Re: CEPH FS - all_squash option equivalent

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Also very interested in this if there are any docs available!

--Lincoln

> On Mar 3, 2016, at 1:04 PM, Fred Rolland <frolland@xxxxxxxxxx> wrote:
> 
> Can you share a link describing the UID squashing feature?
> 
> On Mar 3, 2016 9:02 PM, "Gregory Farnum" <gfarnum@xxxxxxxxxx> wrote:
> On Wed, Mar 2, 2016 at 11:22 PM, Fred Rolland <frolland@xxxxxxxxxx> wrote:
> > Thanks for your reply.
> >
> > Server :
> > [root@ceph-1 ~]# rpm -qa | grep ceph
> > ceph-mon-0.94.1-13.el7cp.x86_64
> 
> That would be a Hammer release. Nothing there for doing anything with
> permission checks at all.
> -Greg
> 
> > ceph-radosgw-0.94.1-13.el7cp.x86_64
> > ceph-0.94.1-13.el7cp.x86_64
> > ceph-osd-0.94.1-13.el7cp.x86_64
> > ceph-deploy-1.5.25-1.el7cp.noarch
> > ceph-common-0.94.1-13.el7cp.x86_64
> > [root@ceph-1 ~]# uname -a
> > Linux ceph-1.qa.lab.tlv.redhat.com 3.10.0-327.el7.x86_64 #1 SMP Thu Oct 29
> > 17:29:29 EDT 2015 x86_64 x86_64 x86_64 GNU/Linux
> >
> > Client:
> > [root@RHEL7 ~]# rpm -qa | grep ceph
> > ceph-fuse-0.94.6-0.el7.x86_64
> > python-cephfs-0.94.6-0.el7.x86_64
> > libcephfs1-0.94.6-0.el7.x86_64
> > ceph-common-0.94.6-0.el7.x86_64
> > ceph-0.94.6-0.el7.x86_64
> >
> > [root@RHEL7 ~]# uname -a
> > Linux RHEL7.1Server 3.10.0-229.26.1.el7.x86_64 #1 SMP Fri Dec 11 16:53:27
> > EST 2015 x86_64 x86_64 x86_64 GNU/Linux
> >
> >
> > [root@RHEL7 ~]# su - sanlock -s /bin/bash
> > Last login: Wed Mar  2 14:06:34 IST 2016 on pts/0
> > -bash-4.2$ whoami
> > sanlock
> > -bash-4.2$ touch /rhev/data-center/mnt/ceph-1.qa.lab\:6789\:_1111/test
> > touch: cannot touch ‘/rhev/data-center/mnt/ceph-1.qa.lab:6789:_1111/test’:
> > Permission denied
> >
> >
> > [root@RHEL7 ~]# su - vdsm -s /bin/bash
> > Last login: Wed Mar  2 12:19:11 IST 2016 on pts/1
> > -bash-4.2$ touch /rhev/data-center/mnt/ceph-1.qa.lab\:6789\:_1111/test
> > -bash-4.2$ rm /rhev/data-center/mnt/ceph-1.qa.lab\:6789\:_1111/test
> > -bash-4.2$
> >
> > Permissions of directory :
> > ll
> > total 0
> > drwxr-xr-x 1 vdsm kvm 0 Mar  2 14:08 1111
> >
> >
> >
> > On Wed, Mar 2, 2016 at 6:25 PM, Gregory Farnum <gfarnum@xxxxxxxxxx> wrote:
> >>
> >> On Wed, Mar 2, 2016 at 4:21 AM, Fred Rolland <frolland@xxxxxxxxxx> wrote:
> >> > Hi,
> >> >
> >> > I am trying to use CEPH FS in oVirt (RHEV).
> >> > The mount is created OK, however, the hypervisor need access to the
> >> > mount
> >> > from different users (eg: vdsm, sanlock)
> >> > It seems that Sanlock user is having permissions issues.
> >> >
> >> > When using NFS, configuring the export as all_squash and defining
> >> > anonuid/anongid will solve this problem [1].
> >> >
> >> > Is there a possibility to configure in Ceph FS an equivalent to NFS
> >> > all_squash/anonuid/anongid ?
> >>
> >> What version of Ceph are you running? Newer versions have added a
> >> security model and include *some* UID squashing features, but prior to
> >> Infernalis, CephFS didn't do any security checking at all (it was all
> >> client-side in the standard VFS).
> >> -Greg
> >
> >
> _______________________________________________
> ceph-users mailing list
> ceph-users@xxxxxxxxxxxxxx
> http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com

_______________________________________________
ceph-users mailing list
ceph-users@xxxxxxxxxxxxxx
http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com




[Index of Archives]     [Information on CEPH]     [Linux Filesystem Development]     [Ceph Development]     [Ceph Large]     [Ceph Dev]     [Linux USB Development]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [xfs]


  Powered by Linux