From 28209283a67f13802cc0c1d3df07c676926810a2 Mon Sep 17 00:00:00 2001 From: Raghavendra Bhat Date: Fri, 19 Apr 2013 12:27:03 +0530 Subject: protocol/server: do not do root-squashing for trusted clients * As of now clients mounting within the storage pool using that machine's ip/hostname are trusted clients (i.e clients local to the glusterd). * Be careful when the request itself comes in as nfsnobody (ex: posix tests). So move the squashing part to protocol/server when it creates a new frame for the request, instead of auth part of rpc layer. * For nfs servers do root-squashing without checking if it is trusted client, as all the nfs servers would be running within the storage pool, hence will be trusted clients for the bricks. * Provide one more option for mounting which actually says root-squash should/should not happen. This value is given priority only for the trusted clients. For non trusted clients, the volume option takes the priority. But for trusted clients if root-squash should not happen, then they have to be mounted with root-squash=no option. (This is done because by default blocking root-squashing for the trusted clients will cause problems for smb and UFO clients for which the requests have to be squashed if the option is enabled). * For geo-replication and defrag clients do not do root-squashing. * Introduce a new option in open-behind for doing read after successful open. Change-Id: I8a8359840313dffc34824f3ea80a9c48375067f0 BUG: 954057 Signed-off-by: Raghavendra Bhat Reviewed-on: http://review.gluster.org/4863 Tested-by: Gluster Build System Reviewed-by: Vijay Bellur --- libglusterfs/src/client_t.h | 2 ++ libglusterfs/src/common-utils.h | 1 + libglusterfs/src/glusterfs.h | 7 ++++--- 3 files changed, 7 insertions(+), 3 deletions(-) (limited to 'libglusterfs') diff --git a/libglusterfs/src/client_t.h b/libglusterfs/src/client_t.h index 548081896c0..4113b9da96c 100644 --- a/libglusterfs/src/client_t.h +++ b/libglusterfs/src/client_t.h @@ -44,6 +44,8 @@ typedef struct _client_t { int flavour; size_t len; char *data; + char *username; + char *passwd; } auth; } client_t; diff --git a/libglusterfs/src/common-utils.h b/libglusterfs/src/common-utils.h index 6f8436fcba0..e3b019b9e85 100644 --- a/libglusterfs/src/common-utils.h +++ b/libglusterfs/src/common-utils.h @@ -106,6 +106,7 @@ enum _gf_client_pid GF_CLIENT_PID_GSYNCD = -1, GF_CLIENT_PID_HADOOP = -2, GF_CLIENT_PID_DEFRAG = -3, + GF_CLIENT_PID_NO_ROOT_SQUASH = -4, }; typedef enum _gf_boolean gf_boolean_t; diff --git a/libglusterfs/src/glusterfs.h b/libglusterfs/src/glusterfs.h index 09b26ecf331..31c46b74efc 100644 --- a/libglusterfs/src/glusterfs.h +++ b/libglusterfs/src/glusterfs.h @@ -364,9 +364,10 @@ struct _cmd_args { int aux_gfid_mount; struct list_head xlator_options; /* list of xlator_option_t */ - /* fuse options */ - int fuse_direct_io_mode; - char *use_readdirp; + /* fuse options */ + int fuse_direct_io_mode; + char *use_readdirp; + int no_root_squash; int volfile_check; double fuse_entry_timeout; double fuse_negative_timeout; -- cgit