Hi Anush, Well, I was aware of this feature of glusterfs several months ago and one will lose the advantage of glusterfs (such as high performance, fail-over, etc) if he/she uses gluster nfs instead of gluster native protocol. I believe using gluster nfs will solve the problem I am concerning with (export some subdirectory per client). Could you please point me out what one will lose when using gluster nsf instead of native protocol in terms of performance? Thanks, ~Thai From: Anush Shetty [mailto:anush at gluster.com] Sent: Friday, October 21, 2011 12:07 PM To: Thai. Ngo Bao; gluster-users at gluster.org Subject: RE: ACL Hi Thai, Yes, we do. http://community.gluster.org/q/export-subdirectories-of-volumes-with-nfs/ - Anush ________________________________ From: Thai. Ngo Bao [thainb at vng.com.vn] Sent: 21 October 2011 08:21:32 To: Anush Shetty; gluster-users at gluster.org Subject: RE: ACL Hi Anush, Thanks for the info. Also, I wonder if gluster concerns with some feature allowing glusterfs to export subdirectories for clients by gluster native protocol like NFS? Thanks, ~Thai From: Anush Shetty [mailto:anush at gluster.com] Sent: Thursday, October 20, 2011 1:37 PM To: Thai. Ngo Bao; gluster-users at gluster.org Subject: RE: ACL Hi Thai, As of now, there are no provisions to mount GlusterFS client as a normal user. - Anush ________________________________ From: gluster-users-bounces at gluster.org [gluster-users-bounces at gluster.org] on behalf of Thai. Ngo Bao [thainb at vng.com.vn] Sent: 20 October 2011 12:00:44 To: Anush Shetty; gluster-users at gluster.org Subject: Re: ACL Hi Anush, Thanks for your response. I do know that there is almost no difference in behavior of these 2 cases (POSIX ACL) except the thing I concerned with by the test. Please correct me if I am wrong. It turns out that glusterfs ACL has no effect if client mounts gluster volume under root user. That's why I asked in previous email if we can anyhow force (from glusterfs servers) clients to mount under a normal user instead of root. What do you think? ~Thai From: Anush Shetty [mailto:anush at gluster.com] Sent: Thursday, October 20, 2011 1:03 PM To: Thai. Ngo Bao; gluster-users at gluster.org Subject: RE: ACL Hi Thai, Have you tried these steps without glusterfs in the picture? I see no difference in behaviour when tried directly on the backend filesystem. - Anush ________________________________ From: Thai. Ngo Bao [thainb at vng.com.vn] Sent: 20 October 2011 08:04:31 To: Anush Shetty; gluster-users at gluster.org Subject: RE: ACL Hi Anush, Thanks for your quick reply. There was no error when set ACL. Below is what I has done at Client Side: 1. Under root user: mount -t glusterfs IP_server:/volume_name -o acl /mnt 2. Under root user at client, create a folder named thainb: mkdir -p /mnt/thainb 3. Under root user: chown -R thainb:thainb /mnt/thainb 4. Under root user: set -m u:thainb:rw /mnt/thainb 5. su thainb 6. create some folder and file under thainb folder 7. su peter 8. remove file and folder 9. Permission denied log from glusterfs: [2011-10-20 08:58:17.603705] W [fuse-bridge.c:847:fuse_err_cbk] 0-glusterfs-fuse: 2646: ACCESS() /thainb/readme => -1 (Permission denied) [2011-10-20 08:58:19.7369] W [fuse-bridge.c:908:fuse_unlink_cbk] 0-glusterfs-fuse: 2648: UNLINK() /thainb/readme => -1 (Permission denied) 10. Exit su and under root user, remove file and folder 11. No log from gluster -----------snip--------------------- [root at GSO_DB_Local4 thainb]# su peter [peter at GSO_DB_Local4 thainb]$ ls -al total 56 drwxrwxr-x+ 3 thainb thainb 8192 Oct 20 08:56 . drwxr-xr-x 26 root root 8192 Oct 20 08:34 .. -rw-rw-r-- 1 thainb thainb 6 Oct 20 08:56 readme drwxrwxr-x 2 thainb thainb 8192 Oct 20 08:40 test [peter at GSO_DB_Local4 thainb]$ rm readme rm: remove write-protected regular file `readme'? y rm: cannot remove `readme': Permission denied [peter at GSO_DB_Local4 thainb]$ exit exit [root at GSO_DB_Local4 thainb]# ls readme test [root at GSO_DB_Local4 thainb]# rm readme rm: remove regular file `readme'? y [root at GSO_DB_Local4 thainb]# rm -f test rm: cannot remove `test': Is a directory [root at GSO_DB_Local4 thainb]# rm -rf test [root at GSO_DB_Local4 thainb]# ls [root at GSO_DB_Local4 thainb]# getfacl . # file: . # owner: thainb # group: thainb user::rwx user:thainb:rw- group::r-x mask::rwx other::r-x [root at GSO_DB_Local4 thainb]# pwd /mnt/thainb [root at GSO_DB_Local4 thainb]# df -h Filesystem Size Used Avail Use% Mounted on /dev/sda3 74G 7.1G 63G 11% / /dev/sda1 99M 12M 82M 13% /boot tmpfs 2.0G 0 2.0G 0% /dev/shm /dev/sda3 74G 7.1G 63G 11% /data glusterfs#lab3:/farm53 148G 9.5G 131G 7% /mnt -------------end---------------------- What do you suggest? Thanks, ~Thai From: Anush Shetty [mailto:anush at gluster.com] Sent: Wednesday, October 19, 2011 5:58 PM To: Thai. Ngo Bao; gluster-users at gluster.org Subject: RE: ACL Hi, Do you see any error messages when you try to set ACL? Can you also paste the logs here? - Anush ________________________________ From: gluster-users-bounces at gluster.org [gluster-users-bounces at gluster.org] on behalf of Thai. Ngo Bao [thainb at vng.com.vn] Sent: 19 October 2011 16:16:36 To: gluster-users at gluster.org Subject: ACL Hi, I am testing gluster 3.2.4 with ACL on small linux cluster: 1. All exports (bricks) mounted with -o acl option 2. All the glusterfs clients mounted with -o acl option Acl works perfectly when clients mount under normal users but it will not work if clients mount under root user. What am I missing? How can we force clients to mount under normal user rather than root user? Thanks, ~Thai ________________________________ No virus found in this message. Checked by AVG - www.avg.com<http://www.avg.com> Version: 2012.0.1831 / Virus Database: 2092/4562 - Release Date: 10/19/11 ________________________________ No virus found in this message. Checked by AVG - www.avg.com<http://www.avg.com> Version: 2012.0.1831 / Virus Database: 2092/4562 - Release Date: 10/19/11 ________________________________ No virus found in this message. Checked by AVG - www.avg.com<http://www.avg.com> Version: 2012.0.1831 / Virus Database: 2092/4564 - Release Date: 10/20/11 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://gluster.org/pipermail/gluster-users/attachments/20111021/36886975/attachment-0001.htm>
