[Samba] CTDB and glusterfs (solved)
Stefan Kania
stefan at kania-online.de
Tue Nov 17 17:38:54 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
To show what we did here the entry in /etc/fstab:
knoten-01:/gv0 /glusterfs glusterfs defaults,_netdev,acl,selinux 0 0
Am 17.11.2015 um 18:22 schrieb Michael Adam:
> We just analyzed the situation together, and the solution is that
> in order to access security.FOOBAR xattrs on the gluster fuse
> mount, you have to specify the 'selinux' mount option to the
> glusterfs fuse mount... ...THis is necassary even if selinux is
> disabled.
>
> This sounds strange, but it currently is the solution.
>
> Note that the recommended way is to use the glusterfs vfs module
> instead of the fuse mount.
>
> Cheers - Michael
>
> On 2015-11-17 at 11:34 +0100, Stefan Kania wrote:
>> Hello,
>>
>> I'm trying to setup a CTDB-Cluster together with GLusterFS.
>> GlusterFS is running great. CTDB can connect to the
>> gluster-volume. I can store files, using Windows or Linux, and
>> set new acls on the commandline of the cluster. BUT as soon as I
>> try to set permissions via windows it fails with "the request is
>> not supported" I use "vfs objects = acl_xattr". When I create a
>> second share with "vfs objects = acl_tdb" ist works, but I think
>> storing ACLS in a TDB-file is no option for large systems.
>>
>> Here my setup: Distribution: name it, I tried it. At the moment
>> Debian 8 and Centos 7 Gluster-version: 7.6 from gluster.org
>> Samba-version: SerNet Samba 4.3.1
>>
>> Here my smb.conf out of the regestry: ---------------- [global]
>> workgroup = example netbios name = centos-c1 security = ads realm
>> = EXAMPLE.NET idmap config *:range = 10000-19999 idmap config
>> example:backend = rid idmap config example:range =
>> 1000000-1999999 winbind enum users = yes winbind enum groups =
>> yes winbind use default domain = yes winbind refresh tickets =
>> yes template shell = /bin/bash wins server = 192.168.56.254
>>
>> [daten] path = /glusterfs/daten comment = Daten im Cluster guest
>> ok = no read only = no browseable = yes store dos attributes =
>> yes map acl inherit = yes vfs objects = acl_xattr
>>
>> [daten2] path = /glusterfs/daten2 comment = Daten im Cluster
>> guest ok = no read only = no browseable = yes store dos
>> attributes = yes map acl inherit = yes vfs objects = acl_tdb
>> ----------------
>>
>> Any help would be great
>>
>> Stefan
>>
>> -- To unsubscribe from this list go to the following URL and read
>> the instructions: https://lists.samba.org/mailman/options/samba
>>
>>
- --
Stefan Kania
Landweg 13
25693 St. Michaelisdonn
Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre
E-Mail. Weiter Informationen unter http://www.gnupg.org
Mein Schlüssel liegt auf
hkp://subkeys.pgp.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iEYEARECAAYFAlZLZi4ACgkQ2JOGcNAHDTauJACgmsSzBVQqA7qUWJIWfHeFZAdh
1QgAoIYvCWJEY3200KhCJW1RoQagiWlq
=32b0
-----END PGP SIGNATURE-----
More information about the samba
mailing list