test_auth-client-1: failed
>>> to set the volume (Permission denied)
>>> [2014-04-22 03:43:59.757024] W
>>> [client-handshake.c:1391:client_setvolume_cbk] 0-test_auth-client-1: failed
>>> to get 'process-uuid' from reply dict
>>> [2014-04-22 03:43:59.757102] E
>>> [client-handshake.c:1397:client_setvolume_cbk] 0-test_auth-client-1:
>>> SETVOLUME on remote-host failed: Authentication failed
>>> [2014-04-22 03:43:59.757109] I
>>> [client-handshake.c:1483:client_setvolume_cbk] 0-test_auth-client-1:
>>> sending AUTH_FAILED event
>>> [2014-04-22 03:43:59.757116] E [fuse-bridge.c:4834:notify] 0-fuse:
>>> Server authenication failed. Shutting down.
>>>
>>>
>>> Could anyone give some comments on this issue?
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
>> _______________________________________________
>> Gluster-users mailing list
>> Gluster-users at gluster.org
>> http://supercolony.gluster.org/mailman/listinfo/gluster-users
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://supercolony.gluster.org/pipermail/gluster-users/attachments/20140422/c16ea19e/attachment.html>

More information about the Gluster-users mailing list