<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>Just to clarify: </div><div><br></div><div>We are having our ACL's managed on our server, not on the client. In other words, we turn on server.manage-gids on our gluster volume. We then mount the homegfs volume using the "ACL" flag in our fstab. This works fine and we can set and use ACL; however, the clients can no longer use more than 32-groups. If we take the "ACL" out of the mount on the server, ACL no longer works on our clients, but the 32-group limit is gone. <br><br>David (Sent from mobile)<div><br></div><div>===============================</div><div>David F. Robinson, Ph.D. </div><div>President - Corvid Technologies</div><div>704.799.6944 x101 [office]</div><div>704.252.1310 [cell]</div><div>704.799.7974 [fax]</div><div><a href="mailto:David.Robinson@corvidtec.com">David.Robinson@corvidtec.com</a></div><div><a href="http://www.corvidtechnologies.com">http://www.corvidtechnologies.com</a></div></div><div><br>On Mar 5, 2015, at 1:35 PM, Tom Young <<a href="mailto:tom.young@corvidtec.com">tom.young@corvidtec.com</a>> wrote:<br><br></div><blockquote type="cite"><div><meta http-equiv="Content-Type" content="text/html; charset=us-ascii"><meta name="Generator" content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><div class="WordSection1"><p class="MsoNormal">Hello,</p><p class="MsoNormal">I would like to use ACLs on my gluster volume, and also not be restricted by the 32 group limitation if I do. I have noticed that if I enable acl support on a client, then I am restricted to using 32 groups. I have several users that are part of more than 32 groups, but they still want to use ACLs on certain directories. The underlying filesystem is xfs, and I have gotten acls to work, but then my users lose access to any group they’re a part of after 32. </p><p class="MsoNormal">Has anyone encountered this, and more importantly, have you discovered away to make ACLs work with more than 32 groups?</p><p class="MsoNormal"> </p><p class="MsoNormal"><b><u>Installed RPMs:</u></b></p><p class="MsoNormal">gluster-nagios-common-0.1.1-0.el6.noarch</p><p class="MsoNormal">glusterfs-libs-3.6.2-1.el6.x86_64</p><p class="MsoNormal">glusterfs-geo-replication-3.6.2-1.el6.x86_64</p><p class="MsoNormal">glusterfs-devel-3.6.2-1.el6.x86_64</p><p class="MsoNormal">glusterfs-3.6.2-1.el6.x86_64</p><p class="MsoNormal">glusterfs-cli-3.6.2-1.el6.x86_64</p><p class="MsoNormal">glusterfs-rdma-3.6.2-1.el6.x86_64</p><p class="MsoNormal">glusterfs-fuse-3.6.2-1.el6.x86_64</p><p class="MsoNormal">glusterfs-server-3.6.2-1.el6.x86_64</p><p class="MsoNormal">glusterfs-debuginfo-3.6.2-1.el6.x86_64</p><p class="MsoNormal">glusterfs-extra-xlators-3.6.2-1.el6.x86_64</p><p class="MsoNormal">samba-vfs-glusterfs-4.1.11-2.el6.x86_64</p><p class="MsoNormal">glusterfs-api-3.6.2-1.el6.x86_64</p><p class="MsoNormal">glusterfs-api-devel-3.6.2-1.el6.x86_64</p><p class="MsoNormal"> </p><p class="MsoNormal"><b><u>/etc/fstab entry:</u></b></p><p class="MsoNormal"><a href="http://gfsib01a.corvidtec.com">gfsib01a.corvidtec.com</a>:/homegfs /homegfs glusterfs transport=tcp,acl,_netdev 0 0</p><p class="MsoNormal"> </p><p class="MsoNormal"><b><u>GFS Volume info:</u></b></p><p class="MsoNormal">Volume Name: homegfs</p><p class="MsoNormal">Type: Distributed-Replicate</p><p class="MsoNormal">Volume ID: 1e32672a-f1b7-4b58-ba94-58c085e59071</p><p class="MsoNormal">Status: Started</p><p class="MsoNormal">Number of Bricks: 4 x 2 = 8</p><p class="MsoNormal">Transport-type: tcp</p><p class="MsoNormal">Bricks:</p><p class="MsoNormal">Brick1: <a href="http://gfsib01a.corvidtec.com">gfsib01a.corvidtec.com</a>:/data/brick01a/homegfs</p><p class="MsoNormal">Brick2: <a href="http://gfsib01b.corvidtec.com">gfsib01b.corvidtec.com</a>:/data/brick01b/homegfs</p><p class="MsoNormal">Brick3: <a href="http://gfsib01a.corvidtec.com">gfsib01a.corvidtec.com</a>:/data/brick02a/homegfs</p><p class="MsoNormal">Brick4: <a href="http://gfsib01b.corvidtec.com">gfsib01b.corvidtec.com</a>:/data/brick02b/homegfs</p><p class="MsoNormal">Brick5: <a href="http://gfsib02a.corvidtec.com">gfsib02a.corvidtec.com</a>:/data/brick01a/homegfs</p><p class="MsoNormal">Brick6: <a href="http://gfsib02b.corvidtec.com">gfsib02b.corvidtec.com</a>:/data/brick01b/homegfs</p><p class="MsoNormal">Brick7: <a href="http://gfsib02a.corvidtec.com">gfsib02a.corvidtec.com</a>:/data/brick02a/homegfs</p><p class="MsoNormal">Brick8: <a href="http://gfsib02b.corvidtec.com">gfsib02b.corvidtec.com</a>:/data/brick02b/homegfs</p><p class="MsoNormal">Options Reconfigured:</p><p class="MsoNormal">server.manage-gids: on</p><p class="MsoNormal">changelog.rollover-time: 15</p><p class="MsoNormal">changelog.fsync-interval: 3</p><p class="MsoNormal">changelog.changelog: on</p><p class="MsoNormal">geo-replication.ignore-pid-check: on</p><p class="MsoNormal">geo-replication.indexing: off</p><p class="MsoNormal">storage.owner-gid: 100</p><p class="MsoNormal">network.ping-timeout: 10</p><p class="MsoNormal">server.allow-insecure: on</p><p class="MsoNormal">performance.write-behind-window-size: 128MB</p><p class="MsoNormal">performance.cache-size: 128MB</p><p class="MsoNormal">performance.io-thread-count: 32</p><p class="MsoNormal"> </p><p class="MsoNormal">Thank you</p><p class="MsoNormal"> </p><p class="MsoNormal">Tom</p></div>
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>Gluster-users mailing list</span><br><span><a href="mailto:Gluster-users@gluster.org">Gluster-users@gluster.org</a></span><br><span><a href="http://www.gluster.org/mailman/listinfo/gluster-users">http://www.gluster.org/mailman/listinfo/gluster-users</a></span></div></blockquote></body></html>