gluster
auth.allow with subdir rule permission error.
Description of problem: Problem with “auth.allow” if try subdirectory rule.
The exact command to reproduce the issue: server: gluster volume set volume-01 auth.allow "/test-01(192.168.40.73)" client (192.168.40.73): mount -t glusterfs sofalvin-gluster-test:volume-01/test-1 /opt/gfs-test-1
The full output of the command that failed: [2023-03-21 16:11:22.111217 +0000] I [rpc-clnt.c:1967:rpc_clnt_reconfig] 0-volume-01-client-0: changing port to 60264 (from 0) [2023-03-21 16:11:22.111311 +0000] I [socket.c:848:__socket_shutdown] 0-volume-01-client-0: intentional socket shutdown(12) [2023-03-21 16:11:22.112221 +0000] I [MSGID: 114057] [client-handshake.c:1126:select_server_supported_programs] 0-volume-01-client-0: Using Program [{Program-name=GlusterFS 4.x v1}, {Num=1298437}, {Version=400}] [2023-03-21 16:11:22.113209 +0000] W [MSGID: 114043] [client-handshake.c:726:client_setvolume_cbk] 0-volume-01-client-0: failed to set the volume [{errno=13}, {error=Permission denied}] [2023-03-21 16:11:22.113250 +0000] W [MSGID: 114007] [client-handshake.c:751:client_setvolume_cbk] 0-volume-01-client-0: failed to get from reply dict [{process-uuid}, {errno=22}, {error=Invalid argument}] [2023-03-21 16:11:22.113276 +0000] E [MSGID: 114044] [client-handshake.c:756:client_setvolume_cbk] 0-volume-01-client-0: SETVOLUME on remote-host failed [{remote-error=Authentication failed}, {errno=13}, {error=Permission denied}] [2023-03-21 16:11:22.113293 +0000] I [MSGID: 114049] [client-handshake.c:865:client_setvolume_cbk] 0-volume-01-client-0: sending AUTH_FAILED event [] [2023-03-21 16:11:22.113323 +0000] E [fuse-bridge.c:6483:notify] 0-fuse: Server authentication failed. Shutting down. [2023-03-21 16:11:22.113375 +0000] I [fuse-bridge.c:7063:fini] 0-fuse: Unmounting '/opt/gfs-test-1'. [2023-03-21 16:11:22.114068 +0000] I [fuse-bridge.c:7067:fini] 0-fuse: Closing fuse connection to '/opt/gfs-test-1'. [2023-03-21 16:11:22.114965 +0000] W [glusterfsd.c:1432:cleanup_and_exit] (-->/lib/x86_64-linux-gnu/libpthread.so.0(+0x8ea7) [0x7f65f04c8ea7] -->/usr/sbin/glusterfs(glusterfs_sigwaiter+0xc5) [0x556d5e342175] -->/usr/sbin/glusterfs(cleanup_and_exit+0x57) [0x556d5e33a4f7] ) 0-: received signum (15), shut
Expected results:
Mandatory info:
- The output of the gluster volume info command:
root@sofalvin-gluster-test:~# gluster volume info
Volume Name: volume-01 Type: Distribute Volume ID: 95a31102-5010-478a-8e0e-eb1e63409507 Status: Started Snapshot Count: 0 Number of Bricks: 1 Transport-type: tcp Bricks: Brick1: sofalvin-gluster-test:/data/glusterfs/volume-01-node1 Options Reconfigured: auth.allow: 192.168.40.73 storage.fips-mode-rchecksum: on transport.address-family: inet nfs.disable: on
- The output of the gluster volume status command:
Status of volume: volume-01
Gluster process TCP Port RDMA Port Online Pid
Brick sofalvin-gluster-test:/data/glusterfs /volume-01-node1 60264 0 Y 13776
Task Status of Volume volume-01
There are no active volume tasks
- The output of the gluster volume heal command:
**- Provide logs present on following locations of client and server nodes - /var/log/glusterfs/
**- Is there any crash ? Provide the backtrace and coredump
Additional info:
after: gluster volume set volume-01 auth.allow "192.168.40.73" everything fine when i try mount “test-1" subdir. so the problem is the auth.allow subdir method. https://docs.gluster.org/en/latest/release-notes/3.12.0/#ability-to-mount-sub-directories-using-the-gluster-fuse-protocol
What do I do wrong ? what could be the problem? Gluster 10
- The operating system / glusterfs version:
glusterfs 10.3 Repository revision: git://git.gluster.org/glusterfs.git Copyright (c) 2006-2016 Red Hat, Inc. https://www.gluster.org/
Note: Please hide any confidential data which you don't want to share in public like IP address, file name, hostname or any other configuration
If host sofalvin-gluster-test is also your client, it could be resolving in your hosts file to 127.0.0.1, and the connection could be done via the loopback interface. Check if adding 127.0.0.1 to the list helps.
