Description of problem: ------------------------ gluster v get help shows no description for auth.ssl-allow : [root@gqas009 ~]# gluster v set help |grep auth.ssl [root@gqas009 ~]# [root@gqas009 ~]# gluster v set help |grep ssl Option: client.ssl Description: enable/disable client.ssl flag in the volume. Option: server.ssl Description: enable/disable server.ssl flag in the volume. Option: ssl.own-cert Option: ssl.private-key Option: ssl.ca-list Option: ssl.crl-path Option: ssl.certificate-depth Option: ssl.cipher-list Option: ssl.dh-param Option: ssl.ec-curve [root@gqas009 ~]# [root@gqas009 ~]# gluster v get testvol auth.ssl-allow Option Value ------ ----- auth.ssl-allow * [root@gqas009 ~]# Version-Release number of selected component (if applicable): ------------------------------------------------------------- glusterfs-3.8.4-5.el7rhgs.x86_64 How reproducible: ----------------- Always Steps to Reproduce: ------------------- In Description. Actual results: --------------- No description available for auth.ssl-allow Expected results: ------------------ gluster v get help should ideally show the option description and the default value. Additional info: ----------------- None.
RCA: In GlusterD's volume map entry table this option has been marked as NO_DOC which means no description will be shown up in gluster volume set help. This will be a simple fix to add on however not a blocker for 3.2.0 and can be moved beyond 3.2.0.
Below is present in server.c: but not in glusterd-volume-set.c, adding this to volume-set.c would be a good to fix this. ---- {.key = {"ssl-allow"}, .setkey = "auth.login.{{ brick.path }}.ssl-allow", .default_value = "*", .type = GF_OPTION_TYPE_INTERNET_ADDRESS_LIST, .flags = OPT_FLAG_SETTABLE | OPT_FLAG_DOC, .description = "Allow a comma separated list of common names (CN) of" "the clients that are allowed to access the server." "By default, all TLS authenticated clients are" "allowed to access the server."}, ----
REVISION POSTED: https://review.gluster.org/21492 (core: auth.ssl-allow has no option description) posted (#3) for review on master by Harpreet Kaur Lalwani
Tested with RHGS 3.5.0 interim build ( glusterfs-6.0.2.el7rhgs ) volume set help contains information about 'auth.ssl-allow' <snip> Option: server.ssl Default Value: off Description: enable/disable server.ssl flag in the volume. Option: auth.ssl-allow Default Value: * Description: Allow a comma separated list of common names (CN) of the clients that are allowed to access the server.By default, all TLS authenticated clients are allowed to access the server. </snip>
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2019:3249