Bug 1138841 - allow the use of the CIDR format with auth.allow
Summary: allow the use of the CIDR format with auth.allow
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: GlusterFS
Classification: Community
Component: rpc
Version: mainline
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Rinku
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1165689
TreeView+ depends on / blocked
 
Reported: 2014-09-05 18:43 UTC by Jean-Francois Theroux
Modified: 2019-03-25 16:30 UTC (History)
6 users (show)

Fixed In Version: glusterfs-6.0
Clone Of:
: 1165689 (view as bug list)
Environment:
Last Closed: 2019-03-25 16:30:11 UTC
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Gluster.org Gerrit 21970 0 None Open core: Feature added to accept CidrIp in auth.allow 2019-01-18 17:13:57 UTC
Gluster.org Gerrit 21980 0 None Open Modified few functions to isolate cidr feature 2019-01-02 13:40:47 UTC

Description Jean-Francois Theroux 2014-09-05 18:43:17 UTC 
Description of problem:
It would be nice if we could use the standard CIDR format (192.168.1.0/24) when setting auth.allow and auth.reject to a volume. Right now, only 192.168.1.* is supported. That's fine for a /16 or /24, but what if I use a /23? Then I need to add several entries.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
gluster volume set test auth.allow 192.168.1.0/23

Actual results:
[root@node6 ~]# gluster volume set test auth.allow 192.168.1.0/24
volume set: failed: option auth.addr./volumes/test.allow 192.168.1.0/24: '192.168.1.0/24' is not a valid internet-address-list

Expected results:
I'd expect gluster to be able to handle the CIDR format. Actually very surprised it doesn't.

Additional info:
Comment 2 Niels de Vos 2014-11-27 14:45:20 UTC 
Feature requests make most sense against the 'mainline' release, there is no ETA for an implementation and requests might get forgotten when filed against a particular version.
Comment 3 Stefano Stagnaro 2018-07-26 16:14:33 UTC 
Four years and this feature is not yet implemented. It's impossible to bind volumes to specific networks without CIDR.

Octet wildcards * are useless since classess routing has been introduced (long time ago).
Comment 4 Vijay Bellur 2018-11-20 09:37:27 UTC 
Migrated to github:

https://github.com/gluster/glusterfs/issues/589

Please follow the github issue for further updates on this bug.
Comment 5 Worker Ant 2019-01-01 15:50:15 UTC 
REVIEW: https://review.gluster.org/21970 (Added a function to validate CIDR IP) posted (#1) for review on master by Rinku Kothiya
Comment 6 Worker Ant 2019-01-02 13:40:47 UTC 
REVIEW: https://review.gluster.org/21980 (Modified few functions to isolate cidr feature) posted (#1) for review on master by Rinku Kothiya
Comment 7 Worker Ant 2019-01-18 17:13:58 UTC 
REVIEW: https://review.gluster.org/21970 (core: Feature added to accept CidrIp in auth.allow) merged (#10) on master by Amar Tumballi
Comment 8 Shyamsundar 2019-03-25 16:30:11 UTC 
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-6.0, please open a new bug report.

glusterfs-6.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution.

[1] https://lists.gluster.org/pipermail/announce/2019-March/000120.html
[2] https://www.gluster.org/pipermail/gluster-users/
Note You need to log in before you can comment on or make changes to this bug.