Project

General

Profile

Actions

Bug #2657

open

Needs acl to migrate our servers

Added by ferney almost 10 years ago. Updated almost 10 years ago.

Status:
New
Priority:
High
Assignee:
-
Category:
Feature request
Target version:
Start date:
03/28/2014
Due date:
% Done:

0%

Estimated time:

Description

Hi all, (sry: my first post and i place in submit! sry i resend it )
im member of MATHRICE (http://www.mathrice.fr & http://math.cnrs.fr) a group of System manager in mathematics laboratory in france.
We have a lot of computers on 5 cities and would migrate our storage (data, VM disk... ) on 8 redondants DragonFly servers.
But we have a lot of services of web hosting for our users and
we use actually fACLs
on nfs htdocs directory.
So we have migrate a lot of services but we cant replace our linux servers
cause we need this functionality.
I think that to make hammer an attractive actual file server, it 's a lack to not have fACLs
or a support of them on nfs share.

Can you tell me if it could be a priority for you to incorporate this on Dragonfly
or if we need to maintain 2 files nfs servers in // ?
I think samba need it and it was great to have setfacl / getfacl and support of fACLs on nfs share.

We have discuss this with f. Tigeot and he said me to write this first bugtrackers
Thanks a lot (and sorry for my poor english ;-))

Damien Ferney for Mathrice Team

Actions #1

Updated by ftigeot almost 10 years ago

  • Category set to Feature request

This is not really a bug, more like a feature request.

In order to know what to do, we first have to understand the problem.

As far as I know, NFS ACLs are a feature of NFSv4.
Are you using NFSv4 with your Linux boxes ? Were you planning to use NFSv4 with DragonFly ?

Actions #2

Updated by ferney almost 10 years ago

Hi, Thank you for interesting you in our problem

Yes its a new feature but in bugs@ i have only found submit / bugs items

no! ACLs are on NfsV3 or V2 !
in fact there is an implementation of Posix draft acl.

see http://wiki.linux-nfs.org/wiki/index.php/ACLs :

"Some NFSv2 and v3 implementations support ACLs based on POSIX draft
ACLs which depend on a separate rpc program (instead of being part of
the NFS protocol itself). "

The NFSv4 protocol includes integrated support for ACLs which are
similar to those used by Windows. NFSv4 ACLs are richer than POSIX draft
ACLs--any POSIX ACL can be represented by an NFSv4 ACL with almost the
same semantics, whereas the reverse is not true. "

and actualy we use acl on nfsv3 mounts on slaves with a nfsv2/3/4 server.

i have read :
that hammer have structure to support acls but no marks of shell command
or implementations.

We found in DragonFly :
man 3 acl
and
man 9 acl

but there is not implemented or there isnt the commands getfacl or setfacl
like in Freebsd or others linux systems. (FreeBSD: setfacl(1),
getfacl(1), acl(3), acl(9))

[i dont know if there is a kernel link with others commands : (
getextattr(8), setextattr(8),extattr(9), lsextattr(8))]

Furthermore, i find some old demands in
http://leaf.dragonflybsd.org/mailarchive/kernel/2006-07/msg00003.html
or
http://leaf.dragonflybsd.org/mailarchive/users/2007-02/msg00201.html
or
http://leaf.dragonflybsd.org/mailarchive/users/2006-03/msg00128.html

and i read :
https://www.dragonflybsd.org/docs/unknown/Filesystem/
"Files and Directories

As has been described, a data object (which can be a file or directory
or other filesystem entity) is identified by a data object id, which is
effectively its inode, and a 64 bit key field. The key field is
typically a base offset for a file or a sortable key for a directory
entry. Negative numbers are used for meta-data. For example, -1 will be
used for the inode data & stat information. Other negative numbers will
be used to support other meta-data such as ACLs."

I think now a lot of Files system permit acls and it would be a good
idea ;-) if they were supported by dragonFly nfs export.

A good idea of what they are acls can be read in
http://www.bsdnewsletter.com/bsda-book/View_and_modify_ACLs.html

We use this on linux box where we give some rights to users/groups of
users on http files to modify web contents because we admin a server
farm (100 apaches sites ) on 7-8 linux virtual serveurs.

Thanks a lot if u can do something it would be usefull to a lot af
users i think!
anf finaly, yes if we can we will use nfsv4 server on dragonfly if this
exist, but nfsv3 is enough actualy if he has an acl posix
implementation.
Actualy we use Dragonfly (and hammer ) as nfs export of files which
represents Virtual machines disks of kvm virtual servers but We are
blocked in our migration by this lack of acls facilities.

Bests regards
Damien Ferney

Le 29/03/2014 10:17, a écrit :

Issue #2657 has been updated by ftigeot.

Category set to Feature request

This is not really a bug, more like a feature request.

In order to know what to do, we first have to understand the problem.

As far as I know, NFS ACLs are a feature of NFSv4.
Are you using NFSv4 with your Linux boxes ? Were you planning to use NFSv4 with DragonFly ?

----------------------------------------
Bug #2657: Needs acl to migrate our servers
http://bugs.dragonflybsd.org/issues/2657#change-11904

  • Author: ferney
  • Status: New
  • Priority: High
  • Assignee:
  • Category: Feature request
  • Target version:
    ----------------------------------------
    Hi all, (sry: my first post and i place in submit! sry i resend it )
    im member of MATHRICE (http://www.mathrice.fr & http://math.cnrs.fr) a group of System manager in mathematics laboratory in france.
    We have a lot of computers on 5 cities and would migrate our storage (data, VM disk... ) on 8 redondants DragonFly servers.
    But we have a lot of services of web hosting for our users and
    we use actually fACLs
    on nfs htdocs directory.
    So we have migrate a lot of services but we cant replace our linux servers
    cause we need this functionality.
    I think that to make hammer an attractive actual file server, it 's a lack to not have fACLs
    or a support of them on nfs share.

Can you tell me if it could be a priority for you to incorporate this on Dragonfly
or if we need to maintain 2 files nfs servers in // ?
I think samba need it and it was great to have setfacl / getfacl and support of fACLs on nfs share.

We have discuss this with f. Tigeot and he said me to write this first bugtrackers
Thanks a lot (and sorry for my poor english ;-))

Damien Ferney for Mathrice Team

--
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Damien FERNEY Tel:04.73.40.70.68
Laboratoire de Mathematiques Fax:04.73.40.70.64
Université Blaise Pascal (Clermont Ferrand2)
24 av. des landais 63177 AUBIERE Cedex
--------------------------------------------------------------------

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Actions

Also available in: Atom PDF