----- Original Message -----> From: "Gandalf Corvotempesta" <gandalf.corvotempesta at
gmail.com>
> To: "Prashanth Pai" <ppai at redhat.com>
> Cc: "John Mark Walker" <johnmark at johnmark.org>,
"gluster-users" <Gluster-users at gluster.org>
> Sent: Thursday, 29 September, 2016 2:50:33 PM
> Subject: Re: [Gluster-users] Minio as object storage
>
> 2016-09-29 11:03 GMT+02:00 Prashanth Pai <ppai at redhat.com>:
> > Each account can have as many users you'd want.
> >
> > If you'd like 10 accounts, you'll need 10 volumes.
> > If you have 10 volumes, you'd have 10 accounts.
> >
> > For example (uploading an object):
> > curl -v -X PUT -T mytestfile
> > http://localhost:8080/v1/AUTH_myvolume/mycontainer/mytestfile
> >
> > Here "myvolumename" is the name of the volume as well as the
account.
>
> So, let's assume a single "volume" with multiple users.
> Would be possible to share this volume with multiple users and deny
> access files by users ?
Swift can enforce allowing/denying access to swift users.
The Swift API provides Account ACLs and Container ACLs for this.
http://docs.openstack.org/developer/swift/overview_auth.html
There is no mapping between a swift user and a linux user as
such. Hence these ACLs are enforced at object interface level
and not at the filesystem layer.
> user1 should only see it's own files and so on.
>
> If this is not possible, would be a mess: gluster volumes needs many
> bricks (in my case, with replica 3, at least 3 bricks).
> Having to create 1 volume for each account mens thousands of volumes
> and then thousands*3 bricks
>