<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
Hi,<br>
<br>
Thanks for a very quick reply :-) Here are the map:<br>
<br>
# lctl get_param nodemap.sif.*<br>
nodemap.sif.admin_nodemap=1<br>
nodemap.sif.audit_mode=1<br>
nodemap.sif.deny_unknown=0<br>
nodemap.sif.exports=<br>
[<br>
{ nid: 172.25.10.51@tcp, uuid: 56bb9b04-9bb5-d7b5-3f50-d62804690db1
},<br>
]<br>
nodemap.sif.fileset=/sif<br>
nodemap.sif.id=2<br>
nodemap.sif.idmap=<br>
[<br>
{ idtype: uid, client_id: 501, fs_id: 20501 },<br>
{ idtype: gid, client_id: 501, fs_id: 20501 }<br>
]<br>
nodemap.sif.map_mode=both<br>
nodemap.sif.ranges=<br>
[<br>
{ id: 11, start_nid: 172.25.1.28@tcp, end_nid: 172.25.1.28@tcp },<br>
{ id: 10, start_nid: 172.25.1.27@tcp, end_nid: 172.25.1.27@tcp },<br>
{ id: 9, start_nid: 172.25.10.51@tcp, end_nid: 172.25.10.51@tcp }<br>
]<br>
nodemap.sif.sepol=<br>
<br>
nodemap.sif.squash_gid=20000<br>
nodemap.sif.squash_uid=20000<br>
nodemap.sif.trusted_nodemap=0<br>
<br>
Cheers,<br>
Hans Henrik<br>
<br>
<div class="moz-cite-prefix">On 06.02.2020 14.17, Sebastien Buisson
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:7C9CA931-6DA1-42FE-B908-891E28BB5451@ddn.com">
<pre class="moz-quote-pre" wrap="">Hi,
It might be due to a property on the nodemap you defined.
Could you please dump your nodemap definition?
Thanks,
Sebastien.
</pre>
<blockquote type="cite">
<pre class="moz-quote-pre" wrap="">Le 6 févr. 2020 à 14:14, Hans Henrik Happe <a class="moz-txt-link-rfc2396E" href="mailto:happe@nbi.dk"><happe@nbi.dk></a> a écrit :
Hi,
Has anyone had success with gocryptfs 1.7.x on top of a Lustre nodemap?
I've tested with Lustre 2.12.3.
I found that gocryptfs 1.6 worked. However, with 1.7.x I got a lot of
"Permission denied". I tried all permutations of trusted and admin on
the nodemap.
By stracing a bit, I've created a small peace of code provoking the issue:
---
#include <unistd.h>
#include <sys/types.h>
#include <fcntl.h>
#include <stdio.h>
int main() {
int r;
setregid(-1, 501);
setreuid(-1, 501);
r = open("foo", O_CREAT, S_IRWXU);
if (r < 0) {
perror("open");
}
return 0;
}
---
When run as root in a directory owned by uid=501 and gid=501 in a
nodemap based Lustre fs it returns:
open: Permission denied
Works when I deactivate nodemap (lctl nodemap_activate 0) or just use a
plain local fs.
I don't think this is intended behavior for nodemaps, but I might be wrong.
Cheers,
Hans Henrik
_______________________________________________
lustre-discuss mailing list
<a class="moz-txt-link-abbreviated" href="mailto:lustre-discuss@lists.lustre.org">lustre-discuss@lists.lustre.org</a>
<a class="moz-txt-link-freetext" href="http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org">http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org</a>
</pre>
</blockquote>
<pre class="moz-quote-pre" wrap="">
</pre>
</blockquote>
<br>
</body>
</html>