Re: Limit a particular pvfs2 client's access to data
vilayann at mcs.anl.gov
Thu Dec 8 09:41:57 EST 2005
> Specific question: why did you need to
> add checks in the set-attr state machine in addition to prelude, but not
> other state machines?
Hmm.. Can you tell me which other state machines I need to add this stuff
Prelude state machine does all the permission checks, and any
uid/gid translation must be done prior to doing those checks.
Set-attr stores the permissions based on the credentials sent over the
wire, and any uid/gid translation must be done before it stores it on
disk. (For some reason, setattr does not make use of the credentials
field in the request but a duplicate copy in req.setattr.attr.owner,gid,
dunno why. Therefore, the prelude changes were unfortunately not
sufficient for the set-attr case)
I was hoping that all cases would be covered with these 2 state machines
changes alone. Unfortunately, there are still some permission denied cases
when using the utimes() system call for the AllSquash case. I havent yet
fixed that, since it involves local kernel/acl changes I think.
> Have you thought about how we might do this on a per-client basis, and
> if so, how that might change both how you do the checks and how you
> describe things in the config file?
How about something like
ReadOnly yes(list of aliases)
RootSquash yes(list of aliases) and so on...
If no aliases are specified. then it is assumed to be the case for all
Checking it would involve that I somehow get the BMI address
information for comparison with the filesystem export cofiguration and
disallowing or allowing checks based on that. I can look at this and send
a patch later today for people to comment, if you like the above approach
or if you wanted it done another way
> You should probably re-post that patch over on pvfs2-devel for
> discussion! Thanks,
CC;ed devel list.
Thanks for the comments,
> Murali Vilayannur wrote:
> > Hi Praveen,
> > Would something like the attached patch work for you?
> > I have minimally tested it on my setups and it seems to work.
> > You need to add something (optional) like the following to your fs.conf file under
> > the <FileSystem> context tags
> > <ExportOptions>
> > ReadOnly yes --> if you want readonly f.s
> > RootSquash yes --> if you want root squash. Unfortunately
> > this will root squash all clients :(. No selective squashing. Currently
> > root will squash to a default uid for nobody,gid for nobody.
> > AllSquash yes --> all users will get squashed to nobody..
> > AnonUID <uid> --> override the anonuid value to something..
> > AnonGID <gid> --> override the anongid value to something..
> > </ExportOptions>
> > Exporting a sub-tree to specific clients is not addressed by this patch.
> > It requires far more work..
> > Thanks,
> > Murali
More information about the PVFS2-developers