Bug 764974 - (GLUSTER-3242) make it possible to run cli unprivileged
make it possible to run cli unprivileged
Status: CLOSED CURRENTRELEASE
Product: GlusterFS
Classification: Community
Component: cli (Show other bugs)
mainline
All Linux
medium Severity low
: ---
: ---
Assigned To: Csaba Henk
Vijaykumar Koppad
:
Depends On:
Blocks: 817967
  Show dependency treegraph
 
Reported: 2011-07-24 22:42 EDT by Csaba Henk
Modified: 2014-08-24 20:49 EDT (History)
7 users (show)

See Also:
Fixed In Version: glusterfs-3.4.0
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-07-24 13:41:23 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: DP
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Csaba Henk 2011-07-24 22:42:40 EDT
Automated access to gluster via unprivileged service users necessitates unprivilegedibility of cli.
Comment 1 Anand Avati 2011-09-12 06:21:07 EDT
CHANGE: http://review.gluster.com/91 (This reverts commit e93b270e8d09fc9d36a39b22987d3a172197e73b.) merged in master by Vijay Bellur (vijay@gluster.com)
Comment 2 Anand Avati 2011-09-12 06:21:35 EDT
CHANGE: http://review.gluster.com/92 (This reverts commit 8d64ca70b4c2467d4ed8c76a9eae385abdebd7a7.) merged in master by Vijay Bellur (vijay@gluster.com)
Comment 3 Anand Avati 2011-09-12 06:21:58 EDT
CHANGE: http://review.gluster.com/93 (Change-Id: I787d241e72b6a6c43db96c220d68fe369bb700a4) merged in master by Vijay Bellur (vijay@gluster.com)
Comment 4 Anand Avati 2011-09-12 06:22:19 EDT
CHANGE: http://review.gluster.com/94 (Change-Id: I89467d00030f4714568ef63650ecef0aef1bf753) merged in master by Vijay Bellur (vijay@gluster.com)
Comment 5 Anand Avati 2011-09-12 06:22:34 EDT
CHANGE: http://review.gluster.com/95 (Apart from diagnostic purposes, it's needed when cli is ran by) merged in master by Vijay Bellur (vijay@gluster.com)
Comment 6 Anand Avati 2011-09-12 06:22:53 EDT
CHANGE: http://review.gluster.com/127 (This makes client fake that given user is a superuser,) merged in master by Vijay Bellur (vijay@gluster.com)
Comment 7 Kaushal 2012-05-31 06:36:51 EDT
Tested with v3.3.0qa44. gluster cli commands can be issued by unprivileged users.
This requires glusterd to be started with xlator-option "mangaement.rpc-auth-allow-insecure=on" and cli commands to be run with option "--log-file=<file>"

As root,
-!- ~ » glusterd --xlator-option=management.rpc-auth-allow-insecure=on 
-!- ~ » 

As an unprivileged used,
--- ~ » gluster volume info --log-file=cli.log
No volumes present
--- ~ » gluster volume create test arch:/export/test --log-file=cli.log
/export/test or a prefix of it is already part of a volume
--- ~ » gluster volume create test arch:/export/test --log-file=cli.log
Creation of volume test has been successful. Please start the volume to access data.
--- ~ » gluster volume info --log-file=cli.log 
Volume Name: test
Type: Distribute
Volume ID: b2ea4c48-0f77-4717-95d5-9fdaa91d83ac
Status: Created
Number of Bricks: 1
Transport-type: tcp
Bricks:
Brick1: arch:/export/test
--- ~ »

Note You need to log in before you can comment on or make changes to this bug.