[lustre-discuss] cannot create file for unknown uid
Degremont, Aurelien
degremoa at amazon.com
Fri Aug 30 06:20:01 PDT 2019
Hello
I think that's expected. Lustre runs an identity upcall command on the MDT to get the user secondary groups. If it fails, Lustre returns a permission error.
See: http://doc.lustre.org/lustre_manual.xhtml#dbdoclet.l_getidentity
Try to disable it, confirm this is the reason of your problem.
If yes, and you need to be able resolve supplementary groups for known users but accept any unknown user ID, you will probably have to wrap this script to handle both cases.
Aurélien
Le 30/08/2019 15:14, « lustre-discuss au nom de Bernd Melchers » <lustre-discuss-bounces at lists.lustre.org au nom de melchers at zedat.fu-berlin.de> a écrit :
Dear all,
we use lustre 2.12.2 (CentOS-7.6) and observe a problem where file
creation for unknown userids is not possible. Background is that
we export our lustre file system with ganesha-nfs (nfs vers. 3) to
nfs clients with userids unknown to the (nfs-)server.
Attached is a short C Program to reproduce the problem.
Process runs as root, changes effective user id to an unknown user id
and creates a file:
/tmp is xfs, /scratch is lustre :
# ls -ld /tmp /scratch/tmp
drwxrwxrwt 9 root root 25600 Jun 3 14:47 /scratch/tmp
drwxrwxrwt. 132 root root 16384 Aug 30 15:06 /tmp
[working for xfs:] # ./debug1_lustre /tmp/testfile && echo success
success
[not working for lustre:] # ./debug1_lustre /scratch/tmp/testfile
/scratch/tmp/testfile: Permission denied
If i change the uid to a known uid, it works.
Is this a bug in lustre?
Mit freundlichen Grüßen
Bernd Melchers
--
Archiv- und Backup-Service | fab-service at zedat.fu-berlin.de
Freie Universität Berlin | Tel. +49-30-838-55905
More information about the lustre-discuss
mailing list