Re: Setting security.NTACL xattrs fails

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 08/08/2014 11:22 AM, Ravishankar N wrote:
fuse_setxattr() permits setting security.XXX only if selinux is enabled. The command succeeds if the volume is fuse-mounted the following way: #glusterfs --volfile-server=<server IP> --volfile-id=<vol name> --selinux <mount point>

Good catch ! Thanks Ravi.


I am not sure how to enable selinux when mounting a gluster volume via nfs.

Gluster NFS which is of version 3 (As per NFSv3 protocol spec) does not support extended attributes. So it is N/A for NFS. :)

Thanks,
Santosh




On 08/08/2014 12:37 AM, Santosh Pradhan wrote:

On 08/07/2014 09:52 AM, Pranith Kumar Karampuri wrote:
hi Diego,
I tried the operation on my machine and it is failing with operation not supported, both on the bricks and mount. Could you please give the output of the execution on your machines & gluster mount point.

Brick:
09:49:17 :) ⚡ touch testfile && setfattr -n security.NTACL -v foo testfile
setfattr: testfile: Operation not permitted

Which is the filesystem in use (in bricks) ? If ext3/4, you may need to mount it with user_xattr option to enable extended attribute support, XFS has it enabled by default though.

Thanks,
Santosh


Mount:
09:49:13 :( ⚡ touch testfile && setfattr -n security.NTACL -v foo testfile
setfattr: testfile: Operation not supported

Pranith

On 08/06/2014 08:10 PM, Diego Woitasen wrote:
On Wed, Aug 6, 2014 at 11:30 AM, Diego Woitasen <diego@xxxxxxxxxxxxxxx> wrote:
Hi,
I have an issue with xattrs with the security prefix. This command work in all the servers involved (bricks, clients) in all the filesystems mounted (including the bricks), but fails on the volume mounted in the clients.

touch testfile && setfattr -n security.NTACL -v foo testfile

If I try "-n whatever", works.

# uname -a
Linux storage01 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 03:51:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux
# glusterfs --version
glusterfs 3.5.1

All the boxes have the same version.

Hints are welcome :)

Regards,
   Diego

--
Diego Woitasen
- Linux and Open Source solutions architect
- DevOps Engineer, Infrastructure developer
http://www.woitasen.com.ar
Adding more data to the issue: I see this in the log of the two bricks:

[2014-08-06 14:39:06.231495] E [marker.c:2542:marker_removexattr_cbk]
0-gv0-marker: No data available occurred while creating symlinks
[2014-08-06 14:39:06.231543] I
[server-rpc-fops.c:727:server_removexattr_cbk] 0-gv0-server: 124:
REMOVEXATTR /testfile (473fd975-a619-47d7-9ebc-d2a077ed1ac8) of key
security.ima ==> (No data available)



_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://supercolony.gluster.org/mailman/listinfo/gluster-users

_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://supercolony.gluster.org/mailman/listinfo/gluster-users


_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://supercolony.gluster.org/mailman/listinfo/gluster-users





[Index of Archives]     [Gluster Development]     [Linux Filesytems Development]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux