Bug 767229 - Make changes to protocol to enable sending unlimited number of Aux GIDs in GlusterFS.
Make changes to protocol to enable sending unlimited number of Aux GIDs in Gl...
Status: CLOSED CURRENTRELEASE
Product: GlusterFS
Classification: Community
Component: access-control (Show other bugs)
mainline
Unspecified Unspecified
high Severity unspecified
: ---
: ---
Assigned To: Amar Tumballi
Anush Shetty
:
: GLUSTER-3179 (view as bug list)
Depends On:
Blocks: 817967
  Show dependency treegraph
 
Reported: 2011-12-13 10:16 EST by Amar Tumballi
Modified: 2013-12-18 19:07 EST (History)
6 users (show)

See Also:
Fixed In Version: glusterfs-3.4.0
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-07-24 13:58:17 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Amar Tumballi 2011-12-13 10:16:27 EST
Description of problem:
Currently only 16gids can be sent over the protocol

Version-Release number of selected component (if applicable):
git master

How reproducible:
Its 'hardcoded' in the code :-)

What to do solve? :

Implement a new authentication scheme like current 'AUTH_GLUSTERFS', which can send as many as aux gids which are present in frame->root->groups[]..
Comment 1 Anand Avati 2012-01-24 23:14:24 EST
CHANGE: http://review.gluster.com/779 (core: change lk-owner as a 1k buffer) merged in master by Anand Avati (avati@gluster.com)
Comment 2 Amar Tumballi 2012-01-25 00:38:08 EST
currently its just 200 Aux GIDs on wire.. if we hit this limit, then we will consider extending the protocol.
Comment 3 shishir gowda 2012-02-02 00:33:55 EST
*** Bug 764911 has been marked as a duplicate of this bug. ***
Comment 4 Anand Avati 2012-03-12 10:59:56 EDT
CHANGE: http://review.gluster.com/2907 (core: Made lkowner_unparse use 'type-safe' format-specifier) merged in master by Vijay Bellur (vijay@gluster.com)
Comment 5 Servicii ISP 2012-04-24 09:27:36 EDT
Hello,

As I can see you have managed to get this limit up to 500. The Bug was filed for Unlimited. Any news if it can be implemented to something like 100000. We want to use it as a backend storage for webservers.

We are using the latest 3.3 beta 3.

Thank you
Comment 6 Niels de Vos 2012-04-24 11:21:00 EDT
If the old 'AUTH_GLUSTERFS' authentication-flavor (value '5') was not sufficient, did you change the used value for the RPC-authentication-flavor as well?

This would affect the patches for Wireshark that (hopefully) get included in an upcoming release (https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7190).
Comment 7 Servicii ISP 2012-04-25 02:17:18 EDT
Hello,

I haven't changed anything, I downloaded the last beta, I looked into the code and saw that the patches from http://review.gluster.com/#change,779 were included.
Please explain your response because I do not understand.
Comment 8 Niels de Vos 2012-04-25 07:53:45 EDT
My question in comment #6 was for Anand or Amar.

Amar mentioned that the GlusterFS 310 protocol uses AUTH-flavor 6 instead of 5. There is no collision there, but 6 is assigned already. Bug 816148 was opened to address this.

Your question in comment #5 still needs an answer from one of the developers.
Comment 9 Amar Tumballi 2012-04-25 14:50:08 EDT
ndevos,

Till all the official GA releases (till 3.2.6), we have GlusterFS 310, which works with AUTH_GLUSTERFS (5). The AUTH_GLUSTERFS_v2 (6) patch came in only in master branch. Need to change AUTH_GLUSTERFS_v2 to some other valid value.

ServiciiISP,

Current patch in 3.3.0beta3 can send 200 aux gids. 100000 GIDs? Not sure how a GNU/Linux process would get those many auxiliary GIDs in existing web tools (ref: bug 789961)
Comment 10 Anush Shetty 2012-05-30 10:20:55 EDT
It works upto 32 groups due to proc limit. This limitation is being tracked through another bug here https://bugzilla.redhat.com/show_bug.cgi?id=789961. So moving this to verified.

Note You need to log in before you can comment on or make changes to this bug.