996511 – server.allow-insecure should be visible in "gluster volume set help"

Bug 996511 - server.allow-insecure should be visible in "gluster volume set help"

Summary: server.allow-insecure should be visible in "gluster volume set help"

Keywords:
Status:	CLOSED EOL
Alias:	None
Product:	Red Hat Gluster Storage
Classification:	Red Hat Storage
Component:	glusterd
Sub Component:
Version:	2.1
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Bug Updates Notification Mailing List
QA Contact:	Lalatendu Mohanty
Docs Contact:
URL:
Whiteboard:	glusterd
Depends On:
Blocks:	1284390 1503423 1503424 1505373
TreeView+	depends on / blocked

Reported:	2013-08-13 10:24 UTC by Lalatendu Mohanty
Modified:	2017-10-23 12:46 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1284390 1503423 (view as bug list)
Environment:
Last Closed:	2015-12-03 17:23:20 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Lalatendu Mohanty 2013-08-13 10:24:15 UTC

Description of problem:

We are suggesting (documenting) customers to set "server.allow-insecure on" for samba/smb share access from RHS servers. 

But if i list the help of  gluster volume set i.e. "gluster volume set help" it is not there. 

However I can run the command successfully. Check the below commands and their output

#gluster volume set server.allow-insecure on

[root@rhs21ISoTest samba]# gluster volume info
 
Volume Name: gfs-vol1
Type: Distribute
Volume ID: 887dc3fe-5f93-4d45-85c9-91a714114de2
Status: Started
Number of Bricks: 2
Transport-type: tcp
Bricks:
Brick1: 10.70.35.220:/bricks/gfs-vol1-b1
Brick2: 10.70.35.220:/bricks/gfs-vol1-b2
Options Reconfigured:
performance.stat-prefetch: off
server.allow-insecure: on

I checked the code found that the volume set option "server.allow-insecure" is defined as "NO_DOC" type, which needs to be changed to fix the issue.

xlators/mgmt/glusterd/src/glusterd-volume-set.c

 { .key         = "server.allow-insecure",
          .voltype     = "protocol/server",
          .option      = "rpc-auth-allow-insecure",
          .type        = NO_DOC,
          .op_version  = 1
        },


Version-Release number of selected component (if applicable):

glusterfs-server-3.4.0.17rhs-1.el6rhs.x86_64

How reproducible:
always

Steps to Reproduce:
1. run gluster volume set help
2. check if help for "server.allow-insecure " is present


Actual results:

"server.allow-insecure " is not present in "gluster volume set help"


Expected results:

"server.allow-insecure " should be present in "gluster volume set help"

Additional info:

Comment 2 Christopher R. Hertel 2013-08-22 22:28:14 UTC

> We are suggesting (documenting) customers to set "server.allow-insecure on"
> for samba/smb share access from RHS servers.

This is more than a suggestion.  If the user does not enable server.allow-insecure, Samba (via vfs_glusterfs and libgfapi) will run out of available ports and fail to connect to the Gluster server daemon.  This will cause the SMB clients to fail to connect to the server with only an error message in the Samba logs.  See bug #981612.

This setting must be documented and available to users.

Comment 3 Vivek Agarwal 2015-12-03 17:23:20 UTC

Thank you for submitting this issue for consideration in Red Hat Gluster Storage. The release for which you requested us to review, is now End of Life. Please See https://access.redhat.com/support/policy/updates/rhs/

If you can reproduce this bug against a currently maintained version of Red Hat Gluster Storage, please feel free to file a new report against the current release.

Note You need to log in before you can comment on or make changes to this bug.