From 03780d066ae7c78b969e2316dbde85e4ca0fcb85 Mon Sep 17 00:00:00 2001 From: Rajesh Joseph Date: Fri, 31 May 2013 18:17:21 +0530 Subject: nfs: AUTH support for exported sub-directories Problem: NFS allows exporting subdirectories but there is not support for providing AUTH on per directory basis. Fix: Modified nfs.export-dir to include AUTH parameters e.g. nfs.export-dir "/dir1(10.1.1.2),/dir2(10.1.1.0/24|host1) During mount operation NFS will check if the IP from where the connection is made is configured in the AUTH parameter, else the mount operation will fail with EACCES error. Updated admin-guide and volume set help message. Change-Id: I5c6d22edb168b4f46376d1cd6878cd065fc081cc BUG: 968227 Signed-off-by: Rajesh Joseph Reviewed-on: http://review.gluster.org/5124 Tested-by: Gluster Build System Reviewed-by: Vijay Bellur --- tests/bugs/bug-904300.t | 61 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+) create mode 100755 tests/bugs/bug-904300.t (limited to 'tests/bugs/bug-904300.t') diff --git a/tests/bugs/bug-904300.t b/tests/bugs/bug-904300.t new file mode 100755 index 000000000..4276ee229 --- /dev/null +++ b/tests/bugs/bug-904300.t @@ -0,0 +1,61 @@ +#!/bin/bash + +. $(dirname $0)/../include.rc +. $(dirname $0)/../nfs.rc + +cleanup; + +# 1-8 +TEST glusterd +TEST pidof glusterd + +TEST $CLI volume create $V0 $H0:$B0/$V0; +TEST $CLI volume start $V0 +EXPECT_WITHIN 20 1 is_nfs_export_available + +TEST mount -t nfs -o vers=3,nolock,soft,intr $H0:/$V0 $N0 +TEST mkdir $N0/dir1 +TEST umount $N0 + +# +# Case 1: Allow "dir1" to be mounted only from 127.0.0.1 +# 9-12 +TEST $CLI volume set $V0 export-dir \""/dir1(127.0.0.1)"\" +EXPECT_WITHIN 20 2 is_nfs_export_available + +TEST mount -t nfs -o vers=3,nolock,soft,intr localhost:/$V0/dir1 $N0 +TEST umount $N0 + +# +# Case 2: Allow "dir1" to be mounted only from 8.8.8.8. This is +# a negative test case therefore the mount should fail. +# 13-16 +TEST $CLI volume set $V0 export-dir \""/dir1(8.8.8.8)"\" +EXPECT_WITHIN 20 2 is_nfs_export_available + +TEST ! mount -t nfs -o vers=3,nolock,soft,intr $H0:/$V0/dir1 $N0 +TEST ! umount $N0 + + +# Case 3: Variation of test case1. Here we are checking with hostname +# instead of ip address. +# 17-20 +TEST $CLI volume set $V0 export-dir \""/dir1($H0)"\" +EXPECT_WITHIN 20 2 is_nfs_export_available + +TEST mount -t nfs -o vers=3,nolock,soft,intr $H0:/$V0/dir1 $N0 +TEST umount $N0 + +# Case 4: Variation of test case1. Here we are checking with IP range +# 21-24 +TEST $CLI volume set $V0 export-dir \""/dir1(127.0.0.0/24)"\" +EXPECT_WITHIN 20 2 is_nfs_export_available + +TEST mount -t nfs -o vers=3,nolock,soft,intr localhost:/$V0/dir1 $N0 +TEST umount $N0 + +## Finish up +TEST $CLI volume stop $V0; +TEST $CLI volume delete $V0; + +cleanup; -- cgit