Displaying 2 results from an estimated 2 matches for "operationsus".
Did you mean:
operations's
2017 Sep 22
0
Restrict root clients / experimental patch
...certificate. The bricks could possibly do an ldap lookup in order to
> retrieve and cache the groups for an uid.
> * Clients obviously can't modify their certificates because they are
> signed by CA
>
> What do you think of this implementation, is it safe?
> Do all client operationsuse auth_glusterfs_v2_authenticate or did I miss
> other codepaths?
>
> Thanks!
>
> Pierre Carru
> eshard
>
> PS: By the way I found the source code very clean and well organized,
> nice job :)
>
>
> _______________________________________________
> Gluste...
2017 Sep 21
2
Restrict root clients / experimental patch
Hi All,
I would like to use glusterfs in an environment where storage servers are
managed by an IT service - myself :) - and several users in the
organization can mount the distributed fs. The users are root on their
machines.
As far as I know about glusterfs, a root client user may impersonate any
uid/gid since it provides its uid/gid itself when it talks to the bricks
(like nfsv3).
The thing