1

I'm putting together a horizontally scaled Apache/GluserFS setup. I'm trying to figure out how Gluster deals with permissions. I'm going to have several hosts reading and writing to the Gluster File System. I understand the basics of Linux file system permissions (ugo/rwe). I want to give one user (actually one user per host) certain file system permissions.

Basically, I want to give the www-data user (and only the www-data) on each host read/write permissions on the GlusterFS backed web directory tree. Is this possible? Are Gluster file permission based on the name, or the user ID?

three-cups
  • 113
  • 1
  • 5

2 Answers2

3

As kband already answered, the normal user/group/mode logic applies with GlusterFS. As an alternative to a central authentication system like NIS, LDAP or AD, you could also have a systems integration tool like Chef create local users and groups on all servers with identical IDs.

On a higher level, there's the option "auth.addr.brick1.allow" in glusterfsd.vol that controls what clients (IP addresses) are allowed to connect to the cluster at all.

geewiz
  • 590
  • 3
  • 4
2

From their FAQ GlusterFS is fully POSIX complaint

So you should be able to setup the permissions as you normally would. On linux permissions are based on user id (UID) and group id (GID), which you could check with something like ls -ln the '-n' will return the numerical vaules instead of the 'username'.

kband
  • 459
  • 2
  • 6
  • 1
    How can I ensure that my users have the same UID across hosts? I'm guessing that I can specify this in the useradd/usermod tools? Is this standard practice? – three-cups Apr 17 '11 at 17:59
  • 1
    Standard practice would be to use a centralized authentication system, like ldap or Active directory. Although if you have a very small number of hosts/users you can just set them manually. You mentioned the www-data user in your question - as long as the hosts in your cluster are consistant, then should all have the same UID/GID. – kband Apr 17 '11 at 20:20