[Gluster-users] Setting security.NTACL xattrs fails

Ravishankar N ravishankar at redhat.com
Fri Aug 8 05:52:53 UTC 2014 

fuse_setxattr()  permits setting security.XXX only if selinux is 
enabled. The command succeeds  if the volume is fuse-mounted the 
following way:
#glusterfs --volfile-server=<server IP> --volfile-id=<vol name> 
--selinux  <mount point>

I am not sure how to enable selinux when mounting a gluster volume via nfs.


On 08/08/2014 12:37 AM, Santosh Pradhan wrote:
>
> On 08/07/2014 09:52 AM, Pranith Kumar Karampuri wrote:
>> hi Diego,
>> I tried the operation on my machine and it is failing with operation 
>> not supported, both on the bricks and mount. Could you please give 
>> the output of the execution on your machines & gluster mount point.
>>
>> Brick:
>> 09:49:17 :) ⚡ touch testfile && setfattr -n security.NTACL -v foo 
>> testfile
>> setfattr: testfile: Operation not permitted
>
> Which is the filesystem in use (in bricks) ? If ext3/4, you may need 
> to mount it with user_xattr option to enable extended attribute 
> support, XFS has it enabled by default though.
>
> Thanks,
> Santosh
>
>>
>> Mount:
>> 09:49:13 :( ⚡ touch testfile && setfattr -n security.NTACL -v foo 
>> testfile
>> setfattr: testfile: Operation not supported
>>
>> Pranith
>>
>> On 08/06/2014 08:10 PM, Diego Woitasen wrote:
>>> On Wed, Aug 6, 2014 at 11:30 AM, Diego Woitasen 
>>> <diego at woitasen.com.ar> wrote:
>>>> Hi,
>>>>   I have an issue with xattrs with the security prefix. This 
>>>> command work in all the servers involved (bricks, clients) in all 
>>>> the filesystems mounted (including the bricks), but fails on the 
>>>> volume mounted in the clients.
>>>>
>>>> touch testfile && setfattr -n security.NTACL -v foo testfile
>>>>
>>>> If I try "-n whatever", works.
>>>>
>>>> # uname -a
>>>> Linux storage01 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 
>>>> 03:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
>>>> # glusterfs --version
>>>> glusterfs 3.5.1
>>>>
>>>> All the boxes have the same version.
>>>>
>>>> Hints are welcome :)
>>>>
>>>> Regards,
>>>>    Diego
>>>>
>>>> -- 
>>>> Diego Woitasen
>>>> - Linux and Open Source solutions architect
>>>> - DevOps Engineer, Infrastructure developer
>>>> http://www.woitasen.com.ar
>>> Adding more data to the issue: I see this in the log of the two bricks:
>>>
>>> [2014-08-06 14:39:06.231495] E [marker.c:2542:marker_removexattr_cbk]
>>> 0-gv0-marker: No data available occurred while creating symlinks
>>> [2014-08-06 14:39:06.231543] I
>>> [server-rpc-fops.c:727:server_removexattr_cbk] 0-gv0-server: 124:
>>> REMOVEXATTR /testfile (473fd975-a619-47d7-9ebc-d2a077ed1ac8) of key
>>> security.ima ==> (No data available)
>>>
>>>
>>
>> _______________________________________________
>> Gluster-users mailing list
>> Gluster-users at gluster.org
>> http://supercolony.gluster.org/mailman/listinfo/gluster-users
>
> _______________________________________________
> Gluster-users mailing list
> Gluster-users at gluster.org
> http://supercolony.gluster.org/mailman/listinfo/gluster-users

More information about the Gluster-users mailing list