[Gluster-users] [Gluster-devel] How to enable ACL support in Glusterfs volume

ABHISHEK PALIWAL abhishpaliwal at gmail.com
Fri Apr 29 12:37:48 UTC 2016


Hi Niels,

Now I am able to run 'setfacl' command on Gluster volume using Kenrel NFS.

The problem was, I was exporting Gluster volume mount point which I get
after mounting the gluster volume in /etc/exports file:

like
mount -t glusterfs -o acl <ip>:/<volume name> <mount point>


But instead of using this point I need to export the volume brick path i.e.
'/tmp/brick/gv0'

gluster volume info

Volume Name: gv0
Type: Distribute
Volume ID: c3d636aa-f718-47b2-90eb-2b5846ad52a2
Status: Started
Number of Bricks: 1
Transport-type: tcp
Bricks:
Brick1: 128.224.95.140:/tmp/brick/gv0
Options Reconfigured:
nfs.disable: on
performance.readdir-ahead: on

and mount on remote as below:

mount -t nfs -o acl,vers=3 128.224.95.140:/tmp/brick/gv0 <mount point>

then run

setfacl -m u:nobody:rw <mount point>/<file name>

Now I have one question here, please answer it:

Please let me confirm, is there any side effect to export brick path?


Regards,
Abhishek


On Thu, Apr 28, 2016 at 5:35 PM, ABHISHEK PALIWAL <abhishpaliwal at gmail.com>
wrote:

>
>
> On Thu, Apr 28, 2016 at 4:13 PM, Niels de Vos <ndevos at redhat.com> wrote:
>
>> On Thu, Apr 28, 2016 at 12:05:37PM +0530, ABHISHEK PALIWAL wrote:
>> > Hi,
>> >
>> > I have one more query:
>> >
>> > I am using machine with ip 10.32.0.48 where gluster is running and
>> mounted
>> > my gluster volume as follows
>> >
>> > mount -t glusterfs -o acl 10.32.0.48:/c_glusterfs /mnt/c
>> >
>> > and after that I mounted /mnt/c volume to /tmp/l on same machin
>> 10.32.0.48
>> >
>> > mount -t nfs -o acl,vers=3 10.32.0.48:/mnt/c /tmp/l
>> >
>> > When I run setfacl command on /tmp/l (mounted as nfs) volume its not
>> > working
>> > # setfacl -m u:application:r /tmp/l/usr
>> > setfacl: /tmp/l/usr: Operation not supported
>> >
>> > but when I run setfacl command on /mnt/c(mounted as glusterfs) it is
>> > working
>> > # setfacl -m u:application:r /mnt/c
>> >
>> > Could you please tell me the reason for this.
>>
>> Note that NFSv3 ACLs are not part of the NFS protocol itself. It is
>> handled by a side-band protocol. If all ACL operations on any NFS server
>> fail, make sure to check that the ports for NFSv3 ACLs are open. You can
>> chech that with 'rpcinfo -p $NFS_SERVER'.
>>
>
> ACL operation working fine with other NFS servers and ports are also open
>
>
>
>>
>> Gluster/NFS should have ACLs enabled by default. It is possible to
>> disable support for ACLs in Gluster/NFS with the 'nfs.acl' volume
>> option, just make sure that the option is not set, or is set to 'true'.
>>
>
> I have tried with Gluster/NFS option where
>
> nfs.disable off
> nfs.acl on
> but still getting setfacl command failure.
>
>>
>> HTH,
>> Niels
>>
>>
>> >
>> > Regards,
>> > Abhishek
>> >
>> > On Wed, Apr 27, 2016 at 4:56 PM, Niels de Vos <ndevos at redhat.com>
>> wrote:
>> >
>> > > Thank you for your email.
>> > >
>> > > I am out of the office on 27-April-2016 and will return on
>> 28-April-2016.
>> > > While I am out I will have limited access to email. When I have
>> returned, I
>> > > will respond to your message as soon as possible.
>> > >
>> > > Many thanks,
>> > > Niels de Vos
>> > >
>> >
>> >
>> >
>> > --
>> >
>> >
>> >
>> >
>> > Regards
>> > Abhishek Paliwal
>>
>
>
>
> --
>
>
>
>
> Regards
> Abhishek Paliwal
>



-- 




Regards
Abhishek Paliwal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.gluster.org/pipermail/gluster-users/attachments/20160429/e89abae8/attachment.html>


More information about the Gluster-users mailing list