<div dir="ltr">Hi Niels,<div><br></div><div>Thanks for reply.</div><div><br></div><div>I am trying to user Gluster NFS even in this case I am facing the same issue.</div><div><br></div><div>Could please suggest me what I need to do and how can I setup Gluster NFS.</div><div><br></div><div>Regards,</div><div>Abhishek</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Apr 27, 2016 at 1:53 PM, Niels de Vos <span dir="ltr"><<a href="mailto:ndevos@redhat.com" target="_blank">ndevos@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5">On Tue, Apr 26, 2016 at 08:23:15PM +0530, ABHISHEK PALIWAL wrote:<br>
> On Tue, Apr 26, 2016 at 8:06 PM, Niels de Vos <<a href="mailto:ndevos@redhat.com">ndevos@redhat.com</a>> wrote:<br>
><br>
> > On Tue, Apr 26, 2016 at 07:46:03PM +0530, ABHISHEK PALIWAL wrote:<br>
> > > On Tue, Apr 26, 2016 at 7:06 PM, Niels de Vos <<a href="mailto:ndevos@redhat.com">ndevos@redhat.com</a>> wrote:<br>
> > ><br>
> > > > On Tue, Apr 26, 2016 at 06:45:59PM +0530, ABHISHEK PALIWAL wrote:<br>
> > > > > On Tue, Apr 26, 2016 at 6:37 PM, Niels de Vos <<a href="mailto:ndevos@redhat.com">ndevos@redhat.com</a>><br>
> > wrote:<br>
> > > > ><br>
> > > > > > On Tue, Apr 26, 2016 at 12:11:06PM +0530, ABHISHEK PALIWAL wrote:<br>
> > > > > > > Hi,<br>
> > > > > > ><br>
> > > > > > > I want to enable ACL support on gluster volume using the kernel<br>
> > NFS<br>
> > > > ACL<br>
> > > > > > > support so I have followed below steps after creation of gluster<br>
> > > > volume:<br>
> > > > > > ><br>
> > > > > > > 1. mount -t glusterfs -o acl 10.32.0.48:/c_glusterfs /tmp/a2<br>
> > > > > > ><br>
> > > > > > > 2. update the /etc/exports file<br>
> > > > > > > /tmp/a2<br>
> > 10.32.*(rw,acl,sync,no_subtree_check,no_root_squash,fsid=14)<br>
> > > > > > ><br>
> > > > > > > 3. exportfs –ra<br>
> > > > > > ><br>
> > > > > > > 4. gluster volume set c_glusterfs nfs.acl off<br>
> > > > > > ><br>
> > > > > > > 5. gluster volume set c_glusterfs nfs.disable on<br>
> > > > > > ><br>
> > > > > > > we have disabled above two options because we are using Kernel<br>
> > NFS<br>
> > > > ACL<br>
> > > > > > > support and that is already enabled.<br>
> > > > > > ><br>
> > > > > > ><br>
> > > > > > ><br>
> > > > > > > on other board mounting it using<br>
> > > > > > ><br>
> > > > > > > mount -t nfs -o acl,vers=3 10.32.0.48:/tmp/a2 /tmp/e/<br>
> > > > > > ><br>
> > > > > > > setfacl -m u:application:rw /tmp/e/usr<br>
> > > > > > > setfacl: /tmp/e/usr: Operation not supported<br>
> > > > > ><br>
> > > > > > Have you tried to set/getfacl on the Gluster FUSE mountpoint<br>
> > (/tmp/a2)<br>
> > > > > > too? Depending on the filesystem that you use on the bricks, you<br>
> > may<br>
> > > > > > need to mount with "-o acl" there as well. Try to set/get an ACL<br>
> > on all<br>
> > > > > > of these different levels to see where is starts to fail.<br>
> > > > > ><br>
> > > > > Yes, you can check I have already given -o acl on /tmp/a2 as well as<br>
> > > > below<br>
> > > ><br>
> > > > Sorry, that is not what I meant. The bricks that provide the<br>
> > c_glusterfs<br>
> > > > volume need to support and have ACLs enabled as well. If you use XFS,<br>
> > it<br>
> > > > should be enabled by default. But some other filesystems do not do<br>
> > that.<br>
> > > ><br>
> > > > You have three different mountpoints:<br>
> > > ><br>
> > > > - /tmp/e: nfs<br>
> > > > - /tmp/a2: Gluster FUSE<br>
> > > > - whatever you use as bricks for c_glusterfs: XFS or something else?<br>
> > > ><br>
> > ><br>
> > > I have following volume info<br>
> > ><br>
> > > Volume Name: c_glusterfs<br>
> > > Type: Replicate<br>
> > > Volume ID: 5be1524c-21ae-47d5-970a-d4920fca39cf<br>
> > > Status: Started<br>
> > > Number of Bricks: 1 x 2 = 2<br>
> > > Transport-type: tcp<br>
> > > Bricks:<br>
> > > Brick1: 10.32.0.48:/opt/lvmdir/c2/brick<br>
> > > Brick2: 10.32.1.144:/opt/lvmdir/c2/brick<br>
> > > Options Reconfigured:<br>
> > > nfs.acl: off<br>
> > > nfs.disable: on<br>
> > > network.ping-timeout: 4<br>
> > > performance.readdir-ahead: on<br>
> > ><br>
> > > now according to you /opt/lvmdir/c2/brick should support ACL option or<br>
> > > /opt/lvmdir/c2 ? if /opt/lvmdir/<br>
> > > c2 then we are mounting it as below<br>
> > ><br>
> > > mount -o acl /dev/cpplvm_vg/vol2 /opt/lvmdir//c2<br>
> ><br>
> > If /opt/lvmdir/c2 is the mountpoint, then make sure that a test-file<br>
> > like /opt/lvmdir/c2/test-acl can have ACLs. It may require mounting<br>
> > /opt/lvmdir/c2 with the "-o acl" option, but that depends on the<br>
> > filesystem.<br>
> ><br>
> > Also try to create a test-file on /tmp/a2 and check of ACLs work on the<br>
> > Gluster FUSE mountpoint.<br>
> ><br>
> > If these two filesystems support ACLs, I do not see a problem why the<br>
> > kernel NFS server can not use them.<br>
> ><br>
> > > I have one more question : we are using logical volume here for glusterfs<br>
> > > so it should not create any issue in ACL support?<br>
> ><br>
> > No, that should not matter.<br>
> ><br>
><br>
> it is working fine locally means at 10.32.0.48 but when I am exporting it<br>
> using /etc/exportfs file<br>
> like<br>
</div></div>> */tmp/a2 10.32.*(rw,acl,sync,no_subtree_check,no_root_squash,fsid=10) *<br>
> and then run *exportfs -ra* command to export it on other board.<br>
<span class="">><br>
> and trying to mount it on other board<br>
><br>
> like<br>
><br>
</span>> *mount -t nfs -o acl 10.32.0.48:/tmp/a2 /mnt/glust*<br>
><br>
> and then run setfacl<br>
><br>
> *setfacl -m u:application:r /mnt/glust/usr*<br>
> *setfacl: /mnt/glust/usr: Operation not supported *//Reporting this error<br>
<br>
If the ACL works on /opt/lvmdir/c2 and /tmp/a2 at least on the Gluster<br>
and FUSE side all seems to be fine. You would need to check with the<br>
kernel NFS server people to figure out why the mounted Gluster volume<br>
can not use ACLs through knfsd.<br>
<br>
Note that we really recommend to use Gluster/NFS or NFS-Ganesha with<br>
Gluster. We do not test exporting FUSE mounted Gluster volume through<br>
knfsd at all, and I am not aware that anyone uses this combination in<br>
their production environment.<br>
<br>
Cheers,<br>
Niels<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
><br>
> ><br>
> > Cheers,<br>
> > Niels<br>
> ><br>
> > ><br>
> > ><br>
> > > Regards,<br>
> > ><br>
> > > Abhishek<br>
> > ><br>
> > ><br>
> > > ><br>
> > > > HTH,<br>
> > > > Niels<br>
> > > ><br>
> > > > ><br>
> > > > > > 1. mount -t glusterfs -o acl 10.32.0.48:/c_glusterfs /tmp/a2<br>
> > > > > ><br>
> > > > > > 2. update the /etc/exports file<br>
> > > > > > /tmp/a2<br>
> > 10.32.*(rw,acl,sync,no_subtree_check,no_root_squash,fsid=14)<br>
> > > > > ><br>
> > > > ><br>
> > > > > ><br>
> > > > > > Thanks,<br>
> > > > > > Niels<br>
> > > > > ><br>
> > > > > > ><br>
> > > > > > > and application is the system user like below<br>
> > > > > > ><br>
> > > > > > > application:x:102:0::/home/application:/bin/sh<br>
> > > > > > ><br>
> > > > > > > I don't why I am getting this failure when I enabled all the acl<br>
> > > > support<br>
> > > > > > in<br>
> > > > > > > each steps.<br>
> > > > > > ><br>
> > > > > > > Please let me know how can I enable this.<br>
> > > > > > ><br>
> > > > > > > Regards,<br>
> > > > > > > Abhishek<br>
> > > > > ><br>
> > > > > > > _______________________________________________<br>
> > > > > > > Gluster-devel mailing list<br>
> > > > > > > <a href="mailto:Gluster-devel@gluster.org">Gluster-devel@gluster.org</a><br>
> > > > > > > <a href="http://www.gluster.org/mailman/listinfo/gluster-devel" rel="noreferrer" target="_blank">http://www.gluster.org/mailman/listinfo/gluster-devel</a><br>
> > > > > ><br>
> > > > > ><br>
> > > > ><br>
> > > > ><br>
> > > > > --<br>
> > > > ><br>
> > > > ><br>
> > > > ><br>
> > > > ><br>
> > > > > Regards<br>
> > > > > Abhishek Paliwal<br>
> > > ><br>
> > ><br>
> > ><br>
> > ><br>
> > > --<br>
> > ><br>
> > ><br>
> > ><br>
> > ><br>
> > > Regards<br>
> > > Abhishek Paliwal<br>
> ><br>
><br>
><br>
><br>
> --<br>
><br>
><br>
><br>
><br>
> Regards<br>
> Abhishek Paliwal<br>
</div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><br><br><br><br>Regards<br>
Abhishek Paliwal<br>
</div></div>
</div>