Re: Working with uid/guid

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On April 16, 2020 11:43:03 AM GMT+03:00, Petr Certik <petr@xxxxxxxxx> wrote:
>Hi everyone,
>
>new user here. I can't seem to figure out how to properly manage
>access control. Specifically, I have a gluster volume mounted on
>several servers, all of which have a `www-data` user (with potentially
>different uid on every one of them) which works with the data. Is
>there a way to "translate" the uid on the files locally to the uid of
>the local user, and then back again on write? Or do I have to use
>POSIX ACL and `setfacl -Rm u:www-data:rwX,d:u:www-data:rwX
>/mnt/gluster/`?
>
>And a follow-up question -- that recursive setfacl command seems to
>make glusterfsd run out of memory soon, when I run it on a ~1TB mount
>with lots of small files. Is there a way to make it run smoothly, even
>if slowly? I'd rather not write a script myself to make it run in
>batches, as that could mean I could miss new files that were added in
>the meantime.
>
>Thanks for any suggestions,
>Petr
>________
>
>
>
>Community Meeting Calendar:
>
>Schedule -
>Every 2nd and 4th Tuesday at 14:30 IST / 09:00 UTC
>Bridge: https://bluejeans.com/441850968
>
>Gluster-users mailing list
>Gluster-users@xxxxxxxxxxx
>https://lists.gluster.org/mailman/listinfo/gluster-users

That problem is same for NFS & CIFS.

Sadly, I don't see mount options to set uid/gid .

I guess you need to either set the same uid for your user , or to use ACLs (maybe with a find  -exec ).

Still you got the option for '0777' ,  but then security will be just a word.


I think the first one is easier to implement.

Best Regards,
Strahil Nikolov
________



Community Meeting Calendar:

Schedule -
Every 2nd and 4th Tuesday at 14:30 IST / 09:00 UTC
Bridge: https://bluejeans.com/441850968

Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
https://lists.gluster.org/mailman/listinfo/gluster-users



[Index of Archives]     [Gluster Development]     [Linux Filesytems Development]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux