diff options
| author | Amar Tumballi <amar@kadalu.io> | 2020-04-21 22:23:47 +0530 |
|---|---|---|
| committer | Amar Tumballi <amar@kadalu.io> | 2020-06-17 17:25:39 +0000 |
| commit | 9c17cd3b9ca2e44b272b7061de6990dba1ca6937 (patch) | |
| tree | 09b0f7804aa3cc376aabf08fc247c0e053f5e39a | |
| parent | c325082370b2588e267d04f2a9c1a8dd0a9ba878 (diff) | |
volgen: add an option to disable acl
Also add a message saying this is to be used only
for 'debug' purpose only. This is helpful to corner the
issue to acl. There were recently many issues reported
related to permissions, and acl access denied bugs.
The bugs were elsewhere, but to validate them and to
get people back to service (in certain cases like oVirt,
where gluster volumes are used mostly by single user),
this option can be used.
Updates: #876
Change-Id: I7be4401153607e11c9efb831ab794df4176604df
Signed-off-by: Amar Tumballi <amar@kadalu.io>
| -rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-volgen.c | 17 | ||||
| -rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-volume-set.c | 11 |
2 files changed, 26 insertions, 2 deletions
diff --git a/xlators/mgmt/glusterd/src/glusterd-volgen.c b/xlators/mgmt/glusterd/src/glusterd-volgen.c index a085a0ff8d6..91b8bed57c9 100644 --- a/xlators/mgmt/glusterd/src/glusterd-volgen.c +++ b/xlators/mgmt/glusterd/src/glusterd-volgen.c @@ -1869,10 +1869,23 @@ brick_graph_add_acl(volgen_graph_t *graph, glusterd_volinfo_t *volinfo, if (!graph || !volinfo || !set_dict) goto out; - xl = volgen_graph_add(graph, "features/access-control", volinfo->volname); - if (!xl) + ret = dict_get_str_boolean(set_dict, "features.acl", 1); + if (!ret) { + /* Skip creating this volume if option is disabled */ + /* By default, this is 'true' */ goto out; + } else if (ret < 0) { + /* lets not treat this as error, as this option is not critical, + and implemented for debug help */ + gf_log(THIS->name, GF_LOG_INFO, + "failed to get 'features.acl' flag from dict"); + } + xl = volgen_graph_add(graph, "features/access-control", volinfo->volname); + if (!xl) { + ret = -1; + goto out; + } ret = 0; out: return ret; diff --git a/xlators/mgmt/glusterd/src/glusterd-volume-set.c b/xlators/mgmt/glusterd/src/glusterd-volume-set.c index 2fa907ccff5..56805e3b23b 100644 --- a/xlators/mgmt/glusterd/src/glusterd-volume-set.c +++ b/xlators/mgmt/glusterd/src/glusterd-volume-set.c @@ -3128,4 +3128,15 @@ struct volopt_map_entry glusterd_volopt_map[] = { .voltype = "features/cloudsync", .op_version = GD_OP_VERSION_7_0, .flags = VOLOPT_FLAG_CLIENT_OPT}, + { + .key = "features.acl", + .voltype = "features/access-control", + .value = "enable", + .option = "!features", + .op_version = GD_OP_VERSION_8_0, + .description = "(WARNING: for debug purpose only) enable/disable " + "access-control xlator in volume", + .type = NO_DOC, + }, + {.key = NULL}}; |