summaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorRajesh Joseph <rjoseph@redhat.com>2013-05-31 18:17:21 +0530
committerVijay Bellur <vbellur@redhat.com>2013-07-09 22:55:12 -0700
commit03780d066ae7c78b969e2316dbde85e4ca0fcb85 (patch)
tree8e718d39d23e067a87fcb59539a07f7135f2e8cd /doc
parent60bdca792b7e572b4d79382dada1c6b93bebdd0e (diff)
nfs: AUTH support for exported sub-directories
Problem: NFS allows exporting subdirectories but there is not support for providing AUTH on per directory basis. Fix: Modified nfs.export-dir to include AUTH parameters e.g. nfs.export-dir "/dir1(10.1.1.2),/dir2(10.1.1.0/24|host1) During mount operation NFS will check if the IP from where the connection is made is configured in the AUTH parameter, else the mount operation will fail with EACCES error. Updated admin-guide and volume set help message. Change-Id: I5c6d22edb168b4f46376d1cd6878cd065fc081cc BUG: 968227 Signed-off-by: Rajesh Joseph <rjoseph@redhat.com> Reviewed-on: http://review.gluster.org/5124 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Diffstat (limited to 'doc')
-rw-r--r--doc/admin-guide/en-US/markdown/admin_managing_volumes.md2
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/admin-guide/en-US/markdown/admin_managing_volumes.md b/doc/admin-guide/en-US/markdown/admin_managing_volumes.md
index dd8ed471015..6c06e27a0a2 100644
--- a/doc/admin-guide/en-US/markdown/admin_managing_volumes.md
+++ b/doc/admin-guide/en-US/markdown/admin_managing_volumes.md
@@ -112,7 +112,7 @@ To tune volume options
nfs.trusted-sync All writes and COMMIT requests are treated as async. This implies that no write requests are guaranteed to be on server disks when the write reply is received at the NFS client. Trusted sync includes trusted-write behavior. off On | Off
- nfs.export-dir By default, all sub-volumes of NFS are exported as individual exports. Now, this option allows you to export only the specified subdirectory or subdirectories in the volume. This option can also be used in conjunction with nfs3.export-volumes option to restrict exports only to the subdirectories specified through this option. You must provide an absolute path. Enabled for all sub directories. Enable | Disable
+ nfs.export-dir This option can be used to export specified comma separated subdirectories in the volume. The path must be an absolute path. Along with path allowed list of IPs/hostname can be associated with each subdirectory. If provided connection will allowed only from these IPs. Format: \<dir\>[(hostspec[|hostspec|...])][,...]. Where hostspec can be an IP address, hostname or an IP range in CIDR notation. **Note**: Care must be taken while configuring this option as invalid entries and/or unreachable DNS servers can introduce unwanted delay in all the mount calls. No sub directory exported. Absolute path with allowed list of IP/hostname.
nfs.export-volumes Enable/Disable exporting entire volumes, instead if used in conjunction with nfs3.export-dir, can allow setting up only subdirectories as exports. on On | Off