Gluster users - Dec 2016 - How to properly set ACLs in GlusterFS?

Hello,

I am trying to use ACLs but it seems that it doesn't recognize user names
but user IDs.
I.e. I have 2 machines with next users: user1, user2.
On the first machine I have created users like this:
useradd user1
useradd user2

On the second machine I have created users like this:
useradd user2
useradd user1

Now I see id's of the users. Here is what I see:

Machine 1:
# id test1
uid=1002(test1) gid=1003(test1) groups=1003(test1)
# id test2
uid=1003(test2) gid=1004(test2) groups=1004(test2)

Machine 2:
# id test1
uid=1003(test1) gid=1004(test1) groups=1004(test1)
# id test2
uid=1002(test2) gid=1003(test2) groups=1003(test2)

So, on the machine1 test1 user has 1002 ID and on the machine2 test1 user
has 1003

Now If on the machine1 I set a permission a on file like this:
setfacl -R -m u:test1:rwx /repositories/test

On the machine2 test1 user won't have any access to the file but the user
test2 will! How to set permissions based on the user/group ID?

Here is how I mount a gluster volume:
mount -t glusterfs -o acl 192.168.0.120:/gv0 /repositories/

Sincerely,
Alexandr
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.gluster.org/pipermail/gluster-users/attachments/20161207/a22d8067/attachment.html>

Hi,

According to man page for setfacl: For uid and gid you can specify either a name
or a number.
But actually the information will be stored in xattrs in the form of numbers,
afaik.

One way to solve your problem is the consistent name/id mapping, which can be
achieved by using directory servers like Free IPA, for example.
> 7 ???. 2016 ?., ? 16:59, Alexandr Porunov <alexandr.porunov at
gmail.com> ???????(?):
> 
> Hello,
> 
> I am trying to use ACLs but it seems that it doesn't recognize user
names but user IDs.
> I.e. I have 2 machines with next users: user1, user2.
> On the first machine I have created users like this:
> useradd user1
> useradd user2
> 
> On the second machine I have created users like this:
> useradd user2
> useradd user1
> 
> Now I see id's of the users. Here is what I see:
> 
> Machine 1:
> # id test1
> uid=1002(test1) gid=1003(test1) groups=1003(test1)
> # id test2
> uid=1003(test2) gid=1004(test2) groups=1004(test2)
> 
> Machine 2:
> # id test1
> uid=1003(test1) gid=1004(test1) groups=1004(test1)
> # id test2
> uid=1002(test2) gid=1003(test2) groups=1003(test2)
> 
> So, on the machine1 test1 user has 1002 ID and on the machine2 test1 user
has 1003
> 
> Now If on the machine1 I set a permission a on file like this:
> setfacl -R -m u:test1:rwx /repositories/test
> 
> On the machine2 test1 user won't have any access to the file but the
user test2 will! How to set permissions based on the user/group ID?
> 
> Here is how I mount a gluster volume:
> mount -t glusterfs -o acl 192.168.0.120:/gv0 /repositories/
> 
> Sincerely,
> Alexandr
> _______________________________________________
> Gluster-users mailing list
> Gluster-users at gluster.org
> http://www.gluster.org/mailman/listinfo/gluster-users
--
Dmitry Glushenok
Jet Infosystems

-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://www.gluster.org/pipermail/gluster-users/attachments/20161208/2bad9947/attachment.html>