[lustre-discuss] Nodemap and setreuid/setregid

Hans Henrik Happe happe at nbi.dk
Thu Feb 6 05:14:16 PST 2020


Has anyone had success with gocryptfs 1.7.x on top of a Lustre nodemap?

I've tested with Lustre 2.12.3.

I found that gocryptfs 1.6 worked. However, with 1.7.x I got a lot of
"Permission denied". I tried all permutations of trusted and admin on
the nodemap.

By stracing a bit, I've created a small peace of code provoking the issue:


#include <unistd.h>
#include <sys/types.h>
#include <fcntl.h>
#include <stdio.h>

int main() {
  int r;

  setregid(-1, 501);
  setreuid(-1, 501);

  r = open("foo", O_CREAT, S_IRWXU);
  if (r < 0) {
  return 0;


When run as root in a directory owned by uid=501 and gid=501 in a
nodemap based Lustre fs it returns:

open: Permission denied

Works when I deactivate nodemap (lctl nodemap_activate 0) or just use a
plain local fs.

I don't think this is intended behavior for nodemaps, but I might be wrong.

Hans Henrik

More information about the lustre-discuss mailing list