diff options
author | Rajesh Amaravathi <rajesh@redhat.com> | 2013-06-03 16:44:21 +0530 |
---|---|---|
committer | Anand Avati <avati@redhat.com> | 2013-06-15 22:32:18 -0700 |
commit | d6e5c6d8c489063df5aca8998903e11afee8439d (patch) | |
tree | 313f497949e456ef809c4c3e37d40cd3ba8c0c67 /xlators | |
parent | f857def7631f660b3e6574c58debdd4d37731f4f (diff) |
nfs: option to disable acl
1. Option to disable or enable acl with nfs.acl boolean
option.
2. Deregister the acl service with the portmapper service
when no longer required.
Change-Id: I6562b6b40138d040aa2bf1e5641f4c0e0e9f9d09
BUG: 970070
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.org/5136
Reviewed-by: Rajesh Joseph <rjoseph@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
Diffstat (limited to 'xlators')
-rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-utils.c | 7 | ||||
-rw-r--r-- | xlators/mgmt/glusterd/src/glusterd-volume-set.c | 6 | ||||
-rw-r--r-- | xlators/nfs/server/src/nfs.c | 25 | ||||
-rw-r--r-- | xlators/nfs/server/src/nfs.h | 1 |
4 files changed, 33 insertions, 6 deletions
diff --git a/xlators/mgmt/glusterd/src/glusterd-utils.c b/xlators/mgmt/glusterd/src/glusterd-utils.c index ea5799ae632..a732d28d0d5 100644 --- a/xlators/mgmt/glusterd/src/glusterd-utils.c +++ b/xlators/mgmt/glusterd/src/glusterd-utils.c @@ -70,6 +70,9 @@ #define NLMV4_VERSION 4 #define NLMV1_VERSION 1 +#define ACL_PROGRAM 100227 +#define ACLV3_VERSION 3 + #define CEILING_POS(X) (((X)-(int)(X)) > 0 ? (int)((X)+1) : (int)(X)) static glusterd_lock_t lock; @@ -3677,6 +3680,10 @@ glusterd_nfs_pmap_deregister () else gf_log ("", GF_LOG_ERROR, "De-registration of NLM v1 failed"); + if (pmap_unset (ACL_PROGRAM, ACLV3_VERSION)) + gf_log ("", GF_LOG_INFO, "De-registered ACL v3 successfully"); + else + gf_log ("", GF_LOG_ERROR, "De-registration of ACL v3 failed"); } int diff --git a/xlators/mgmt/glusterd/src/glusterd-volume-set.c b/xlators/mgmt/glusterd/src/glusterd-volume-set.c index 6d1715bc834..f112ccfc298 100644 --- a/xlators/mgmt/glusterd/src/glusterd-volume-set.c +++ b/xlators/mgmt/glusterd/src/glusterd-volume-set.c @@ -1146,6 +1146,12 @@ struct volopt_map_entry glusterd_volopt_map[] = { .type = GLOBAL_DOC, .op_version = 1 }, + { .key = "nfs.acl", + .voltype = "nfs/server", + .option = "nfs.acl", + .type = GLOBAL_DOC, + .op_version = 2 + }, { .key = "nfs.mount-udp", .voltype = "nfs/server", .option = "nfs.mount-udp", diff --git a/xlators/nfs/server/src/nfs.c b/xlators/nfs/server/src/nfs.c index 8bb3fccf235..7b36d59e82a 100644 --- a/xlators/nfs/server/src/nfs.c +++ b/xlators/nfs/server/src/nfs.c @@ -190,11 +190,13 @@ nfs_add_all_initiators (struct nfs_state *nfs) } } - ret = nfs_add_initer (&nfs->versions, acl3svc_init); - if (ret == -1) { - gf_log (GF_NFS, GF_LOG_ERROR, "Failed to add protocol" - " initializer"); - goto ret; + if (nfs->enable_acl == _gf_true) { + ret = nfs_add_initer (&nfs->versions, acl3svc_init); + if (ret == -1) { + gf_log (GF_NFS, GF_LOG_ERROR, "Failed to add " + "ACL protocol initializer"); + goto ret; + } } ret = 0; @@ -604,6 +606,13 @@ nfs_init_state (xlator_t *this) } } + nfs->enable_acl = _gf_true; + ret = dict_get_str_boolean (this->options, "nfs.acl", _gf_true); + if (ret == _gf_false) { + gf_log (GF_NFS, GF_LOG_INFO, "ACL is manually disabled"); + nfs->enable_acl = _gf_false; + } + nfs->enable_ino32 = 0; if (dict_get (this->options, "nfs.enable-ino32")) { ret = dict_get_str (this->options, "nfs.enable-ino32", @@ -1300,7 +1309,11 @@ struct volume_options options[] = { .description = "Number of seconds to cache auxiliary-GID data, when " OPT_SERVER_AUX_GIDS " is set." }, - + { .key = {"nfs.acl"}, + .type = GF_OPTION_TYPE_BOOL, + .default_value = "on", + .description = "This option is used to control ACL support for NFS." + }, { .key = {NULL} }, }; diff --git a/xlators/nfs/server/src/nfs.h b/xlators/nfs/server/src/nfs.h index 7d5163dfe0e..936d929be94 100644 --- a/xlators/nfs/server/src/nfs.h +++ b/xlators/nfs/server/src/nfs.h @@ -86,6 +86,7 @@ struct nfs_state { unsigned int override_portnum; int allow_insecure; int enable_nlm; + int enable_acl; int mount_udp; struct rpc_clnt *rpc_clnt; gf_boolean_t server_aux_gids; |