glusterfs.git/xlators/mgmt, branch release-4.0 server/auth: add option for strict authentication 2018-04-24T12:52:25+00:00 Mohammed Rafi KC rkavunga@redhat.com 2018-04-02T06:50:47+00:00 92cc124298c068942ba049c2ccaa95b8c5b5294d When this option is enabled, we will check for a matching username and password, if not found then the connection will be rejected. This also does a checksum validation of volfile The option is invalid when SSL/TLS is in use, at which point the SSL/TLS certificate user name is used to validate and hence authorize the right user. This expects TLS allow rules to be setup correctly rather than the default *. This option is not settable, as a result this cannot be enabled for volumes using the CLI. This is used with the shared storage volume, to restrict access to the same in non-SSL/TLS environments to the gluster peers only. Tested: ./tests/bugs/protocol/bug-1321578.t ./tests/features/ssl-authz.t - Ran tests on volumes with and without strict auth checking (as brick vol file needed to be edited to test, or rather to enable the option) - Ran tests on volumes to ensure existing mounts are disconnected when we enable strict checking Change-Id: I2ac4f0cfa5b59cc789cc5a265358389b04556b59 fixes: bz#1570432 Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com> Signed-off-by: ShyamsundarR <srangana@redhat.com> 
When this option is enabled, we will check for a matching
username and password, if not found then the connection will
be rejected. This also does a checksum validation of volfile

The option is invalid when SSL/TLS is in use, at which point
the SSL/TLS certificate user name is used to validate and
hence authorize the right user. This expects TLS allow rules
to be setup correctly rather than the default *.

This option is not settable, as a result this cannot be enabled
for volumes using the CLI. This is used with the shared storage
volume, to restrict access to the same in non-SSL/TLS environments
to the gluster peers only.

Tested:
  ./tests/bugs/protocol/bug-1321578.t
  ./tests/features/ssl-authz.t
  - Ran tests on volumes with and without strict auth
    checking (as brick vol file needed to be edited to test,
    or rather to enable the option)
  - Ran tests on volumes to ensure existing mounts are
    disconnected when we enable strict checking

Change-Id: I2ac4f0cfa5b59cc789cc5a265358389b04556b59
fixes: bz#1570432
Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
Signed-off-by: ShyamsundarR <srangana@redhat.com>
shared storage: Prevent mounting shared storage from non-trusted client 2018-04-24T12:52:25+00:00 Mohammed Rafi KC rkavunga@redhat.com 2018-03-26T14:57:34+00:00 fa8e792ac3ee4b30768a3b4b1e303d8fb083eb7a gluster shared storage is a volume used for internal storage for various features including ganesha, geo-rep, snapshot. So this volume should not be exposed to the client, as it is a special volume for internal use. This fix wont't generate non trusted volfile for shared storage volume. Change-Id: I8ffe30ae99ec05196d75466210b84db311611a4c updates: bz#1570432 Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com> 
gluster shared storage is a volume used for internal storage for
various features including ganesha, geo-rep, snapshot.

So this volume should not be exposed to the client, as it is
a special volume for internal use.

This fix wont't generate non trusted volfile for shared storage volume.

Change-Id: I8ffe30ae99ec05196d75466210b84db311611a4c
updates: bz#1570432
Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
glusterd: volume get fixes for client-io-threads & quorum-type 2018-03-16T13:39:18+00:00 Ravishankar N ravishankar@redhat.com 2018-02-14T06:45:53+00:00 721ba8f8075a6a5696f165282f1ef5742c1f4a46 1. If a replica volume created on glusterfs-3.8 was upgraded to glusterfs-3.12, `gluster vol get volname client-io-threads` displayed 'on' even though it wasn't and the xlator wasn't loaded on the client-graph. This was due to removing certain checks in glusterd_get_default_val_for_volopt as a part of commit 47604fad4c2a3951077e41e0c007ceb979bb2c24. Fix it. 2. Also, as a part of op-version bump-up, client-io-threads was being loaded on the clients during volfile regeneration. Prevent it. 3. AFR assumes quorum-type to be auto in newly created replic 3 (odd replica in general) volumes but `gluster vol get quorum-type` displays 'none'. Fix it. Change-Id: I19e586361ed1065c70fb378533d3b4dac1095df9 BUG: 1552404 Signed-off-by: Ravishankar N <ravishankar@redhat.com> (cherry picked from commit bd2c45fe3180fe36b042d5eabd348b6eaeb8d3e2) 
1. If a replica volume created on glusterfs-3.8 was upgraded to
glusterfs-3.12, `gluster vol get volname client-io-threads` displayed
'on' even though it wasn't and the xlator wasn't loaded on
the client-graph. This was due to removing certain checks in
glusterd_get_default_val_for_volopt as a part of commit
47604fad4c2a3951077e41e0c007ceb979bb2c24. Fix it.

2. Also, as a part of op-version bump-up, client-io-threads was being
loaded on the clients  during volfile regeneration. Prevent it.

3. AFR assumes quorum-type to be auto in newly created replic 3 (odd
replica in general) volumes but `gluster vol get quorum-type` displays
'none'. Fix it.

Change-Id: I19e586361ed1065c70fb378533d3b4dac1095df9
BUG: 1552404
Signed-off-by: Ravishankar N <ravishankar@redhat.com>
(cherry picked from commit bd2c45fe3180fe36b042d5eabd348b6eaeb8d3e2)
build: add --without-server option 2018-02-21T18:08:14+00:00 Niels de Vos ndevos@redhat.com 2018-01-31T15:38:34+00:00 4c0c5ecb6ba3f16aa56987916a7682eaed211a37 With Gluster 4.0 we will not provide the server components for EL6 and older. At one point Gluster 4.x will get GlusterD2, which requires Golang tools in the distribution. EL6 does not contain these at the moment. With this change, it is possible to `./configure --without-server` which prevents building glusterd and the xlators for the bricks. Building RPMs can pass `--without server` and the glusterfs-server sub-package will not be created. Change-Id: I97f5ccf9f2c76e60d9af83915fc59fae57ad6d25 BUG: 1547635 Signed-off-by: Niels de Vos <ndevos@redhat.com> 
With Gluster 4.0 we will not provide the server components for EL6 and
older. At one point Gluster 4.x will get GlusterD2, which requires
Golang tools in the distribution. EL6 does not contain these at the
moment.

With this change, it is possible to `./configure --without-server` which
prevents building glusterd and the xlators for the bricks. Building RPMs
can pass `--without server` and the glusterfs-server sub-package will
not be created.

Change-Id: I97f5ccf9f2c76e60d9af83915fc59fae57ad6d25
BUG: 1547635
Signed-off-by: Niels de Vos <ndevos@redhat.com>
glusterd: import volumes in separate synctask 2018-02-21T15:35:15+00:00 Atin Mukherjee amukherj@redhat.com 2018-02-08T03:39:00+00:00 9b2995426ea206df9a4d8f14bbdb8e8baf73d91b With brick multiplexing, to attach a brick to an existing brick process the prerequisite is to have the compatible brick to finish it's initialization and portmap sign in and hence the thread might have to go to a sleep and context switch the synctask to allow the brick process to communicate with glusterd. In normal code path, this works fine as glusterd_restart_bricks () is launched through a separate synctask. In case there's a mismatch of the volume when glusterd restarts, glusterd_import_friend_volume is invoked and then it tries to call glusterd_start_bricks () from the main thread which eventually may land into the similar situation. Now since this is not done through a separate synctask, the 1st brick will never be able to get its turn to finish all of its handshaking and as a consequence to it, all the bricks will fail to get attached to it. Solution : Execute import volume and glusterd restart bricks in separate synctask. Importing snaps had to be also done through synctask as there's a dependency of the parent volume need to be available for the importing snap functionality to work. >mainline patch : https://review.gluster.org/#/c/19357/ https://review.gluster.org/#/c/19536/ https://review.gluster.org/#/c/19539/ Change-Id: I290b244d456afcc9b913ab30be4af040d340428c BUG: 1543706 Signed-off-by: Atin Mukherjee <amukherj@redhat.com> (cherry picked from commit cb0339f9229fc5c05d7ef4cfcc4ca9c4569f3755) 
With brick multiplexing, to attach a brick to an existing brick process
the prerequisite is to have the compatible brick to finish it's
initialization and portmap sign in and hence the thread might have to go
to a sleep and context switch the synctask to allow the brick process to
communicate with glusterd. In normal code path, this works fine as
glusterd_restart_bricks () is launched through a separate synctask.

In case there's a mismatch of the volume when glusterd restarts,
glusterd_import_friend_volume is invoked and then it tries to call
glusterd_start_bricks () from the main thread which eventually may land
into the similar situation. Now since this is not done through a
separate synctask, the 1st brick will never be able to get its turn to
finish all of its handshaking and as a consequence to it, all the bricks
will fail to get attached to it.

Solution : Execute import volume and glusterd restart bricks in separate
synctask. Importing snaps had to be also done through synctask as
there's a dependency of the parent volume need to be available for the
importing snap functionality to work.

>mainline patch : https://review.gluster.org/#/c/19357/
                  https://review.gluster.org/#/c/19536/
                  https://review.gluster.org/#/c/19539/

Change-Id: I290b244d456afcc9b913ab30be4af040d340428c
BUG: 1543706
Signed-off-by: Atin Mukherjee <amukherj@redhat.com>
(cherry picked from commit cb0339f9229fc5c05d7ef4cfcc4ca9c4569f3755)
posix/afr: handle backward compatibility for rchecksum fop 2018-02-20T03:12:02+00:00 Ravishankar N ravishankar@redhat.com 2018-02-11T01:24:35+00:00 325d714e40b273b99a63f58a4c6c83b7f1143ee5 Added a volume option 'fips-mode-rchecksum' tied to op version 4. If not set, rchecksum fop will use MD5 instead of SHA256. updates: #230 Change-Id: Id8ea1303777e6450852c0bc25503cda341a6aec2 Signed-off-by: Ravishankar N <ravishankar@redhat.com> (cherry picked from commit 6daa6535692b2c68b493636a9bbfdcbc475b3d80) 
Added a volume option 'fips-mode-rchecksum' tied to op version 4.
If not set, rchecksum fop will use MD5 instead of SHA256.

updates: #230
Change-Id: Id8ea1303777e6450852c0bc25503cda341a6aec2
Signed-off-by: Ravishankar N <ravishankar@redhat.com>
(cherry picked from commit 6daa6535692b2c68b493636a9bbfdcbc475b3d80)
glusterd: fix tier-enabled flag op-version check 2018-02-15T14:08:27+00:00 Atin Mukherjee amukherj@redhat.com 2018-02-13T02:36:24+00:00 ff23cba5d8bd1989e0d45680dc78d6c65d5f4020 tier-enabled flag in volinfo structure was introduced in 3.10, however while writing this value to the glusterd store was done with a wrong op-version check which results into volume checksum failure during upgrades. >Change-Id: I4330d0c4594eee19cba42e2cdf49a63f106627d4 >BUG: 1544600 >Signed-off-by: Atin Mukherjee <amukherj@redhat.com> Change-Id: I4330d0c4594eee19cba42e2cdf49a63f106627d4 BUG: 1544638 Signed-off-by: hari gowtham <hgowtham@redhat.com> 
tier-enabled flag in volinfo structure was introduced in 3.10, however
while writing this value to the glusterd store was done with a wrong
op-version check which results into volume checksum failure during upgrades.

>Change-Id: I4330d0c4594eee19cba42e2cdf49a63f106627d4
>BUG: 1544600
>Signed-off-by: Atin Mukherjee <amukherj@redhat.com>

Change-Id: I4330d0c4594eee19cba42e2cdf49a63f106627d4
BUG: 1544638
Signed-off-by: hari gowtham <hgowtham@redhat.com>
glusterd: process pmap sign in only when port is marked as free 2018-02-09T13:42:35+00:00 Atin Mukherjee amukherj@redhat.com 2018-01-22T04:19:34+00:00 3a66533c94f5b6dd78be90dee5f9fa8abceb54c9 Because of some crazy race in volume start code path because of friend handshaking with volumes with quorum enabled we might end up into a situation where glusterd would start a brick and get a disconnect and then immediately try to start the same brick instance based on another friend update request. And then if for the very first brick even if the process doesn't come up at the end sign in event gets sent and we end up having two duplicate portmap entries for the same brick. Since in brick start we mark the previous port as free, its better to consider a sign in request as no op if the corresponding port type is marked as free. >mainline patch : https://review.gluster.org/#/c/19263/ Change-Id: I995c348c7b6988956d24b06bf3f09ab64280fc32 BUG: 1543711 Signed-off-by: Atin Mukherjee <amukherj@redhat.com> (cherry picked from commit 9d708a3739c8201d23f996c413d6b08f8b13dd90) 
Because of some crazy race in volume start code path because of friend
handshaking with volumes with quorum enabled we might end up into a situation
where glusterd would start a brick and get a disconnect and then immediately try
to start the same brick instance based on another friend update request. And
then if for the very first brick even if the process doesn't come up at the end
sign in event gets sent and we end up having two duplicate portmap entries for
the same brick. Since in brick start we mark the previous port as free, its
better to consider a sign in request as no op if the corresponding port type is
marked as free.

>mainline patch : https://review.gluster.org/#/c/19263/

Change-Id: I995c348c7b6988956d24b06bf3f09ab64280fc32
BUG: 1543711
Signed-off-by: Atin Mukherjee <amukherj@redhat.com>
(cherry picked from commit 9d708a3739c8201d23f996c413d6b08f8b13dd90)
glusterd/store: handle the case of fsid being set to 0 2018-02-06T18:01:28+00:00 Amar Tumballi amarts@redhat.com 2018-02-04T04:34:29+00:00 2259e52edd1be1d52299087595eda6d04a896ab5 Generally this would happen when a system gets upgraded from an version which doesn't have fsid details, to a version with fsid values. Without this change, after upgrade, people would see reduced 'df ' output, causing lot of confusions. Debugging Credits: Nithya B <nbalacha@redhat.com> Change-Id: Id718127ddfb69553b32770b25021290bd0e7c49a BUG: 1541880 Signed-off-by: Amar Tumballi <amarts@redhat.com> 
Generally this would happen when a system gets upgraded from an
version which doesn't have fsid details, to a version with fsid
values. Without this change, after upgrade, people would see reduced
'df ' output, causing lot of confusions.

Debugging Credits: Nithya B <nbalacha@redhat.com>

Change-Id: Id718127ddfb69553b32770b25021290bd0e7c49a
BUG: 1541880
Signed-off-by: Amar Tumballi <amarts@redhat.com>
cluster/dht: avoid overwriting client writes during migration 2018-02-06T14:33:30+00:00 Susant Palai spalai@redhat.com 2018-01-18T07:36:12+00:00 a6aaf29d57274c452de057cb8d7b4bf4da0466b1 For more details on this issue see https://github.com/gluster/glusterfs/issues/308 Solution: This is a restrictive solution where a file will not be migrated if a client writes to it during the migration. This does not check if the writes from the rebalance and the client actually do overlap. If dht_writev_cbk finds that the file is being migrated (PHASE1) it will set an xattr on the destination file indicating the file was updated by a non-rebalance client. Rebalance checks if any other client has written to the dst file and aborts the file migration if it finds the xattr. updates gluster/glusterfs#308 Change-Id: I73aec28bc9dbb8da57c7425ec88c6b6af0fbc9dd Signed-off-by: Susant Palai <spalai@redhat.com> Signed-off-by: Raghavendra G <rgowdapp@redhat.com> Signed-off-by: N Balachandran <nbalacha@redhat.com> (cherry picked from commit 545a7ce6762a1b3a7b989b43a9d18b5b1b299df0) 
For more details on this issue see
https://github.com/gluster/glusterfs/issues/308

Solution:
This is a restrictive solution where a file will not be migrated
if a client writes to it during the migration. This does not
check if the writes from the rebalance and the client actually
do overlap.

If dht_writev_cbk finds that the file is being migrated (PHASE1)
it will set an xattr on the destination file indicating the file
was updated by a non-rebalance client.
Rebalance checks if any other client has written to the dst file
and aborts the file migration if it finds the xattr.

updates gluster/glusterfs#308

Change-Id: I73aec28bc9dbb8da57c7425ec88c6b6af0fbc9dd
Signed-off-by: Susant Palai <spalai@redhat.com>
Signed-off-by: Raghavendra G <rgowdapp@redhat.com>
Signed-off-by: N Balachandran <nbalacha@redhat.com>
(cherry picked from commit 545a7ce6762a1b3a7b989b43a9d18b5b1b299df0)