[Gluster-users] unable to remove ACLs

Discussion:

lejeczek

2018-05-01 12:46:54 UTC

hi guys

I have a simple case of:
$ setfacl -b
not working!
I copy a folder outside of autofs mounted gluster vol, to a
regular fs and removing acl works as expected.
Inside mounted gluster vol I seem to be able to
modify/remove ACLs for users, groups and masks but that one
simple, important thing does not work.
It is also not the case of default ACLs being enforced from
the parent, for I mkdir a folder next to that problematic
folder and there are not ACLs, as expected.

glusterfs 3.12.9, Centos 7.4

Any thoughts, suggestions?
many thanks, L.

Vijay Bellur

2018-05-01 22:59:04 UTC

Permalink

Post by lejeczek
hi guys
$ setfacl -b
not working!
I copy a folder outside of autofs mounted gluster vol, to a regular fs and
removing acl works as expected.
Inside mounted gluster vol I seem to be able to modify/remove ACLs for
users, groups and masks but that one simple, important thing does not work.
It is also not the case of default ACLs being enforced from the parent,
for I mkdir a folder next to that problematic folder and there are not
ACLs, as expected.
glusterfs 3.12.9, Centos 7.4
Any thoughts, suggestions?

Are you mounting glusterfs with -o acl ? In the case you are not, mounting
with option acl is necessary for glusterfs to honor ACLs.

Regards,
Vijay

lejeczek

2018-05-02 10:54:01 UTC

Permalink

On Tue, May 1, 2018 at 5:46 AM, lejeczek
hi guys
$ setfacl -b
not working!
I copy a folder outside of autofs mounted gluster vol,
to a regular fs and removing acl works as expected.
Inside mounted gluster vol I seem to be able to
modify/remove ACLs for users, groups and masks but
that one simple, important thing does not work.
It is also not the case of default ACLs being enforced
from the parent, for I mkdir a folder next to that
problematic folder and there are not ACLs, as expected.
glusterfs 3.12.9, Centos 7.4
Any thoughts, suggestions?
Are you mounting glusterfs with -o acl ? In the case you
are not, mounting with option acl is necessary for
glusterfs to honor ACLs.
Regards,
Vijay

surely I'm. Otherwise I'd have no "working" acls, right?
Like I say, I can operate setfacl and this seems to work
except, I cannot remove acl completely with "-b" which
should just work, right?

I think it should be easily reproducible, my setup is pretty
"regular". I'm on Centos 7.4 and mount via autofs/manuall.
Anybody can check that?

Vijay Bellur

2018-05-02 17:30:46 UTC

Permalink

Post by lejeczek
hi guys
$ setfacl -b
not working!
I copy a folder outside of autofs mounted gluster vol,
to a regular fs and removing acl works as expected.
Inside mounted gluster vol I seem to be able to
modify/remove ACLs for users, groups and masks but
that one simple, important thing does not work.
It is also not the case of default ACLs being enforced
from the parent, for I mkdir a folder next to that
problematic folder and there are not ACLs, as expected.
glusterfs 3.12.9, Centos 7.4
Any thoughts, suggestions?
Are you mounting glusterfs with -o acl ? In the case you are not,
mounting with option acl is necessary for glusterfs to honor ACLs.
Regards,
Vijay
surely I'm. Otherwise I'd have no "working" acls, right? Like I say, I

can operate setfacl and this seems to work except, I cannot remove acl
completely with "-b" which should just work, right?

Yes, it should ideally work.

I think it should be easily reproducible, my setup is pretty "regular".
I'm on Centos 7.4 and mount via autofs/manuall. Anybody can check that?

Here's a test that passed with a manual mount while using 3.12.9:

[***@deepthought ~]# mount -t glusterfs -o acl deepthought:/foo
/mnt/gluster
[***@deepthought ~]# cd /mnt/gluster/
[***@deepthought gluster]# setfacl -m u:nobody:rw foo
[***@deepthought gluster]# getfacl foo
# file: foo
# owner: root
# group: root
user::-w-
user:nobody:rw-
group::r--
mask::rw-
other::r--

[***@deepthought gluster]# setfacl -b foo
[***@deepthought gluster]# echo $?
0
[***@deepthought gluster]# getfacl foo
# file: foo
# owner: root
# group: root
user::-w-
group::r--
other::r--

Can you please share the sequence of acl commands that causes "setfacl -b"
to fail in your setup?

Thanks,
Vijay

_______________________________________________
Gluster-users mailing list
http://lists.gluster.org/mailman/listinfo/gluster-users