| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The NFS3 file handles now includes just the bare minimum of
(ident, exportid, gfid) and removes legacy 'variable' members
which are unnecessary since the introduction of GFID backend
Change-Id: Iff6e4435d170074b18d208742b48e79b130e2a4d
BUG: 835336
Signed-off-by: Anand Avati <avati@redhat.com>
Reviewed-on: http://review.gluster.com/3617
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change allows statedump of nlm locks
giving number of clients, number of locks
each client holds and the files on which lock(s)
is/are held.
Change-Id: I6341c12ec58005ef71b93b316b527e610ff7ee8f
BUG: 824804
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/3492
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Pranith Kumar Karampuri <pranithk@gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: I01a1c0c0c8d3402b8fe061258001eea2c0029e83
BUG: 819518
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/3433
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The way NLM handles errors and corresponding response
messages has been simplified to avoid duplicate replies
in case of failures.
Also, unlock_cbk and unlock_fd_resume functions are moved
in with other unlock functions.
Change-Id: I94100aa3c8de95dabebed4598651bbcd49d95782
BUG: 824316
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/3462
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: I3f5c35d06827fb267a7dae53d949c61567a945d0
BUG: 799287
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/3434
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
| |
the lock in the list.
Change-Id: I84b298702c445320082ef03de90c924931f1a1e1
BUG: 822384
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/3451
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: I310e525b5bd302c0acadcc077213fbd570bf772d
BUG: 820582
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/3355
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* This change introduces four NLMv4 procedures:
NM_LOCK, SHARE, UNSHARE and FREE_ALL.
These are used by PC clients (windows/dos) to control access
to files.
1. NM_LOCK: this lock is not monitored by statd.
2. SHARE: A share reservation is a lock on the whole file
that is taken whenever a file is opened on windows clients.
This has ACCESS (N, R, W, RW) and DENY MODE (N, R, W, RW).
ACCESS: mode of access requested by the client;
DENY MODE: what the requesting client wants to
deny other clients.
3. UNSHARE: remove a share reservation obtained by SHARE.
Called while closing a file.
4. FREE_ALL: remove all share reservations and locks,
both monitored and unmonitored, of the calling client.
* lock and nm_lock use a common function with only
a flag conveying whether or not to monitor a lock.
* NOTES:
1. SHARE reservations are not STACK_WIND'd to subsequent xlators.
These are maintained in-memory in the nfs xlator.
2. Consequently, for SHARE reservations to work effectively,
all PC clients *must* mount from the same gNfs server.
Not doing so will result in different servers maintaining
separate SHARE reservations which will not be enforced
for obvious reasons.
Change-Id: Id4f22670a94ed58691a6a7f4c80aa8c11421a277
BUG: 800287
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/3356
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: I18c2e090c1ca64f47ce70dc63c9f73ea7def2f86
BUG: 810828
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/3220
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: I7c4cba84723a9ca73f1d1f1e9a2c479a2bfd14fe
BUG: 798969
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/2973
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: Ia0a482c89f10481184dc8f0f5b27cf6612ac114a
BUG: 816476
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/3233
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sometimes rpc.statd fails to start if rpc.statd.pid exists.
Change-Id: Ic6feb375330fceb8dd6c35330757738fb5cbe16f
BUG: 814265
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/3206
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Tested-by: Saurabh Jain <saurabh@gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
| |
lock calls
Change-Id: If983f7b2f94703442e0745c5cbd2701edb2a972a
BUG: 809362
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/3097
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: I571e1f14cefdfabecd8996b6d0ffc928464d2b51
BUG: 813258
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/3174
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
| |
clients reclaim the locks.
Change-Id: I0a8e291ad0a78e2e68070b1d289d32a786da8da2
BUG: 802885
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/3096
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Adding support to disable/enable nlm with the following command:
# gluster volume set <VOLNAME> nfs.nlm [on|off]
Change-Id: I1ad3e44c5d4349d0f3463bfca0995fd10def39dd
BUG: 812869
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/3160
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Krishna Srinivas <krishna@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
the filehandle passed to hard resolving code was not initialized
to it correct value (resovlefh).
Change-Id: I0a26c7b90bf3efec7fda26fed0823755c4b9e87b
BUG: 802779
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/3150
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes authentication problems when address lists are given for
auth.{allow,reject} and nfs.rpc-auth-{allow,reject}.
Change-Id: I9959ebfa6820aef52c883372e1085660560e1e73
BUG: 810179
Signed-off-by: Kaushal M <kaushal@redhat.com>
Reviewed-on: http://review.gluster.com/3104
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NLM4_FREE_ALL rpc procedure has been provided nlm's
null procedure as actor to facilitate windows Nfs mounts.
NOTE: windows Nfs needs several other NLM procedures to work.
As a result, this patch only makes it possible to do a working
mount of a volume with "nolock" option in windows.
*Windows mount WITHOUT "nolock" option does NOT work as expected*
Change-Id: Ie163982497871312c5bb15f8c141fef460cadc34
BUG: 800287
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/3063
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Krishna Srinivas <krishna@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Ric asked me to look at replacing the GPL licensed MD5 code with
something better, i.e. perhaps faster, and with a less restrictive
license, etc. So I took a couple hour holiday from working on
wrapping up the client_t and did this.
OpenSSL (nee SSLeay) is released under the OpenSSL license, a BSD/MIT
style license. OpenSSL (libcrypto.so) is used on Linux, OS X and *BSD,
Open Solaris, etc. IOW it's universally available on the platforms we
care about. It's written by Eric Young (eay), now at EMC/RSA, and I
can say from experience that the OpenSSL implementation of MD5 (at least)
is every bit as fast as RSA's proprietary implementation (primarily
because the implementations are very, very similar.) The last time I
surveyed MD5 implementations I found they're all pretty much the same
speed.
I changed the APIs (and ABIs) for the strong and weak checksums.
Strictly speaking I didn't need to do that. They're only called on
short strings of data, i.e. pathnames, so using int32_t and uint32_t
is ostensibly okay. My change is arguably a better, more general API
for this sort of thing. It's also what bit me when gerrit/jenkins
validation failed due to glusterfs segv-ing. (I didn't pay close enough
attention to the implementation of the weak checksum. But it forced me
to learn what gerrit/jenkins are doing and going forward I can do better
testing before submitting to gerrit.)
Now resubmitting with a BZ
Change-Id: I545fade1604e74fc68399894550229bd57a5e0df
BUG: 807718
Signed-off-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-on: http://review.gluster.com/3019
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
object
Change-Id: Icc271e2166dbccc2cc12029e26c674fdb79fe975
BUG: 808390
Signed-off-by: Raghavendra Bhat <raghavendrabhat@gluster.com>
Reviewed-on: http://review.gluster.com/3061
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: I679e491e801b694e8a0f93dd87cf540441dae927
BUG: 806877
Signed-off-by: Kaushal M <kaushal@redhat.com>
Reviewed-on: http://review.gluster.com/3060
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: Ie1946b33353a91a266d2b21727d0c8eaa06af7f9
BUG: 808341
Signed-off-by: Raghavendra Bhat <raghavendrabhat@gluster.com>
Reviewed-on: http://review.gluster.com/3046
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
reviewed the code against all the possible places where
iobuf/iobref ref unref are present, and hopefully fixed most of
the issues around memory leaks with respect to iobuf
Change-Id: I9aa30326962991f8e23acedd389a0e962e097885
Signed-off-by: Amar Tumballi <amarts@redhat.com>
BUG: 797875
Reviewed-on: http://review.gluster.com/2994
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
with this change, the xlator APIs will have a dictionary as extra
argument, which is passed between all the layers. This can be
utilized for overloading in some of the operations.
Change-Id: I58a8186b3ef647650280e63f3e5e9b9de7827b40
Signed-off-by: Amar Tumballi <amarts@redhat.com>
BUG: 782265
Reviewed-on: http://review.gluster.com/2960
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
noticed that there are possibilities where one would like to do a
connection_cleanup() before destroying a RPC connection itself, also
current code is such that, rpc_clnt_connection_cleanup() does
rpc_clnt_ref() and unref(), creating a race window/double unref
possibilities in the code.
by separating out the functions, this race window/double fault can be
prevented.
Change-Id: I7ebd3392efa891232857b6db9108b0b19e40fc12
Signed-off-by: Amar Tumballi <amarts@redhat.com>
BUG: 802403
Reviewed-on: http://review.gluster.com/2979
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is the new version of the patch by Kaushik at review.gluster.com/699
The following new option types have been introduced:
* GF_OPTION_TYPE_INTERNET_ADDRESS_LIST
* GF_OPTION_TYPE_PRIORITY_LIST
* GF_OPTION_TYPE_SIZE_LIST
and option types of several options in translators have been updated to use the
new types.
valid_internet_address(), valid_ipv4_address() & valid_ipv6_address() functions
has been updated for * wildcard matching. Previously used standalone wildcard
address checking functions have been removed.
Changes have been done to stripe translator to correctly set, update and use
stripe-blocksize. Also minimum value for block-size has been set to 16KB.
Change-Id: I2aa484ff695f6a915a8fc9a9f965cf0344f41d59
BUG: 765248
Signed-off-by: Kaushal M <kaushal@redhat.com>
Reviewed-on: http://review.gluster.com/2899
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Shishir Gowda <shishirng@gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I9321745a40765eff048a656a7885f12847a0a318
BUG: 781318
Signed-off-by: krishna <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/2830
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While resolving, for building the path into the loc, inode_find
is called with gfid as argument to get the inode from the inode
table. If the inode is not found, then a new inode is created.
Then the path is build using inode_path. But if the inode is
not linked to inode table (newly created inode), then gfid will
be null and inode_path returns null gfid as the path. Suppose the
lookup operation on that gfid fails, then we print the null gfid
in the log message.
To avoid it, build the path using the gfid only if inode_path
fails.
Change-Id: I2506fa8675761ddb0bc02980cd3583d9d068fc85
BUG: 802424
Signed-off-by: Raghavendra Bhat <raghavendrabhat@gluster.com>
Reviewed-on: http://review.gluster.com/2930
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
| |
it is guaranteed to be sent properly from posix layer itself now
Change-Id: Ifbbf558f3bcfa609bf107a75c692003ca261ac0a
Signed-off-by: Amar Tumballi <amarts@redhat.com>
BUG: 800831
Reviewed-on: http://review.gluster.com/2923
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Enables usage of volume monitoring operations "volume status", "volume top" and
"volume profile" for nfs servers. These operations can be performed on
nfs-servers by passing "nfs" as an option in cli. The output is similar to the
normal brick outputs for these commands.
The new syntaxes for the changed commands are as below,
#gluster volume profile <VOLNAME> {start|info|stop} [nfs]
#gluster volume top <VOLNAME> {[open|read|write|opendir|readdir [nfs]]
|[read-perf|write-perf [nfs|{bs <size> count <count>}]]}
[brick <brick>] [list-cnt <count>]
#gluster volume status [all | <VOLNAME> [nfs|<BRICK>]]
[detail|clients|mem|inode|fd|callpool]
Change-Id: Ia6eb50c60aecacf9b413d3ea993f4cdd90ec0e07
BUG: 795267
Signed-off-by: Kaushal M <kaushal@redhat.com>
Reviewed-on: http://review.gluster.com/2820
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Krishnan Parthasarathi <kp@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
| |
resolve_and_resume fails.
Change-Id: Ia89113f46c1d7c9ed629e9dc0ff0779c41ed947f
BUG: 765259
Signed-off-by: krishna <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/2900
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
this is needed for Micrsoft Windows-based Nfs clients
which do not ignore ACCESS3_DELETE permission not being
granted, while linux/unix systems ignore the same.
behaviour on linux/unix systems remains unchanged
Change-Id: I67f5f66a7486b93163aebedec5fbaa303173964e
BUG: 790781
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/2875
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Krishna Srinivas <krishna@gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: I0d8381b7d4da0e961677cca63d6d2c82836c1632
BUG: 800735
Signed-off-by: krishna <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/2909
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: Ic3e00e8ea3b873acbc3abb5155aecdaac848a3e5
BUG: 795386
Signed-off-by: Mohammed Junaid <junaid@redhat.com>
Reviewed-on: http://review.gluster.com/2884
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Krishna Srinivas <krishna@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
| |
proc is called.
Change-Id: Id4c74165f24cccb46ca5de406dd7e47e4a8b99e1
BUG: 798222
Signed-off-by: krishna <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/2877
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When cthon was invoked to test nlm, the mount point
would hang, and crash nfs server, and all the brick
processes. This path fixes the crashes.
Change-Id: Ide88adb7e25ea722b143bfd62e23361ff7be4b67
BUG: 798194
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/2842
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
corrections in nfs configuration helpers displayed
with "gluster volume set help".
Change-Id: Iffc0d10eacbaea647270cd875d4cbd5f80333671
BUG: 771876
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/2829
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* while creating 'rpc_clnt', the caller knows what would be the ideal
load on it, so an extra argument to set some pool sizes
* while creating 'rpcsvc', the caller knows what would be the ideal
load of it, so an extra argument to set request pool size
* cli memory footprint is reduced
Change-Id: Ie245216525b450e3373ef55b654b4cd30741347f
Signed-off-by: Amar Tumballi <amarts@redhat.com>
BUG: 765336
Reviewed-on: http://review.gluster.com/2784
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: If5c2375adb3769827cf5099cb6b2d19ba75bf238
BUG: 795421
Signed-off-by: Vijay Bellur <vijay@gluster.com>
Reviewed-on: http://review.gluster.com/2776
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: Ic31b8bb10a28408da2a623f4ecc0c60af01c64af
BUG: 795421
Signed-off-by: Krishna Srinivas <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/2711
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
added 'TODO' in places where it is missing.
Change-Id: Ia802c94e3bb76930f7c88c990f078525be5459f5
Signed-off-by: Amar Tumballi <amar@gluster.com>
BUG: 765264
Reviewed-on: http://review.gluster.com/388
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* PROBLEM:
When address-based authentication is enabled on a volume,
the gNfs server, self-heal daemon (shd), and other operations
such as quota, rebalance, replace-brick and geo-replication
either stop working or the services are not started if all
the peers' ipv{4,6} addresses or hostnames are not added in
the "set auth.allow" operation, breaking the functionality
of several operations.
E.g:
volume vol in a cluster of two peers:
/mnt/brick1 in 192.168.1.4
/mnt/brick2 in 192.168.1.5
option auth.allow 192.168.1.6
(allow connection requests only from 192.168.1.6)
This will disrupt the nfs servers on 192.168.1.{4,5}.
brick server processes reject connection requests from both
nfs servers (on 4,5), because the peer addresses are not in
the auth.allow list.
Same holds true for local mounts (on peer machines),
self-heal daemon, and other operations which perform
a glusterfs mount on one of the peers.
* SOLUTION:
Login-based authentication (username/password pairs,
henceforth referred to as "keys") for gluster services and
operations.
These *per-volume* keys can be used to by-pass the addr-based
authentication, provided none of the peers' addresses are put
in the auth.reject list, to enable gluster services like gNfs,
self-heal daemon and internal operations on volumes when
auth.allow option is exercised.
* IMPLEMENTATION:
1. Glusterd generates keys for each volume and stores it in
memory as well as in respective volfiles.
A new TRUSTED-FUSE volfile is generated which is
fuse volfile + keys in protocol/client,
and is named trusted-<volname>-fuse.vol.
This is used by all local mounts. ANY local mount (on any peer)
is granted the trusted-fuse volfile instead of fuse volfile
via getspec. non-local mounts are NOT granted the trusted fuse
volfile.
2. The keys generated for the volume is written to each server
volfile telling servers to allow users with these keys.
3. NFS, self-heal daemon and replace-brick volfiles are updated
with the volume's authentication keys.
4. The keys are NOT written to fuse volfiles for obvious reasons.
5. The ownership of volfiles and logfiles is restricted to root users.
6. Merging two identical definitions of peer_info_t in auth/addr
and rpc-lib, throwing away the one in auth/addr.
7. Code cleanup in numerous places as appropriate.
* IMPORTANT NOTES:
1. One SHOULD NOT put any of the peer addresses in the auth.reject
list if one wants any of the glusterd services and features
such as gNfs, self-heal, rebalance, geo-rep and quota.
2. If one wants to use username/password based authentication
to volumes, one shall append to the server, nfs and shd volfiles,
the keys one wants to use for authentication, *while_retaining
those_generated_by_glusterd*.
See doc/authentication.txt file for details.
Change-Id: Ie0331d625ad000d63090e2d622fe1728fbfcc453
BUG: 789942
Signed-off-by: Rajesh Amaravathi <rajesh@redhat.com>
Reviewed-on: http://review.gluster.com/2733
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
needed to implement a proper handling of open flag alterations
using fcntl() on fd.
Change-Id: Ic280d5db6f1dc0418d5c439abb8db1d3ac21ced0
Signed-off-by: Amar Tumballi <amar@gluster.com>
BUG: 782265
Reviewed-on: http://review.gluster.com/2723
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
|
|
|
|
|
|
|
|
| |
Change-Id: Id5078f270d0fec280b53d4aa7b16bbaf42a2df05
BUG: 784095
Signed-off-by: krishna <ksriniva@redhat.com>
Reviewed-on: http://review.gluster.com/2730
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: Ica47482cfed794d6923047db859191462919d6fe
BUG: 782424
Signed-off-by: Kaushik BV <kbudiger@redhat.com>
Reviewed-on: http://review.gluster.com/2667
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amar@gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
readdirp_req() call sends a dict_t * as an argument, which
contains all the xattr keys for which the entries got in
readdirp_rsp() are having xattr value filled dictionary.
Change-Id: I8b7e1290740ea3e884e67d19156ce849227167c0
Signed-off-by: Amar Tumballi <amar@gluster.com>
BUG: 765785
Reviewed-on: http://review.gluster.com/771
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
so, NLM can send the lk-owner field directly to the locks translators,
while doing the same effort, also enabled sending maximum of 500 aux gid
over protocol.
Change-Id: I87c2514392748416f7ffe21d5154faad2e413969
Signed-off-by: Amar Tumballi <amar@gluster.com>
BUG: 767229
Reviewed-on: http://review.gluster.com/779
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently we allow the following RPC messages for unprivileged users:
GLUSTER_CLI_GETWD, GLUSTER_CLI_MOUNT, GLUSTER_CLI_UMOUNT
Change-Id: I05414f3ca7cbe47de45c5e5cfba1537efc774e6c
BUG: 781256
Signed-off-by: Csaba Henk <csaba@gluster.com>
Reviewed-on: http://review.gluster.com/2641
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Use gfid to create filehandle instead of encoding path components
- Utilize nameless lookups of GFID for deep resolution instead of
crawling the namespace with component hints
- Use anonymous FDs for file based operations
- Do away with fdcaching code for files and dirs
Change-Id: Ic48fb23370b25d183f7e1fc1cc5dffa9d5bab3fb
BUG: 781318
Reviewed-on: http://review.gluster.com/2645
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|