Does vfs_glusterfs work with vfs_acl_xattr for samba 3.x?
hafeez.bana at gmail.com
Wed Oct 9 12:05:25 MDT 2013
I have not managed to try out vfs_glusterfs because I can't find any
instructions on how to install or even compile it. If you have some
pointers - that would help.
In the meantime I did try vfs_acl_xattr using a fuse mounted gluster volume
with option acl enabled (gluster 3.4).
What I am finding is that gluster still has an issue writing out the
security.NTACL xattr atrribute which is used by vfs_acl_xattr i.e. The
posix acl's get updated but the security.NTACL write fails - the resulting
permission is just the posix acl permission (which usually loses the
fidelity of the finegrained NTACL permissions).
In the fuse code I know gluster actively blocks writes to the security
namespace for xattr (Its detailed here
https://bugzilla.redhat.com/show_bug.cgi?id=870256 ). Is this specifically
bypassed in the VFS module (which would explain it working well in your
I know there has been discussion in the past on the samba list to move use
the trusted namespace rather then the security namespace.
On Thu, Oct 3, 2013 at 10:01 PM, Hafeez Bana <hafeez.bana at gmail.com> wrote:
> Thats great news. Will try it out.
> On Thu, Oct 3, 2013 at 2:00 PM, RAGHAVENDRA TALUR <
> raghavendra.talur at gmail.com> wrote:
>> Although it has not been tested thoroughly yet, I have tried using
>> vfs_acl_xattr with vfs_glusterfs and it worked for me at the basic level.
>> I have not tested with AD though.
>> My test just had a windows client connect to a samba server sharing a
>> gluster volume using the vfs plugin and setting NT ACLs on files.
>> I was able to set full control and other attributes on the files.
>> Do try and let us know how it goes.
>> Raghavendra Talur
>> On Thu, Oct 3, 2013 at 5:31 PM, Hafeez Bana <hafeez.bana at gmail.com>wrote:
>>> Hello All,
>>> Thought I would ask before doing some comprehensive testing. Anyone have
>>> vfs_glusterfs working with vfs_acl_xattr?
>>> The last time I tried to combine the two by using vfs_acl_xattr and a
>>> mounted gluster volume, the xattr's would not get read/written because
>>> acl_xattr was writing to a trusted namespace.
>>> Thanks your help.
>> *Raghavendra Talur *
More information about the samba-technical