diff options
author | Raghavendra Bhat <raghavendra@redhat.com> | 2013-04-19 12:27:03 +0530 |
---|---|---|
committer | Vijay Bellur <vbellur@redhat.com> | 2014-02-10 23:32:05 -0800 |
commit | 28209283a67f13802cc0c1d3df07c676926810a2 (patch) | |
tree | 5cf62085fa1a4bbc6d76eb1763f343c6116ea195 /extras/systemd/glusterd.service.in | |
parent | 97ce783de326b51fcba65737f07db2c314d1e218 (diff) |
protocol/server: do not do root-squashing for trusted clients
* As of now clients mounting within the storage pool using that machine's
ip/hostname are trusted clients (i.e clients local to the glusterd).
* Be careful when the request itself comes in as nfsnobody (ex: posix tests).
So move the squashing part to protocol/server when it creates a new frame
for the request, instead of auth part of rpc layer.
* For nfs servers do root-squashing without checking if it is trusted client,
as all the nfs servers would be running within the storage pool, hence will
be trusted clients for the bricks.
* Provide one more option for mounting which actually says root-squash
should/should not happen. This value is given priority only for the trusted
clients. For non trusted clients, the volume option takes the priority. But
for trusted clients if root-squash should not happen, then they have to be
mounted with root-squash=no option. (This is done because by default
blocking root-squashing for the trusted clients will cause problems for smb
and UFO clients for which the requests have to be squashed if the option is
enabled).
* For geo-replication and defrag clients do not do root-squashing.
* Introduce a new option in open-behind for doing read after successful open.
Change-Id: I8a8359840313dffc34824f3ea80a9c48375067f0
BUG: 954057
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-on: http://review.gluster.org/4863
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Diffstat (limited to 'extras/systemd/glusterd.service.in')
0 files changed, 0 insertions, 0 deletions