On April 16, 2020 11:43:03 AM GMT+03:00, Petr Certik <petr@xxxxxxxxx> wrote: >Hi everyone, > >new user here. I can't seem to figure out how to properly manage >access control. Specifically, I have a gluster volume mounted on >several servers, all of which have a `www-data` user (with potentially >different uid on every one of them) which works with the data. Is >there a way to "translate" the uid on the files locally to the uid of >the local user, and then back again on write? Or do I have to use >POSIX ACL and `setfacl -Rm u:www-data:rwX,d:u:www-data:rwX >/mnt/gluster/`? > >And a follow-up question -- that recursive setfacl command seems to >make glusterfsd run out of memory soon, when I run it on a ~1TB mount >with lots of small files. Is there a way to make it run smoothly, even >if slowly? I'd rather not write a script myself to make it run in >batches, as that could mean I could miss new files that were added in >the meantime. > >Thanks for any suggestions, >Petr >________ > > > >Community Meeting Calendar: > >Schedule - >Every 2nd and 4th Tuesday at 14:30 IST / 09:00 UTC >Bridge: https://bluejeans.com/441850968 > >Gluster-users mailing list >Gluster-users@xxxxxxxxxxx >https://lists.gluster.org/mailman/listinfo/gluster-users That problem is same for NFS & CIFS. Sadly, I don't see mount options to set uid/gid . I guess you need to either set the same uid for your user , or to use ACLs (maybe with a find -exec ). Still you got the option for '0777' , but then security will be just a word. I think the first one is easier to implement. Best Regards, Strahil Nikolov ________ Community Meeting Calendar: Schedule - Every 2nd and 4th Tuesday at 14:30 IST / 09:00 UTC Bridge: https://bluejeans.com/441850968 Gluster-users mailing list Gluster-users@xxxxxxxxxxx https://lists.gluster.org/mailman/listinfo/gluster-users
