<div dir="ltr">Tried this on beta1 too, same results, have pushed it all into a bug here: <a href="https://bugzilla.redhat.com/show_bug.cgi?id=962450">https://bugzilla.redhat.com/show_bug.cgi?id=962450</a></div><div class="gmail_extra">
<br><br><div class="gmail_quote">On Tue, May 7, 2013 at 5:42 PM, James Yale <span dir="ltr"><<a href="mailto:james.yale@pun.net" target="_blank">james.yale@pun.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="HOEnZb"><div class="h5">On Sat, May 4, 2013 at 12:54 AM, James Yale <<a href="mailto:james.yale@pun.net">james.yale@pun.net</a>> wrote:<br>
> Wonder if someone can point me in the right direction here - just<br>
> built some new bricks running gluster 3.4 alpha 3 (from<br>
> <a href="http://download.gluster.org" target="_blank">http://download.gluster.org</a>) with the objective of testing them to<br>
> replace some existing 3.2 systems in production.<br>
><br>
> The main thing I was after was NFS ACL support, however on getting<br>
> everything setup, I still don't seem to be able to see POSIX extended<br>
> ACLs on the filesystem when mounted via NFS, they as ever show up fine<br>
> when mounted via the gluster fuse client.<br>
><br>
> I know NFS ACL support is on the feature list for 3.4, I'm wondering<br>
> if it's not yet included in the alphas?<br>
><br>
> Thanks!<br>
><br>
> James<br>
><br>
> Basic test output below:<br>
><br>
> [jim@puppet testdir]$ sudo mount -t nfs -o nfsvers=3,acl<br>
> webcontent:/ssl /tmp/nfs/<br>
> [jim@puppet testdir]$ sudo mount -t glusterfs -o acl webcontent:/ssl<br>
> /tmp/gluster/<br>
><br>
> [jim@puppet testdir]$ ls -la /tmp/nfs/testdir/<br>
> total 8<br>
> drwxrwxr-x 2 root root 4096 May 4 00:50 .<br>
> drwxr-xr-x 10 root root 4096 May 4 00:49 ..<br>
> -rw-rwxr-- 1 root root 0 May 4 00:50 file1<br>
> -rw-r--r-- 1 root root 0 May 4 00:50 file2<br>
> -rw-r--r-- 1 root root 0 May 4 00:50 file3<br>
><br>
> [jim@puppet testdir]$ ls -la /tmp/gluster/testdir/<br>
> total 8<br>
> drwxrwxr-x+ 2 root root 4096 May 4 00:50 .<br>
> drwxr-xr-x 10 root root 4096 May 4 00:49 ..<br>
> -rw-rwxr--+ 1 root root 0 May 4 00:50 file1<br>
> -rw-r--r-- 1 root root 0 May 4 00:50 file2<br>
> -rw-r--r-- 1 root root 0 May 4 00:50 file3<br>
><br>
> [jim@puppet testdir]$ getfacl /tmp/nfs/testdir/file1<br>
> getfacl: /tmp/nfs/testdir/file1: Invalid argument<br>
><br>
> [jim@puppet testdir]$ getfacl /tmp/gluster/testdir/file1<br>
> getfacl: Removing leading '/' from absolute path names<br>
> # file: tmp/gluster/testdir/file1<br>
> # owner: root<br>
> # group: root<br>
> user::rw-<br>
> group::r--<br>
> group:apache:rwx<br>
> mask::rwx<br>
> other::r--<br>
<br>
</div></div>To expand on this, I've done some further testing - quite strange results.<br>
<br>
I brought up a new pair of bricks running 3.4 alpha 3, peer probed,<br>
created (replica) volumes and rsync'd my data on - I was worried that<br>
last time I might have accdentially rsync'd the .glusterfs directory<br>
so made sure to avoid it this time.<br>
<br>
I'm getting the same error as before, but I've noticed a further<br>
oddity, existing directories produce the invalid argument error when<br>
access with getfacl:<br>
<br>
[jim@web02 ~]$ getfacl /mnt/webcontent/sites/<br>
getfacl: /mnt/webcontent/sites/: Invalid argument<br>
<br>
However creating a new directory allows getfacl and setfacl to be used<br>
to view and set ACLs, but the changes then are only visible to the nfs<br>
client, and aren't visible on the server, or to clients mounting the<br>
file system over the fuse client. Please see below for details:<br>
<br>
[jim@web02 ~]$ sudo mkdir /mnt/webcontent/test<br>
<br>
[jim@web02 ~]$ ls -la /mnt/webcontent/<br>
total 24<br>
drwxr-xr-x 7 root root 4096 May 7 17:18 .<br>
drwxr-xr-x. 5 root root 4096 Sep 3 2012 ..<br>
drwxrwx--- 3 jim jim 4096 Feb 22 2012 adminserver<br>
drwxrwx--- 7 root root 4096 Mar 7 14:02 sites<br>
drwxr-xr-x 2 root root 4096 May 7 17:18 test<br>
drwxrwx--- 4 jim jim 4096 Feb 28 2012 webserver<br>
<br>
[jim@web02 ~]$ getfacl /mnt/webcontent/test/<br>
<div class="im">getfacl: Removing leading '/' from absolute path names<br>
</div># file: mnt/webcontent/test/<br>
<div class="im"># owner: root<br>
# group: root<br>
</div>user::rwx<br>
group::r-x<br>
other::r-x<br>
<br>
[jim@web02 ~]$ sudo setfacl -R -m g:apache:rwx /mnt/webcontent/test/<br>
<br>
[jim@web02 ~]$ getfacl /mnt/webcontent/test/<br>
<div class="im">getfacl: Removing leading '/' from absolute path names<br>
</div># file: mnt/webcontent/test/<br>
<div class="im"># owner: root<br>
# group: root<br>
</div>user::rwx<br>
group::r-x<br>
<div class="im">group:apache:rwx<br>
mask::rwx<br>
</div>other::r-x<br>
<br>
[jim@web02 ~]$ ls -la /mnt/webcontent/<br>
total 24<br>
drwxr-xr-x 7 root root 4096 May 7 17:18 .<br>
drwxr-xr-x. 5 root root 4096 Sep 3 2012 ..<br>
drwxrwx--- 3 jim jim 4096 Feb 22 2012 adminserver<br>
drwxrwx--- 7 root root 4096 Mar 7 14:02 sites<br>
drwxr-xr-x+ 2 root root 4096 May 7 17:18 test<br>
drwxrwx--- 4 jim jim 4096 Feb 28 2012 webserver<br>
<br>
Meanwhile on the server:<br>
<br>
[jim@webcontent08 ~]$ ls -la /exports/webcontent/<br>
total 44<br>
drwxr-xr-x 7 root root 4096 May 7 17:18 .<br>
drwxr-xr-x 6 root root 4096 May 7 16:37 ..<br>
drwxrwx---+ 3 jim jim 4096 Feb 22 2012 adminserver<br>
drw------- 260 root root 4096 May 7 16:43 .glusterfs<br>
drwxrwx---+ 7 root root 4096 Mar 7 14:02 sites<br>
drwxr-xr-x 2 root root 4096 May 7 17:18 test<br>
drwxrwx---+ 4 jim jim 4096 Feb 28 2012 webserver<br>
<br>
And a gluster FUSE client:<br>
<br>
[jim@webcontent07 tmp]$ ls -la webcontent/<br>
total 24<br>
drwxr-xr-x 7 root root 4096 May 7 17:18 .<br>
drwxrwxrwt. 8 root root 4096 May 7 17:21 ..<br>
drwxrwx---+ 3 jim jim 4096 Feb 22 2012 adminserver<br>
drwxrwx---+ 7 root root 4096 Mar 7 14:02 sites<br>
drwxr-xr-x 2 root root 4096 May 7 17:18 test<br>
drwxrwx---+ 4 jim jim 4096 Feb 28 2012 webserver<br>
<br>
<br>
Any suggestions on what to try next would be appreciated, thanks!<br>
</blockquote></div><br></div>