Description of problem: access to data with native glustefs client with ACL enabled is denied with "permission denied" message Version-Release number of selected component (if applicable): node1,node2 - rhel 6.3 x64, glusterfs RPMS 3.3.0 from glusterfs.org client - rhel 6.3 i386 - compiled rpms from tarball from glusterfs.org How reproducible: always Steps to Reproduce: one replicated volume, filesystem XFS/EXT4(wACL), mounted on client with glusterfs native client with -o acl to /glusterfs root# mkdir /glusterfs/testdir root# setfacl -Rm g:apache:rwx,d:g:apache:rwx /glusterfs/testdir root# su - apache apache$ ls /glusterfs/testdir ls: cannot open directory /glusterfs/testdir/: Permission denied without glusterfs ACL works ok Actual results: Expected results: Additional info:
i'm tried it now from 64-bit rhel6.3 client and it works it looks like i386(client) vs x86_64(server) bug
I am experiencing the same problem on RHEL 5.8. ACLs work fine with 64 bit systems, but not i386 systems, which always result in "Permission Denied" unless you are root.
Can you please try mounting the client with "enable-ino32" option and check if the issue is fixed?
updated to 3.3.1. nothing changed. problem persist with ino32 i have this problem [root@dev ~]# mount -t glusterfs -o enable-ino32 gfs1.local:/gv0 /gfs unknown option enable-ino32 (ignored)
support for enable-ino32 is not present in 3.3.1 . Release 3.4.0alpha2 has the fix.
Can you please confirm if the issue still exists in 3.4.0alpha2 release with using enable-ino32 option?
Hi, i have the same problem. I try it over Ubuntu and arch linux on 32 bits with 3.4.1 gluste version. I made: /mnt partition xfs/ext4(with acl) 1. gluster volume create test transport tcp my-server:/mnt/.data 2. gluster volume start test 3. mount -t glusterfs -o acl my-server:/test /mnt/test 4. mkdir /mnt/test/folder 5. chown nobody:nogroup /mnt/test/folder 6. chmod 770 /mnt/test/folder 7. setfacl -m u:user1:rwx /mnt/test/folder 8. su user1 9. cd /mnt/test/folder -----> permission denied Alternatively : 2.5 (between 2 step and 3): gluster volume set test stat-prefetch disable Result : not work 3bis (instead of 3. With/Without step 2.5) : mount -t glusterfs -o acl,enable-ino32 my-server:/test /mnt/test Result : not work I try on ubuntu 12.04, 12.04.3, archlinux. On 64 bits work fine, but 32 in none.
Are there any test we can do to unblock this bug? Thanks.
glusterfs 3.4.0 on both nodes [root@kernel]# mount -t glusterfs -o acl monitor.freevoice:/gfsdata /gfsdata [root@kernel]# su - apache -bash-4.1$ ls /gfsdata/testdir/ ls: cannot open directory /gfsdata/testdir/: Permission denied [root@kernel]# umount /gfsdata [root@kernel]# mount -t glusterfs monitor.freevoice:/gfsdata /gfsdata [root@kernel]# su - apache -bash-4.1$ ls /gfsdata/testdir/ -bash-4.1$ [root@kernel ~]# mount -t glusterfs -o acl,enable-ino32 monitor.freevoice:/gfsdata /gfsdata [root@kernel ~]# su - apache -bash-4.1$ ls /gfsdata/testdir/ ls: cannot open directory /gfsdata/testdir/: Permission denied BTW there is missing info about ACL attribute (mounted with -o acl) [root@kernel]#mount monitor.freevoice:/gfsdata on /gfsdata type fuse.glusterfs (rw,allow_other,max_read=131072)
it was tested on 3.4.1, not on 3.4.0
any news?
tested client:glusterfs-3.5.0-2.el6.i686 server:glusterfs-3.5.0-2.el6.x86_64 rpms from gluster.org still the same problem
GlusterFS 3.7.0 has been released (http://www.gluster.org/pipermail/gluster-users/2015-May/021901.html), and the Gluster project maintains N-2 supported releases. The last two releases before 3.7 are still maintained, at the moment these are 3.6 and 3.5. This bug has been filed against the 3,4 release, and will not get fixed in a 3.4 version any more. Please verify if newer versions are affected with the reported problem. If that is the case, update the bug with a note, and update the version if you can. In case updating the version is not possible, leave a comment in this bug report with the version you tested, and set the "Need additional information the selected bugs from" below the comment box to "bugs". If there is no response by the end of the month, this bug will get automatically closed.
GlusterFS 3.4.x has reached end-of-life. If this bug still exists in a later release please reopen this and change the version or open a new bug.
I just faced into this bug. It still occurs in latest glusterfs 3.10 release. The only workaround to get rid with it is to set: stat-prefetch disable
Poornima, Do you know anything about this issue?
Created attachment 1283367 [details] These are some of the brick logs which fill up log files with several Gigabytes per Day.
changing acls like removing some with: setfacl -b <directory/file> seems not working with stat-prefetch enable which seems default setting. I have tried with nfs3 gfs and glusterfs fuse client. but except millions of exceptions getting logged like shown in the attachment ( i needed to raise: diagnostics.brick-log-level: WARNING to prevent flooding my disk) , access to those directories and files on client side seems working. So im wondering where do the tons of permission denied comes from?
This bug reported is against a version of Gluster that is no longer maintained (or has been EOL'd). See https://www.gluster.org/release-schedule/ for the versions currently maintained. As a result this bug is being closed. If the bug persists on a maintained version of gluster or against the mainline gluster repository, request that it be reopened and the Version field be marked appropriately.