summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRajesh Amaravathi <rajesh@redhat.com>2013-06-03 16:44:21 +0530
committerAnand Avati <avati@redhat.com>2013-06-15 22:32:18 -0700
commitd6e5c6d8c489063df5aca8998903e11afee8439d (patch)
tree313f497949e456ef809c4c3e37d40cd3ba8c0c67
parentf857def7631f660b3e6574c58debdd4d37731f4f (diff)
nfs: option to disable acl
1. Option to disable or enable acl with nfs.acl boolean option. 2. Deregister the acl service with the portmapper service when no longer required. Change-Id: I6562b6b40138d040aa2bf1e5641f4c0e0e9f9d09 BUG: 970070 Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com> Reviewed-on: http://review.gluster.org/5136 Reviewed-by: Rajesh Joseph <rjoseph@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
-rwxr-xr-xtests/bugs/bug-970070.t14
-rw-r--r--xlators/mgmt/glusterd/src/glusterd-utils.c7
-rw-r--r--xlators/mgmt/glusterd/src/glusterd-volume-set.c6
-rw-r--r--xlators/nfs/server/src/nfs.c25
-rw-r--r--xlators/nfs/server/src/nfs.h1
5 files changed, 47 insertions, 6 deletions
diff --git a/tests/bugs/bug-970070.t b/tests/bugs/bug-970070.t
new file mode 100755
index 00000000000..da28b1ed7ba
--- /dev/null
+++ b/tests/bugs/bug-970070.t
@@ -0,0 +1,14 @@
+#!/bin/bash
+# TEST the nfs.acl option
+. $(dirname $0)/../include.rc
+
+cleanup
+TEST glusterd
+TEST pidof glusterd
+
+TEST $CLI volume create $V0 $H0:$B0/$V0
+TEST $CLI volume start $V0
+sleep 5
+TEST $CLI volume set $V0 nfs.acl off
+TEST $CLI volume set $V0 nfs.acl on
+cleanup
diff --git a/xlators/mgmt/glusterd/src/glusterd-utils.c b/xlators/mgmt/glusterd/src/glusterd-utils.c
index ea5799ae632..a732d28d0d5 100644
--- a/xlators/mgmt/glusterd/src/glusterd-utils.c
+++ b/xlators/mgmt/glusterd/src/glusterd-utils.c
@@ -70,6 +70,9 @@
#define NLMV4_VERSION 4
#define NLMV1_VERSION 1
+#define ACL_PROGRAM 100227
+#define ACLV3_VERSION 3
+
#define CEILING_POS(X) (((X)-(int)(X)) > 0 ? (int)((X)+1) : (int)(X))
static glusterd_lock_t lock;
@@ -3677,6 +3680,10 @@ glusterd_nfs_pmap_deregister ()
else
gf_log ("", GF_LOG_ERROR, "De-registration of NLM v1 failed");
+ if (pmap_unset (ACL_PROGRAM, ACLV3_VERSION))
+ gf_log ("", GF_LOG_INFO, "De-registered ACL v3 successfully");
+ else
+ gf_log ("", GF_LOG_ERROR, "De-registration of ACL v3 failed");
}
int
diff --git a/xlators/mgmt/glusterd/src/glusterd-volume-set.c b/xlators/mgmt/glusterd/src/glusterd-volume-set.c
index 6d1715bc834..f112ccfc298 100644
--- a/xlators/mgmt/glusterd/src/glusterd-volume-set.c
+++ b/xlators/mgmt/glusterd/src/glusterd-volume-set.c
@@ -1146,6 +1146,12 @@ struct volopt_map_entry glusterd_volopt_map[] = {
.type = GLOBAL_DOC,
.op_version = 1
},
+ { .key = "nfs.acl",
+ .voltype = "nfs/server",
+ .option = "nfs.acl",
+ .type = GLOBAL_DOC,
+ .op_version = 2
+ },
{ .key = "nfs.mount-udp",
.voltype = "nfs/server",
.option = "nfs.mount-udp",
diff --git a/xlators/nfs/server/src/nfs.c b/xlators/nfs/server/src/nfs.c
index 8bb3fccf235..7b36d59e82a 100644
--- a/xlators/nfs/server/src/nfs.c
+++ b/xlators/nfs/server/src/nfs.c
@@ -190,11 +190,13 @@ nfs_add_all_initiators (struct nfs_state *nfs)
}
}
- ret = nfs_add_initer (&nfs->versions, acl3svc_init);
- if (ret == -1) {
- gf_log (GF_NFS, GF_LOG_ERROR, "Failed to add protocol"
- " initializer");
- goto ret;
+ if (nfs->enable_acl == _gf_true) {
+ ret = nfs_add_initer (&nfs->versions, acl3svc_init);
+ if (ret == -1) {
+ gf_log (GF_NFS, GF_LOG_ERROR, "Failed to add "
+ "ACL protocol initializer");
+ goto ret;
+ }
}
ret = 0;
@@ -604,6 +606,13 @@ nfs_init_state (xlator_t *this)
}
}
+ nfs->enable_acl = _gf_true;
+ ret = dict_get_str_boolean (this->options, "nfs.acl", _gf_true);
+ if (ret == _gf_false) {
+ gf_log (GF_NFS, GF_LOG_INFO, "ACL is manually disabled");
+ nfs->enable_acl = _gf_false;
+ }
+
nfs->enable_ino32 = 0;
if (dict_get (this->options, "nfs.enable-ino32")) {
ret = dict_get_str (this->options, "nfs.enable-ino32",
@@ -1300,7 +1309,11 @@ struct volume_options options[] = {
.description = "Number of seconds to cache auxiliary-GID data, when "
OPT_SERVER_AUX_GIDS " is set."
},
-
+ { .key = {"nfs.acl"},
+ .type = GF_OPTION_TYPE_BOOL,
+ .default_value = "on",
+ .description = "This option is used to control ACL support for NFS."
+ },
{ .key = {NULL} },
};
diff --git a/xlators/nfs/server/src/nfs.h b/xlators/nfs/server/src/nfs.h
index 7d5163dfe0e..936d929be94 100644
--- a/xlators/nfs/server/src/nfs.h
+++ b/xlators/nfs/server/src/nfs.h
@@ -86,6 +86,7 @@ struct nfs_state {
unsigned int override_portnum;
int allow_insecure;
int enable_nlm;
+ int enable_acl;
int mount_udp;
struct rpc_clnt *rpc_clnt;
gf_boolean_t server_aux_gids;