Bug #15783
openclient: enable acls by default
0%
Description
I found while doing some SAMBA testing using Jewel on both a kernel mounted and fuse mounted Ceph File system that ACLs cannot be set on directories on the fuse mounted Ceph file system. SAMBA gave the following error in the smbd log file, with log level = 20 when I tried to add an additional user to have access to a directory:
2016/05/07 23:41:19.213997, 10, pid=2823630, effective(2000501,2000514), real(2000501, 0)]../source3/modules/vfs_posixacl.c:92(posixacl_sys_acl_set_file) Calling acl_set_file: New folder (4), 0 [2016/05/07 23:41:19.214170, 10, pid=2823630, effective(2000501,2000514),real(2000501, 0)]../source3/modules/vfs_posixacl.c:111 (posixacl_sys_acl_set_file) acl_set_file failed: Operation not supported
This same SAMBA test works without errors on the same Ceph file system if it is kernel mounted.
A simple test of setting an ACL from the command line to a fuse mounted Ceph file system also fails:
# mkdir /cephfsFUSE/x # setfacl -m d:o:rw /cephfsFUSE/x setfacl: /cephfsFUSE/x: Operation not supported
The same test to the same Ceph file system using the kernel mount method works.
This was first reported on the ceph-user email list: http://www.spinics.net/lists/ceph-users/msg27568.html
Test setup info:
ceph -v
ceph version 10.2.0 (3a9fba20ec743699b69bd0181dd6c54dc01c64b9)
Ubuntu version is 14.04 with the 4.6rc4 PPA kernel:
uname -a
Linux ede-c1-gw04 4.6.0-040600rc4-generic #201604172330 SMP Mon Apr 18 03:32:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
Samba version 4.4.2
Ceph file system mount info:
grep ceph /proc/mounts
10.14.2.11,10.14.2.12,10.14.2.13:/ /cephfs ceph rw,noatime,name=cephfs,secret=<hidden>,acl 0 0
ceph-fuse /cephfsFUSE fuse.ceph-fuse rw,noatime,user_id=0,group_id=0,default_permissions,allow_other 0 0
I put instructions on how I built SAMBA, the smb.conf file, /etc/fstab, and the ceph.conf file in pastebin at: http://pastebin.com/hv7PEqNm
Updated by Zheng Yan almost 8 years ago
- Status changed from New to 4
To enable ACL support, you need to add "--fuse_default_permission=0 --client_acl_type=posix_acl" options to ceph-fuse.
Updated by Greg Farnum almost 8 years ago
Is there some reason we shouldn't make those the default behaviors at this point?
Updated by Greg Farnum almost 8 years ago
- Category set to Administration/Usability
- Assignee set to Zheng Yan
Zheng?
Updated by Patrick Donnelly about 6 years ago
- Subject changed from Cannot set ACLs on FUSE mounted ceph file to client: enable acls by default
- Assignee changed from Zheng Yan to Patrick Donnelly
- Target version set to v13.0.0
- Component(FS) Client added
Updated by Patrick Donnelly almost 6 years ago
- Priority changed from Normal to Urgent
- Target version changed from v13.0.0 to v14.0.0
Updated by Patrick Donnelly over 5 years ago
- Assignee changed from Patrick Donnelly to Rishabh Dave
Updated by Patrick Donnelly about 5 years ago
- Status changed from New to In Progress
- Priority changed from Urgent to Normal
- Target version changed from v14.0.0 to v15.0.0
- Start date deleted (
05/09/2016)
Updated by Rishabh Dave almost 3 years ago
- Status changed from In Progress to New