Re: How to properly set ACLs in GlusterFS?

Дмитрий Глушенок <glush@xxxxxxxxxx> · Thu, 8 Dec 2016 11:54:03 +0300

Hi,

According to man page for setfacl: For uid and gid you can specify either a name or a number.
But actually the information will be stored in xattrs in the form of numbers, afaik.

One way to solve your problem is the consistent name/id mapping, which can be achieved by using directory servers like Free IPA, for example.

7 дек. 2016 г., в 16:59, Alexandr Porunov <alexandr.porunov@xxxxxxxxx> написал(а):

Hello,

I am trying to use ACLs but it seems that it doesn't recognize user names but user IDs. 
I.e. I have 2 machines with next users: user1, user2.
On the first machine I have created users like this:
useradd user1
useradd user2

On the second machine I have created users like this:
useradd user2
useradd user1

Now I see id's of the users. Here is what I see:

Machine 1:
# id test1
uid=1002(test1) gid=1003(test1) groups=1003(test1)
# id test2
uid=1003(test2) gid=1004(test2) groups=1004(test2)

Machine 2:
# id test1
uid=1003(test1) gid=1004(test1) groups=1004(test1)
# id test2
uid=1002(test2) gid=1003(test2) groups=1003(test2)

So, on the machine1 test1 user has 1002 ID and on the machine2 test1 user has 1003

Now If on the machine1 I set a permission a on file like this:
setfacl -R -m u:test1:rwx /repositories/test

On the machine2 test1 user won't have any access to the file but the user test2 will! How to set permissions based on the user/group ID?

Here is how I mount a gluster volume:
mount -t glusterfs -o acl 192.168.0.120:/gv0 /repositories/

Sincerely,
Alexandr
_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://www.gluster.org/mailman/listinfo/gluster-users

--
Dmitry Glushenok
Jet Infosystems

_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://www.gluster.org/mailman/listinfo/gluster-users