Project

General

Profile

Bug #15783

client: enable acls by default

Added by Eric Eastman over 2 years ago. Updated 3 months ago.

Status:
New
Priority:
Urgent
Category:
Administration/Usability
Target version:
Start date:
05/09/2016
Due date:
% Done:

0%

Source:
Community (user)
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Component(FS):
Client
Labels (FS):
Pull request ID:

Description

I found while doing some SAMBA testing using Jewel on both a kernel mounted and fuse mounted Ceph File system that ACLs cannot be set on directories on the fuse mounted Ceph file system. SAMBA gave the following error in the smbd log file, with log level = 20 when I tried to add an additional user to have access to a directory:

2016/05/07 23:41:19.213997, 10, pid=2823630, effective(2000501,2000514), real(2000501, 0)]../source3/modules/vfs_posixacl.c:92(posixacl_sys_acl_set_file)  Calling acl_set_file: New folder (4), 0 [2016/05/07 23:41:19.214170, 10, pid=2823630, effective(2000501,2000514),real(2000501, 0)]../source3/modules/vfs_posixacl.c:111 (posixacl_sys_acl_set_file)  acl_set_file failed: Operation not supported

This same SAMBA test works without errors on the same Ceph file system if it is kernel mounted.

A simple test of setting an ACL from the command line to a fuse mounted Ceph file system also fails:

# mkdir /cephfsFUSE/x
# setfacl -m d:o:rw /cephfsFUSE/x
setfacl: /cephfsFUSE/x: Operation not supported

The same test to the same Ceph file system using the kernel mount method works.

This was first reported on the ceph-user email list: http://www.spinics.net/lists/ceph-users/msg27568.html

Test setup info:
ceph -v
ceph version 10.2.0 (3a9fba20ec743699b69bd0181dd6c54dc01c64b9)

Ubuntu version is 14.04 with the 4.6rc4 PPA kernel:
uname -a
Linux ede-c1-gw04 4.6.0-040600rc4-generic #201604172330 SMP Mon Apr 18 03:32:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux

Samba version 4.4.2

Ceph file system mount info:
grep ceph /proc/mounts
10.14.2.11,10.14.2.12,10.14.2.13:/ /cephfs ceph rw,noatime,name=cephfs,secret=<hidden>,acl 0 0
ceph-fuse /cephfsFUSE fuse.ceph-fuse rw,noatime,user_id=0,group_id=0,default_permissions,allow_other 0 0

I put instructions on how I built SAMBA, the smb.conf file, /etc/fstab, and the ceph.conf file in pastebin at: http://pastebin.com/hv7PEqNm

History

#1 Updated by Zheng Yan over 2 years ago

  • Status changed from New to Feedback

To enable ACL support, you need to add "--fuse_default_permission=0 --client_acl_type=posix_acl" options to ceph-fuse.

#2 Updated by Greg Farnum over 2 years ago

Is there some reason we shouldn't make those the default behaviors at this point?

#3 Updated by Greg Farnum over 2 years ago

  • Category set to Administration/Usability
  • Assignee set to Zheng Yan

Zheng?

#4 Updated by Patrick Donnelly 8 months ago

  • Subject changed from Cannot set ACLs on FUSE mounted ceph file to client: enable acls by default
  • Assignee changed from Zheng Yan to Patrick Donnelly
  • Target version set to v13.0.0
  • Component(FS) Client added

#5 Updated by Patrick Donnelly 7 months ago

  • Priority changed from Normal to Urgent
  • Target version changed from v13.0.0 to v14.0.0

#6 Updated by Patrick Donnelly 3 months ago

  • Status changed from Feedback to New

Also available in: Atom PDF