summaryrefslogtreecommitdiffstats
path: root/xlators/mgmt
diff options
context:
space:
mode:
authorNiels de Vos <ndevos@redhat.com>2014-05-20 16:12:03 +0200
committerNiels de Vos <ndevos@redhat.com>2014-05-23 01:34:02 -0700
commit6b624e5502193b9d57116fb341119c8468f9758f (patch)
tree53d66637db79881e4cff639d06df8b31b1664ef6 /xlators/mgmt
parent57ec16e7f6d08b9a1c07f8ece3db630b08557372 (diff)
rpc: implement server.manage-gids for group resolving on the bricks
The new volume option 'server.manage-gids' can be enabled in environments where a user belongs to more than the current absolute maximum of 93 groups. This option triggers the following behavior: 1. The AUTH_GLUSTERFS structure sent by GlusterFS clients (fuse, nfs or libgfapi) will contain only one (1) auxiliary group, instead of a full list. This reduces network usage and prevents problems in encoding the AUTH_GLUSTERFS structure which should fit in 400 bytes. 2. The single group in the RPC Calls received by the server is replaced by resolving the groups server-side. Permission checks and similar in lower xlators are applied against the full list of groups where the user belongs to, and not the single auxiliary group that the client sent. Cherry picked from commit 2fd499d148fc8865c77de8b2c73fe0b7e1737882: > BUG: 1053579 > Signed-off-by: Niels de Vos <ndevos@redhat.com> > Reviewed-on: http://review.gluster.org/7501 > Tested-by: Gluster Build System <jenkins@build.gluster.com> > Reviewed-by: Santosh Pradhan <spradhan@redhat.com> > Reviewed-by: Harshavardhana <harsha@harshavardhana.net> > Reviewed-by: Anand Avati <avati@redhat.com> Change-Id: I9e540de13e3022f8b63ff893ecba511129a47b91 BUG: 1096425 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/7830 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Santosh Pradhan <spradhan@redhat.com>
Diffstat (limited to 'xlators/mgmt')
-rw-r--r--xlators/mgmt/glusterd/src/glusterd-volgen.c11
-rw-r--r--xlators/mgmt/glusterd/src/glusterd-volume-set.c13
2 files changed, 23 insertions, 1 deletions
diff --git a/xlators/mgmt/glusterd/src/glusterd-volgen.c b/xlators/mgmt/glusterd/src/glusterd-volgen.c
index 8d7e09838a7..31af116621c 100644
--- a/xlators/mgmt/glusterd/src/glusterd-volgen.c
+++ b/xlators/mgmt/glusterd/src/glusterd-volgen.c
@@ -2583,7 +2583,16 @@ client_graph_builder (volgen_graph_t *graph, glusterd_volinfo_t *volinfo,
}
}
- ret = client_graph_set_perf_options(graph, volinfo, set_dict);
+ ret = dict_get_str_boolean (set_dict, "server.manage-gids", _gf_false);
+ if (ret != -1) {
+ ret = dict_set_str (set_dict, "client.send-gids",
+ ret ? "false" : "true");
+ if (ret)
+ gf_log (THIS->name, GF_LOG_WARNING, "changing client"
+ " protocol option failed");
+ }
+
+ ret = client_graph_set_perf_options(graph, volinfo, set_dict);
if (ret)
goto out;
diff --git a/xlators/mgmt/glusterd/src/glusterd-volume-set.c b/xlators/mgmt/glusterd/src/glusterd-volume-set.c
index 631c73ce08e..d29e5d5a20a 100644
--- a/xlators/mgmt/glusterd/src/glusterd-volume-set.c
+++ b/xlators/mgmt/glusterd/src/glusterd-volume-set.c
@@ -860,6 +860,19 @@ struct volopt_map_entry glusterd_volopt_map[] = {
.type = NO_DOC,
.op_version = 2
},
+ { .key = "server.manage-gids",
+ .voltype = "protocol/server",
+ .op_version = 4,
+ },
+ { .key = "client.send-gids",
+ .voltype = "protocol/client",
+ .type = NO_DOC,
+ .op_version = 4,
+ },
+ { .key = "server.gid-timeout",
+ .voltype = "protocol/server",
+ .op_version = 4,
+ },
/* Performance xlators enable/disbable options */
{ .key = "performance.write-behind",