Strahil Nikolov
2021-Aug-11 02:21 UTC
[Gluster-users] Permission denied closing file when accessing GlusterFS via NFS
And on the NFS server the user can write into the FUSE, right? Best Regards,Strahil Nikolov On Wed, Aug 11, 2021 at 0:24, David Cunningham<dcunningham at voisonics.com> wrote: Hi Strahil and Gilberto, Thanks very much for your replies. SELinux is disabled on the NFS server (and the client too), and both have the same UID and GID for the user who owns the files. On the NFS mount we had options "rw,noatime,hard,bg,intr,vers=4". I added "async" which did not solve the problem, and the NFS client mount gave an error when trying to use "no_root_squash" or "no_subtree_check". Gilberto, is there a specific reason why you suggested those options? Thanks again. On Wed, 11 Aug 2021 at 03:55, Gilberto Ferreira <gilberto.nunes32 at gmail.com> wrote: HOw about the NFS options?(rw,async,no_root_squash,no_subtree_check) ---Gilberto Nunes Ferreira(47) 99676-7530 - Whatsapp / Telegram Em ter., 10 de ago. de 2021 ?s 12:46, Strahil Nikolov <hunter86_bg at yahoo.com> escreveu: Hey David, can you give the volume info ? Also, I assume SELINUX is in permissive/disabled state. What about the uod of the user on the nfs client and the nfs server ? Is it the same ? Best Regards,Strahil Nikolov On Tue, Aug 10, 2021 at 5:52, David Cunningham<dcunningham at voisonics.com> wrote: Hello, We have a GlusterFS node which also uses the FUSE client to mount the filesystem. The same GlusterFS node server also runs an NFS server which exports the FUSE client mount, and another machine NFS mounts it. When the NFS client writes data to the mounted filesystem we are seeing "Permission denied" errors like this: cp: closing `/var/lib/gfs/company/david/1075/Copyrec/1628448189883606-203-17184805327-out-08-08-21-14~43~10-203.mp3': Permission denied The file mentioned in the error is actually created on the GlusterFS filesystem, but has zero size, so the problem is not a normal Linux filesystem permission one. In the brick log nodirectwritedata-gluster-gvol0.log on the GlusterFS node we see an error as follows. Would anyone have a suggestion on what the problem might be? Thank you in advance! [2021-08-10 02:30:20.359159] I [MSGID: 139001] [posix-acl.c:262:posix_acl_log_permit_denied] 0-gvol0-access-control: client: CTX_ID:8f69363a-f0f4-44e1-84e9-69dfa77a8164-GRAPH_ID:0-PID:2657-HOST:gfs1.company.com-PC_NAME:gvol0-client-0-RECON_NO:-0, gfid: f70b1cd6-745a-4ea6-b0a5-1fcfef960f15, req(uid:106,gid:111,perm:2,ngrps:0), ctx(uid:106,gid:111,in-groups:1,perm:000,updated-fop:SETATTR, acl:-) [Permission denied] [2021-08-10 02:30:20.359187] E [MSGID: 115070] [server-rpc-fops_v2.c:1502:server4_open_cbk] 0-gvol0-server: 5554927: OPEN /company/david/1075/Copyrec/1628448189883606-203-17184805327-out-08-08-21-14~43~10-203.mp3 (f70b1cd6-745a-4ea6-b0a5-1fcfef960f15), client: CTX_ID:8f69363a-f0f4-44e1-84e9-69dfa77a8164-GRAPH_ID:0-PID:2657-HOST:gfs1.company.com-PC_NAME:gvol0-client-0-RECON_NO:-0, error-xlator: gvol0-access-control [Permission denied] -- David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782________ Community Meeting Calendar: Schedule - Every 2nd and 4th Tuesday at 14:30 IST / 09:00 UTC Bridge: https://meet.google.com/cpu-eiue-hvk Gluster-users mailing list Gluster-users at gluster.org https://lists.gluster.org/mailman/listinfo/gluster-users ________ Community Meeting Calendar: Schedule - Every 2nd and 4th Tuesday at 14:30 IST / 09:00 UTC Bridge: https://meet.google.com/cpu-eiue-hvk Gluster-users mailing list Gluster-users at gluster.org https://lists.gluster.org/mailman/listinfo/gluster-users -- David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.gluster.org/pipermail/gluster-users/attachments/20210811/90d029c6/attachment.html>
David Cunningham
2021-Aug-11 09:07 UTC
[Gluster-users] Permission denied closing file when accessing GlusterFS via NFS
Hi Strahil, Yes, on the NFS server (which is also the GlusterFS node), the user which the NFS export uses can write to the GlusterFS FUSE client mount without any errors. Thanks. On Wed, 11 Aug 2021 at 14:21, Strahil Nikolov <hunter86_bg at yahoo.com> wrote:> And on the NFS server the user can write into the FUSE, right? > > Best Regards, > Strahil Nikolov > > On Wed, Aug 11, 2021 at 0:24, David Cunningham > <dcunningham at voisonics.com> wrote: > Hi Strahil and Gilberto, > > Thanks very much for your replies. SELinux is disabled on the NFS server > (and the client too), and both have the same UID and GID for the user who > owns the files. > > On the NFS mount we had options "rw,noatime,hard,bg,intr,vers=4". I added > "async" which did not solve the problem, and the NFS client mount gave an > error when trying to use "no_root_squash" or "no_subtree_check". Gilberto, > is there a specific reason why you suggested those options? > > Thanks again. > > > On Wed, 11 Aug 2021 at 03:55, Gilberto Ferreira < > gilberto.nunes32 at gmail.com> wrote: > > HOw about the NFS options? > (rw,async,no_root_squash,no_subtree_check) > --- > Gilberto Nunes Ferreira > (47) 99676-7530 - Whatsapp / Telegram > > > > > > > Em ter., 10 de ago. de 2021 ?s 12:46, Strahil Nikolov < > hunter86_bg at yahoo.com> escreveu: > > Hey David, > > can you give the volume info ? > > Also, I assume SELINUX is in permissive/disabled state. > > What about the uod of the user on the nfs client and the nfs server ? Is > it the same ? > > Best Regards, > Strahil Nikolov > > On Tue, Aug 10, 2021 at 5:52, David Cunningham > <dcunningham at voisonics.com> wrote: > Hello, > > We have a GlusterFS node which also uses the FUSE client to mount the > filesystem. The same GlusterFS node server also runs an NFS server which > exports the FUSE client mount, and another machine NFS mounts it. > > When the NFS client writes data to the mounted filesystem we are seeing > "Permission denied" errors like this: > > cp: closing > `/var/lib/gfs/company/david/1075/Copyrec/1628448189883606-203-17184805327-out-08-08-21-14~43~10-203.mp3': > Permission denied > > The file mentioned in the error is actually created on the GlusterFS > filesystem, but has zero size, so the problem is not a normal Linux > filesystem permission one. > > In the brick log nodirectwritedata-gluster-gvol0.log on the GlusterFS node > we see an error as follows. Would anyone have a suggestion on what the > problem might be? Thank you in advance! > > [2021-08-10 02:30:20.359159] I [MSGID: 139001] > [posix-acl.c:262:posix_acl_log_permit_denied] 0-gvol0-access-control: > client: > CTX_ID:8f69363a-f0f4-44e1-84e9-69dfa77a8164-GRAPH_ID:0-PID:2657-HOST:gfs1.company.com-PC_NAME:gvol0-client-0-RECON_NO:-0, > gfid: f70b1cd6-745a-4ea6-b0a5-1fcfef960f15, > req(uid:106,gid:111,perm:2,ngrps:0), > ctx(uid:106,gid:111,in-groups:1,perm:000,updated-fop:SETATTR, acl:-) > [Permission denied] > [2021-08-10 02:30:20.359187] E [MSGID: 115070] > [server-rpc-fops_v2.c:1502:server4_open_cbk] 0-gvol0-server: 5554927: OPEN > /company/david/1075/Copyrec/1628448189883606-203-17184805327-out-08-08-21-14~43~10-203.mp3 > (f70b1cd6-745a-4ea6-b0a5-1fcfef960f15), client: > CTX_ID:8f69363a-f0f4-44e1-84e9-69dfa77a8164-GRAPH_ID:0-PID:2657-HOST:gfs1.company.com-PC_NAME:gvol0-client-0-RECON_NO:-0, > error-xlator: gvol0-access-control [Permission denied] > > -- > David Cunningham, Voisonics Limited > http://voisonics.com/ > USA: +1 213 221 1092 > New Zealand: +64 (0)28 2558 3782 > ________ > > > > Community Meeting Calendar: > > Schedule - > Every 2nd and 4th Tuesday at 14:30 IST / 09:00 UTC > Bridge: https://meet.google.com/cpu-eiue-hvk > Gluster-users mailing list > Gluster-users at gluster.org > https://lists.gluster.org/mailman/listinfo/gluster-users > > ________ > > > > Community Meeting Calendar: > > Schedule - > Every 2nd and 4th Tuesday at 14:30 IST / 09:00 UTC > Bridge: https://meet.google.com/cpu-eiue-hvk > Gluster-users mailing list > Gluster-users at gluster.org > https://lists.gluster.org/mailman/listinfo/gluster-users > > > > -- > David Cunningham, Voisonics Limited > http://voisonics.com/ > USA: +1 213 221 1092 > New Zealand: +64 (0)28 2558 3782 > >-- David Cunningham, Voisonics Limited http://voisonics.com/ USA: +1 213 221 1092 New Zealand: +64 (0)28 2558 3782 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.gluster.org/pipermail/gluster-users/attachments/20210811/1f0cb892/attachment.html>