On Thu, Mar 05, 2015 at 05:11:55PM -0500, David F. Robinson wrote: > Niels, > > One additional piece of info. > When tom mounted it with ACL on one client, it stopped allowing more > than 32-groups on ALL the clients. Even the ones where it was FUSE > mounted without the ACL option. > > To me, this was the biggest issue. A single improper mount point > messing up the 32-group limitation for all fuse clients. Oh, that indeed is very strange. I can not explain (yet) how this would happen. I agree that one client may not cause issues like that for other clients. Thanks for the info, Niels > > David (Sent from mobile) > > =============================== > David F. Robinson, Ph.D. > President - Corvid Technologies > 704.799.6944 x101 [office] > 704.252.1310 [cell] > 704.799.7974 [fax] > David.Robinson@xxxxxxxxxxxxx > http://www.corvidtechnologies.com > > > On Mar 5, 2015, at 4:18 PM, Niels de Vos <ndevos@xxxxxxxxxx> wrote: > > > >> On Thu, Mar 05, 2015 at 03:31:51PM -0500, Tom Young wrote: > >> Update – > >> > >> I found that we can enable ACLs on the gluster server, and still have > >> access to more than 32 groups. I had to remove the acl option from the > >> client that was mounting the gluster volume, and everything started working > >> the way we wanted. Thank you > > > > Great to hear, thanks for reporting the details! > > > > I was wondering about this too, but did not have the time to try it out > > yet. The 'acl' mount option causes a posix-acl xlator to be loaded on > > the client-side. This improves the performance for ACL handling, but > > that xlator is indeed limited to 32 groups. Dropping the 'acl' option > > from the mount command, prevents loading the posix-acl xlator. This is > > not an issue, as long as FUSE still uses ACLs when the option is not > > passed (which I was not sure of). > > > > If you want, you can file a bug about this problem so we won't forget > > about it and can look into fixing it in the future. > > > > Thanks, > > Niels > > > >> > >> > >> > >> > >> > >> Tom Young > >> > >> > >> > >> *From:* Tom Young [mailto:tom.young@xxxxxxxxxxxxx] > >> *Sent:* Thursday, March 05, 2015 1:36 PM > >> *To:* 'gluster-users@xxxxxxxxxxx' > >> *Subject:* gluster and acl support > >> > >> > >> > >> Hello, > >> > >> I would like to use ACLs on my gluster volume, and also not be restricted > >> by the 32 group limitation if I do. I have noticed that if I enable acl > >> support on a client, then I am restricted to using 32 groups. I have > >> several users that are part of more than 32 groups, but they still want to > >> use ACLs on certain directories. The underlying filesystem is xfs, and I > >> have gotten acls to work, but then my users lose access to any group > >> they’re a part of after 32. > >> > >> Has anyone encountered this, and more importantly, have you discovered away > >> to make ACLs work with more than 32 groups? > >> > >> > >> > >> *Installed RPMs:* > >> > >> gluster-nagios-common-0.1.1-0.el6.noarch > >> > >> glusterfs-libs-3.6.2-1.el6.x86_64 > >> > >> glusterfs-geo-replication-3.6.2-1.el6.x86_64 > >> > >> glusterfs-devel-3.6.2-1.el6.x86_64 > >> > >> glusterfs-3.6.2-1.el6.x86_64 > >> > >> glusterfs-cli-3.6.2-1.el6.x86_64 > >> > >> glusterfs-rdma-3.6.2-1.el6.x86_64 > >> > >> glusterfs-fuse-3.6.2-1.el6.x86_64 > >> > >> glusterfs-server-3.6.2-1.el6.x86_64 > >> > >> glusterfs-debuginfo-3.6.2-1.el6.x86_64 > >> > >> glusterfs-extra-xlators-3.6.2-1.el6.x86_64 > >> > >> samba-vfs-glusterfs-4.1.11-2.el6.x86_64 > >> > >> glusterfs-api-3.6.2-1.el6.x86_64 > >> > >> glusterfs-api-devel-3.6.2-1.el6.x86_64 > >> > >> > >> > >> */etc/fstab entry:* > >> > >> gfsib01a.corvidtec.com:/homegfs /homegfs glusterfs > >> transport=tcp,acl,_netdev 0 0 > >> > >> > >> > >> *GFS Volume info:* > >> > >> Volume Name: homegfs > >> > >> Type: Distributed-Replicate > >> > >> Volume ID: 1e32672a-f1b7-4b58-ba94-58c085e59071 > >> > >> Status: Started > >> > >> Number of Bricks: 4 x 2 = 8 > >> > >> Transport-type: tcp > >> > >> Bricks: > >> > >> Brick1: gfsib01a.corvidtec.com:/data/brick01a/homegfs > >> > >> Brick2: gfsib01b.corvidtec.com:/data/brick01b/homegfs > >> > >> Brick3: gfsib01a.corvidtec.com:/data/brick02a/homegfs > >> > >> Brick4: gfsib01b.corvidtec.com:/data/brick02b/homegfs > >> > >> Brick5: gfsib02a.corvidtec.com:/data/brick01a/homegfs > >> > >> Brick6: gfsib02b.corvidtec.com:/data/brick01b/homegfs > >> > >> Brick7: gfsib02a.corvidtec.com:/data/brick02a/homegfs > >> > >> Brick8: gfsib02b.corvidtec.com:/data/brick02b/homegfs > >> > >> Options Reconfigured: > >> > >> server.manage-gids: on > >> > >> changelog.rollover-time: 15 > >> > >> changelog.fsync-interval: 3 > >> > >> changelog.changelog: on > >> > >> geo-replication.ignore-pid-check: on > >> > >> geo-replication.indexing: off > >> > >> storage.owner-gid: 100 > >> > >> network.ping-timeout: 10 > >> > >> server.allow-insecure: on > >> > >> performance.write-behind-window-size: 128MB > >> > >> performance.cache-size: 128MB > >> > >> performance.io-thread-count: 32 > >> > >> > >> > >> Thank you > >> > >> > >> > >> Tom > > > >> _______________________________________________ > >> Gluster-users mailing list > >> Gluster-users@xxxxxxxxxxx > >> http://www.gluster.org/mailman/listinfo/gluster-users > > > > _______________________________________________ > > Gluster-users mailing list > > Gluster-users@xxxxxxxxxxx > > http://www.gluster.org/mailman/listinfo/gluster-users _______________________________________________ Gluster-users mailing list Gluster-users@xxxxxxxxxxx http://www.gluster.org/mailman/listinfo/gluster-users
