[lustre-discuss] problems accessing files as non-root user.
Patrick Farrell
paf at cray.com
Tue Dec 13 04:27:29 PST 2016
Yes, the other choices to having the MDS able to do auth itself are strictly trusting all UIDS/GIDS it is sent or rejecting those it can't auth itself. The first is semi-acceptable in some setups... but really fixing it is probably better.
________________________________
From: Phill Harvey-Smith <p.harvey-smith at warwick.ac.uk>
Sent: Tuesday, December 13, 2016 3:46:30 AM
To: Patrick Farrell; Carlson, Timothy S; lustre-discuss at lists.lustre.org
Subject: Re: [lustre-discuss] problems accessing files as non-root user.
On 12/12/2016 17:27, Patrick Farrell wrote:
> Perhaps more expansively:
> Is the new MDS configured to be able to authenticate these users? Using
> /etc/passwd synchronization to do network auth is nasty. It's just
> asking for weird troubles if you don't get it exactly right. LDAP or
> similar is the way to go.
This time replying to group as well :)
That could be it, the cluster has a nis server for user management, so I
guess I need to add the nis client to the MDS. I'd not done this as I
didn't think it would be needed and would prevent the normal users from
logging in directly to the MDS. But thinking about the way Lustre
operates, I can see why it would be needed.
Having installed nis on the MDS i can confirm that this does indeed seem
to have fixed the permissions problem.
Thanks for the speedy replies all.
Cheers.
Phill.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lustre.org/pipermail/lustre-discuss-lustre.org/attachments/20161213/a6df9996/attachment.htm>
More information about the lustre-discuss
mailing list