[Samba] CTDB and glusterfs (solved)

Michael Adam obnox at samba.org
Mon Dec 21 07:42:42 UTC 2015 

On 2015-11-17 at 18:38 +0100, Stefan Kania wrote:
> To show what we did here the entry in /etc/fstab:
> 
> knoten-01:/gv0 /glusterfs glusterfs defaults,_netdev,acl,selinux 0 0

This is a heads-up that I have meanwhile fixed
this in Gluster upstream:

https://bugzilla.redhat.com/show_bug.cgi?id=1283103  (master)
https://bugzilla.redhat.com/show_bug.cgi?id=1283107  (3.7)

So the mount option won't be necessary any more
starting from GlusterFS 3.7.7.

Cheers - Michael


> Am 17.11.2015 um 18:22 schrieb Michael Adam:
> > We just analyzed the situation together, and the solution is that
> > in order to access security.FOOBAR xattrs on the gluster fuse
> > mount, you have to specify the 'selinux' mount option to the
> > glusterfs fuse mount... ...THis is necassary even if selinux is
> > disabled.
> > 
> > This sounds strange, but it currently is the solution.
> > 
> > Note that the recommended way is to use the glusterfs vfs module
> > instead of the fuse mount.
> > 
> > Cheers - Michael
> > 
> > On 2015-11-17 at 11:34 +0100, Stefan Kania wrote:
> >> Hello,
> >> 
> >> I'm trying to setup a CTDB-Cluster together with GLusterFS.
> >> GlusterFS is running great. CTDB can connect to the
> >> gluster-volume. I can store files, using Windows or Linux, and
> >> set new acls on the commandline of the cluster. BUT as soon as I
> >> try to set permissions via windows it fails with "the request is
> >> not supported" I use "vfs objects = acl_xattr". When I create a
> >> second share with "vfs objects = acl_tdb" ist works, but I think
> >> storing ACLS in a TDB-file is no option for large systems.
> >> 
> >> Here my setup: Distribution: name it, I tried it. At the moment
> >> Debian 8 and Centos 7 Gluster-version: 7.6 from gluster.org 
> >> Samba-version: SerNet Samba 4.3.1
> >> 
> >> Here my smb.conf out of the regestry: ---------------- [global] 
> >> workgroup = example netbios name = centos-c1 security = ads realm
> >> = EXAMPLE.NET idmap config *:range = 10000-19999 idmap config
> >> example:backend = rid idmap config example:range =
> >> 1000000-1999999 winbind enum users = yes winbind enum groups =
> >> yes winbind use default domain = yes winbind refresh tickets =
> >> yes template shell = /bin/bash wins server = 192.168.56.254
> >> 
> >> [daten] path = /glusterfs/daten comment = Daten im Cluster guest
> >> ok = no read only = no browseable = yes store dos attributes =
> >> yes map acl inherit = yes vfs objects = acl_xattr
> >> 
> >> [daten2] path = /glusterfs/daten2 comment = Daten im Cluster 
> >> guest ok = no read only = no browseable = yes store dos
> >> attributes = yes map acl inherit = yes vfs objects = acl_tdb 
> >> ----------------
> >> 
> >> Any help would be great
> >> 
> >> Stefan
> >> 
> >> -- To unsubscribe from this list go to the following URL and read
> >> the instructions:  https://lists.samba.org/mailman/options/samba
> >> 
> >> 
> 
> 
> -- 
> Stefan Kania
> Landweg 13
> 25693 St. Michaelisdonn
> 
> 
> Signieren jeder E-Mail hilft Spam zu reduzieren. Signieren Sie ihre
> E-Mail. Weiter Informationen unter http://www.gnupg.org
> 
> Mein Schlüssel liegt auf
> 
> hkp://subkeys.pgp.net
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba/attachments/20151221/9a2064f5/signature.sig>

More information about the samba mailing list