1342751 – setfacl does not work for fuse and kernel client

Bug 1342751 - setfacl does not work for fuse and kernel client

Summary: setfacl does not work for fuse and kernel client

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	Documentation
Sub Component:
Version:	2.0
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	medium
Target Milestone:	rc
Target Release:	2.1
Assignee:	ceph-docs@redhat.com
QA Contact:	Ramakrishnan Periyasamy
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1322504
TreeView+	depends on / blocked

Reported:	2016-06-04 17:51 UTC by rakesh-gm
Modified:	2016-10-13 09:32 UTC (History)
CC List:	6 users (show)
Fixed In Version:
Doc Type:	Known Issue
Doc Text:	.POSIX ACL support is disabled by default in CephFS FUSE clients Support for Access Control Lists (ACL) is disabled by default for Ceph File Systems (CephFS) mounted as FUSE clients. To use the ACL feature with FUSE clients, enable it manually. For details, see the https://access.redhat.com/documentation/en/red-hat-ceph-storage/2/single/ceph-file-system-guide-technology-preview#limitations-1[Limitations] section in the https://access.redhat.com/documentation/en/red-hat-ceph-storage/2/single/ceph-file-system-guide-technology-preview[Ceph File System Guide] for Red Hat Ceph Storage 2. In addition, ACL in CephFS kernel clients is supported on Red Hat Enterprise Linux with kernel version `kernel-3.10.0-327.18.2.el7` or later.
Clone Of:
Environment:
Last Closed:	2016-10-04 14:06:29 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description rakesh-gm 2016-06-04 17:51:03 UTC

Description of problem:

When I try to setacls to cephfs mount of ceph-fuse and kernel-client, I see a message --  "setfacl: /home/ubuntu/myfs/: Operation not supported" 

I saw a tracker bug http://tracker.ceph.com/issues/15783, and this says that there is way to enable the ACLS. Is this the default behavior or is it something to be fixed.

Comment 2 John Spray 2016-06-08 14:13:25 UTC

ACLs are indeed disabled by default (at least in the fuse client).  Could you test again with the settings in the referenced upstream ticket?  This will be something to document.

Comment 3 rakesh-gm 2016-06-10 13:34:10 UTC

This has to be documented, I used the the upstream ticket as the reference and added the following in ceph.conf


[client]
        fuse_default_permission=0 
        client_acl_type=posix_acl

I then restarted the services and tried setfacls. and it did not throw any error. This is for ceph-fuse. 

Can you let me know what is for kernel client. I see the problem in kernel client too. I can test it once you let me know what is the configuration.

Comment 4 Harish NV Rao 2016-06-10 14:28:01 UTC

setting need_info on John for clarification on kernel client (comment 3).

Comment 5 Yan, Zheng 2016-06-10 15:37:53 UTC

Cephfs code in current RHEL kernel (up to kernel-3.10.0-418.el7)does not have ACL support.

My pending backports include ACL support.
https://bugzilla.redhat.com/show_bug.cgi?id=1340782

Comment 7 Yan, Zheng 2016-07-01 02:55:33 UTC

The ACL support patches have been merged into RHEL7 kernel. (since kernel-3.10.0-448.el7)

Comment 8 Yan, Zheng 2016-07-01 02:56:59 UTC

BZ for the backport:

https://bugzilla.redhat.com/show_bug.cgi?id=1344930

Comment 14 John Spray 2016-08-12 12:37:02 UTC

Looks fine to me, it might be worth clarifying that the kernel version is RHEL-specific (people use RHCS on other distros too, and their 3.10.x might be higher numbered but not have the support).

Note You need to log in before you can comment on or make changes to this bug.