diff options
author | Rajesh Joseph <rjoseph@redhat.com> | 2013-05-31 18:17:21 +0530 |
---|---|---|
committer | Vijay Bellur <vbellur@redhat.com> | 2013-07-09 22:55:12 -0700 |
commit | 03780d066ae7c78b969e2316dbde85e4ca0fcb85 (patch) | |
tree | 8e718d39d23e067a87fcb59539a07f7135f2e8cd /doc | |
parent | 60bdca792b7e572b4d79382dada1c6b93bebdd0e (diff) |
nfs: AUTH support for exported sub-directories
Problem: NFS allows exporting subdirectories but there is not support for
providing AUTH on per directory basis.
Fix: Modified nfs.export-dir to include AUTH parameters
e.g. nfs.export-dir "/dir1(10.1.1.2),/dir2(10.1.1.0/24|host1)
During mount operation NFS will check if the IP from where the connection is made
is configured in the AUTH parameter, else the mount operation will fail with
EACCES error.
Updated admin-guide and volume set help message.
Change-Id: I5c6d22edb168b4f46376d1cd6878cd065fc081cc
BUG: 968227
Signed-off-by: Rajesh Joseph <rjoseph@redhat.com>
Reviewed-on: http://review.gluster.org/5124
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/admin-guide/en-US/markdown/admin_managing_volumes.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/admin-guide/en-US/markdown/admin_managing_volumes.md b/doc/admin-guide/en-US/markdown/admin_managing_volumes.md index dd8ed471015..6c06e27a0a2 100644 --- a/doc/admin-guide/en-US/markdown/admin_managing_volumes.md +++ b/doc/admin-guide/en-US/markdown/admin_managing_volumes.md @@ -112,7 +112,7 @@ To tune volume options nfs.trusted-sync All writes and COMMIT requests are treated as async. This implies that no write requests are guaranteed to be on server disks when the write reply is received at the NFS client. Trusted sync includes trusted-write behavior. off On | Off - nfs.export-dir By default, all sub-volumes of NFS are exported as individual exports. Now, this option allows you to export only the specified subdirectory or subdirectories in the volume. This option can also be used in conjunction with nfs3.export-volumes option to restrict exports only to the subdirectories specified through this option. You must provide an absolute path. Enabled for all sub directories. Enable | Disable + nfs.export-dir This option can be used to export specified comma separated subdirectories in the volume. The path must be an absolute path. Along with path allowed list of IPs/hostname can be associated with each subdirectory. If provided connection will allowed only from these IPs. Format: \<dir\>[(hostspec[|hostspec|...])][,...]. Where hostspec can be an IP address, hostname or an IP range in CIDR notation. **Note**: Care must be taken while configuring this option as invalid entries and/or unreachable DNS servers can introduce unwanted delay in all the mount calls. No sub directory exported. Absolute path with allowed list of IP/hostname. nfs.export-volumes Enable/Disable exporting entire volumes, instead if used in conjunction with nfs3.export-dir, can allow setting up only subdirectories as exports. on On | Off |