fuse_setxattr() permits setting security.XXX only if selinux is
enabled. The command succeeds if the volume is fuse-mounted the
following way:
#glusterfs --volfile-server=<server IP> --volfile-id=<vol name>
--selinux <mount point>
I am not sure how to enable selinux when mounting a gluster volume via nfs.
On 08/08/2014 12:37 AM, Santosh Pradhan wrote:
On 08/07/2014 09:52 AM, Pranith Kumar Karampuri wrote:
hi Diego,
I tried the operation on my machine and it is failing with operation
not supported, both on the bricks and mount. Could you please give
the output of the execution on your machines & gluster mount point.
Brick:
09:49:17 :) ⚡ touch testfile && setfattr -n security.NTACL -v foo
testfile
setfattr: testfile: Operation not permitted
Which is the filesystem in use (in bricks) ? If ext3/4, you may need
to mount it with user_xattr option to enable extended attribute
support, XFS has it enabled by default though.
Thanks,
Santosh
Mount:
09:49:13 :( ⚡ touch testfile && setfattr -n security.NTACL -v foo
testfile
setfattr: testfile: Operation not supported
Pranith
On 08/06/2014 08:10 PM, Diego Woitasen wrote:
On Wed, Aug 6, 2014 at 11:30 AM, Diego Woitasen
<diego@xxxxxxxxxxxxxxx> wrote:
Hi,
I have an issue with xattrs with the security prefix. This
command work in all the servers involved (bricks, clients) in all
the filesystems mounted (including the bricks), but fails on the
volume mounted in the clients.
touch testfile && setfattr -n security.NTACL -v foo testfile
If I try "-n whatever", works.
# uname -a
Linux storage01 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15
03:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
# glusterfs --version
glusterfs 3.5.1
All the boxes have the same version.
Hints are welcome :)
Regards,
Diego
--
Diego Woitasen
- Linux and Open Source solutions architect
- DevOps Engineer, Infrastructure developer
http://www.woitasen.com.ar
Adding more data to the issue: I see this in the log of the two bricks:
[2014-08-06 14:39:06.231495] E [marker.c:2542:marker_removexattr_cbk]
0-gv0-marker: No data available occurred while creating symlinks
[2014-08-06 14:39:06.231543] I
[server-rpc-fops.c:727:server_removexattr_cbk] 0-gv0-server: 124:
REMOVEXATTR /testfile (473fd975-a619-47d7-9ebc-d2a077ed1ac8) of key
security.ima ==> (No data available)
_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://supercolony.gluster.org/mailman/listinfo/gluster-users
_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://supercolony.gluster.org/mailman/listinfo/gluster-users
_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://supercolony.gluster.org/mailman/listinfo/gluster-users