[Lustre-discuss] Setting lustre directory and content immutable but keep permissions

Andreas Dilger adilger at whamcloud.com
Wed Dec 14 15:18:55 PST 2011

On 2011-12-14, at 2:54 PM, Brock Palen wrote:
> For a policy issue with scratch space we want to lock a users scratch space that lives on lustre 1.8.x.
> We want users to be able to grab their data but not be able to add any more, they also do not need to delete files.
> We could recursively remove write bit, problem is we at time may wish to restore write access to the files with the same permissions they had before so we wish to not change the permissions.  We also don't want to put the stress of a bunch of chmod's on the MDS.
> So short is there a simple way to say 'directory and children not mutable'  that is undoable by an admin?

Mount the filesystem read-only on the clients...  Using:

client# mount -o remount,ro /mnt/lustre

will work on the mounted filesystems.  It needs to be done on all of the clients, and the "ro" option could be put into the client /etc/fstab.

It is also possible to actually mark files immutable with:

client# chattr -R +I /mnt/lustre

which needs to be done on only a single client, but it needs to walk the
whole filesystem to do this.  You could alternately mount the filesystem
locally on the MDS and do it directly to the ext4 filesystem more quickly, but it would take the filesystem offline.

Cheers, Andreas
Andreas Dilger 
Principal Engineer
Whamcloud, Inc.

More information about the lustre-discuss mailing list