On Thu, Mar 05, 2015 at 03:31:51PM -0500, Tom Young wrote: > Update – > > I found that we can enable ACLs on the gluster server, and still have > access to more than 32 groups. I had to remove the acl option from the > client that was mounting the gluster volume, and everything started working > the way we wanted. Thank you Great to hear, thanks for reporting the details! I was wondering about this too, but did not have the time to try it out yet. The 'acl' mount option causes a posix-acl xlator to be loaded on the client-side. This improves the performance for ACL handling, but that xlator is indeed limited to 32 groups. Dropping the 'acl' option from the mount command, prevents loading the posix-acl xlator. This is not an issue, as long as FUSE still uses ACLs when the option is not passed (which I was not sure of). If you want, you can file a bug about this problem so we won't forget about it and can look into fixing it in the future. Thanks, Niels > > > > > > Tom Young > > > > *From:* Tom Young [mailto:tom.young@xxxxxxxxxxxxx] > *Sent:* Thursday, March 05, 2015 1:36 PM > *To:* 'gluster-users@xxxxxxxxxxx' > *Subject:* gluster and acl support > > > > Hello, > > I would like to use ACLs on my gluster volume, and also not be restricted > by the 32 group limitation if I do. I have noticed that if I enable acl > support on a client, then I am restricted to using 32 groups. I have > several users that are part of more than 32 groups, but they still want to > use ACLs on certain directories. The underlying filesystem is xfs, and I > have gotten acls to work, but then my users lose access to any group > they’re a part of after 32. > > Has anyone encountered this, and more importantly, have you discovered away > to make ACLs work with more than 32 groups? > > > > *Installed RPMs:* > > gluster-nagios-common-0.1.1-0.el6.noarch > > glusterfs-libs-3.6.2-1.el6.x86_64 > > glusterfs-geo-replication-3.6.2-1.el6.x86_64 > > glusterfs-devel-3.6.2-1.el6.x86_64 > > glusterfs-3.6.2-1.el6.x86_64 > > glusterfs-cli-3.6.2-1.el6.x86_64 > > glusterfs-rdma-3.6.2-1.el6.x86_64 > > glusterfs-fuse-3.6.2-1.el6.x86_64 > > glusterfs-server-3.6.2-1.el6.x86_64 > > glusterfs-debuginfo-3.6.2-1.el6.x86_64 > > glusterfs-extra-xlators-3.6.2-1.el6.x86_64 > > samba-vfs-glusterfs-4.1.11-2.el6.x86_64 > > glusterfs-api-3.6.2-1.el6.x86_64 > > glusterfs-api-devel-3.6.2-1.el6.x86_64 > > > > */etc/fstab entry:* > > gfsib01a.corvidtec.com:/homegfs /homegfs glusterfs > transport=tcp,acl,_netdev 0 0 > > > > *GFS Volume info:* > > Volume Name: homegfs > > Type: Distributed-Replicate > > Volume ID: 1e32672a-f1b7-4b58-ba94-58c085e59071 > > Status: Started > > Number of Bricks: 4 x 2 = 8 > > Transport-type: tcp > > Bricks: > > Brick1: gfsib01a.corvidtec.com:/data/brick01a/homegfs > > Brick2: gfsib01b.corvidtec.com:/data/brick01b/homegfs > > Brick3: gfsib01a.corvidtec.com:/data/brick02a/homegfs > > Brick4: gfsib01b.corvidtec.com:/data/brick02b/homegfs > > Brick5: gfsib02a.corvidtec.com:/data/brick01a/homegfs > > Brick6: gfsib02b.corvidtec.com:/data/brick01b/homegfs > > Brick7: gfsib02a.corvidtec.com:/data/brick02a/homegfs > > Brick8: gfsib02b.corvidtec.com:/data/brick02b/homegfs > > Options Reconfigured: > > server.manage-gids: on > > changelog.rollover-time: 15 > > changelog.fsync-interval: 3 > > changelog.changelog: on > > geo-replication.ignore-pid-check: on > > geo-replication.indexing: off > > storage.owner-gid: 100 > > network.ping-timeout: 10 > > server.allow-insecure: on > > performance.write-behind-window-size: 128MB > > performance.cache-size: 128MB > > performance.io-thread-count: 32 > > > > Thank you > > > > Tom > _______________________________________________ > Gluster-users mailing list > Gluster-users@xxxxxxxxxxx > http://www.gluster.org/mailman/listinfo/gluster-users
Attachment:
pgpYnCSWzOKSM.pgp
Description: PGP signature
_______________________________________________ Gluster-users mailing list Gluster-users@xxxxxxxxxxx http://www.gluster.org/mailman/listinfo/gluster-users
