summaryrefslogtreecommitdiffstats
path: root/xlators/protocol/client
diff options
context:
space:
mode:
authorNiels de Vos <ndevos@redhat.com>2014-04-17 18:32:07 +0200
committerAnand Avati <avati@redhat.com>2014-05-09 12:22:39 -0700
commit2fd499d148fc8865c77de8b2c73fe0b7e1737882 (patch)
tree368fe211b31d82cd14c6efc773fd91693855f3de /xlators/protocol/client
parent47c33dd27150039a6e5e3295eacd8d2d5a7e0ce0 (diff)
rpc: implement server.manage-gids for group resolving on the bricks
The new volume option 'server.manage-gids' can be enabled in environments where a user belongs to more than the current absolute maximum of 93 groups. This option triggers the following behavior: 1. The AUTH_GLUSTERFS structure sent by GlusterFS clients (fuse, nfs or libgfapi) will contain only one (1) auxiliary group, instead of a full list. This reduces network usage and prevents problems in encoding the AUTH_GLUSTERFS structure which should fit in 400 bytes. 2. The single group in the RPC Calls received by the server is replaced by resolving the groups server-side. Permission checks and similar in lower xlators are applied against the full list of groups where the user belongs to, and not the single auxiliary group that the client sent. Change-Id: I9e540de13e3022f8b63ff893ecba511129a47b91 BUG: 1053579 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/7501 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Santosh Pradhan <spradhan@redhat.com> Reviewed-by: Harshavardhana <harsha@harshavardhana.net> Reviewed-by: Anand Avati <avati@redhat.com>
Diffstat (limited to 'xlators/protocol/client')
-rw-r--r--xlators/protocol/client/src/client.c29
-rw-r--r--xlators/protocol/client/src/client.h2
2 files changed, 31 insertions, 0 deletions
diff --git a/xlators/protocol/client/src/client.c b/xlators/protocol/client/src/client.c
index 7726c0b8445..aecd8f8fb07 100644
--- a/xlators/protocol/client/src/client.c
+++ b/xlators/protocol/client/src/client.c
@@ -158,6 +158,8 @@ client_submit_request (xlator_t *this, void *req, call_frame_t *frame,
struct iobref *new_iobref = NULL;
ssize_t xdr_size = 0;
struct rpc_req rpcreq = {0, };
+ uint64_t ngroups = 0;
+ uint64_t gid = 0;
GF_VALIDATE_OR_GOTO ("client", this, out);
GF_VALIDATE_OR_GOTO (this->name, prog, out);
@@ -224,6 +226,18 @@ client_submit_request (xlator_t *this, void *req, call_frame_t *frame,
count = 1;
}
+ /* do not send all groups if they are resolved server-side */
+ if (!conf->send_gids) {
+ /* copy some values for restoring later */
+ ngroups = frame->root->ngrps;
+ frame->root->ngrps = 1;
+ if (ngroups <= SMALL_GROUP_COUNT) {
+ gid = frame->root->groups_small[0];
+ frame->root->groups_small[0] = frame->root->gid;
+ frame->root->groups = frame->root->groups_small;
+ }
+ }
+
/* Send the msg */
ret = rpc_clnt_submit (conf->rpc, prog, procnum, cbkfn, &iov, count,
NULL, 0, new_iobref, frame, rsphdr, rsphdr_count,
@@ -233,6 +247,13 @@ client_submit_request (xlator_t *this, void *req, call_frame_t *frame,
gf_log (this->name, GF_LOG_DEBUG, "rpc_clnt_submit failed");
}
+ if (!conf->send_gids) {
+ /* restore previous values */
+ frame->root->ngrps = ngroups;
+ if (ngroups <= SMALL_GROUP_COUNT)
+ frame->root->groups_small[0] = gid;
+ }
+
ret = 0;
if (new_iobref)
@@ -2314,6 +2335,8 @@ build_client_config (xlator_t *this, clnt_conf_t *conf)
GF_OPTION_INIT ("filter-O_DIRECT", conf->filter_o_direct,
bool, out);
+ GF_OPTION_INIT ("send-gids", conf->send_gids, bool, out);
+
ret = 0;
out:
return ret;
@@ -2501,6 +2524,8 @@ reconfigure (xlator_t *this, dict_t *options)
GF_OPTION_RECONF ("filter-O_DIRECT", conf->filter_o_direct,
options, bool, out);
+ GF_OPTION_RECONF ("send-gids", conf->send_gids, options, bool, out);
+
ret = client_init_grace_timer (this, options, conf);
if (ret)
goto out;
@@ -2856,5 +2881,9 @@ struct volume_options options[] = {
"still continue to cache the file. This works similar to NFS's "
"behavior of O_DIRECT",
},
+ { .key = {"send-gids"},
+ .type = GF_OPTION_TYPE_BOOL,
+ .default_value = "on",
+ },
{ .key = {NULL} },
};
diff --git a/xlators/protocol/client/src/client.h b/xlators/protocol/client/src/client.h
index bc0f5d0e9d2..7f7d511910e 100644
--- a/xlators/protocol/client/src/client.h
+++ b/xlators/protocol/client/src/client.h
@@ -125,6 +125,8 @@ typedef struct clnt_conf {
* how manytimes set_volume is called
*/
uint64_t setvol_count;
+
+ gf_boolean_t send_gids; /* let the server resolve gids */
} clnt_conf_t;
typedef struct _client_fd_ctx {