Hi Fred, From the tests I have done changing the ACL results in just an ‘update’ to when using Spectrum Protect, even on migrated files.
Kindest regards, Paul Paul Ward TS Infrastructure Architect Natural History Museum T: 02079426450 E: [email protected] From: [email protected] <[email protected]> On Behalf Of Frederick Stock Sent: 15 October 2019 17:09 To: [email protected] Cc: [email protected] Subject: Re: [gpfsug-discuss] default owner and group for POSIX ACLs As I understand if you change only the POSIX attributes on a file then you are correct that TSM will only backup the file metadata, actually just the POSIX relevant metadata. However, if you change ACLs or other GPFS specific metadata then TSM will backup the entire file, TSM does not keep all file metadata separate from the actual file data. Fred __________________________________________________ Fred Stock | IBM Pittsburgh Lab | 720-430-8821 [email protected]<mailto:[email protected]> ----- Original message ----- From: Simon Thompson <[email protected]<mailto:[email protected]>> Sent by: [email protected]<mailto:[email protected]> To: gpfsug main discussion list <[email protected]<mailto:[email protected]>> Cc: Subject: [EXTERNAL] Re: [gpfsug-discuss] default owner and group for POSIX ACLs Date: Tue, Oct 15, 2019 11:41 AM I thought Spectrum Protect didn't actually backup again on a file owner change. Sure mmbackup considers it, but I think Protect just updates the metadata. There are also some other options for dsmc that can stop other similar issues if you change ctime maybe. (Other backup tools are available) Simon On 15/10/2019, 15:31, "[email protected] on behalf of Jonathan Buzzard<mailto:[email protected]%20on%20behalf%20of%20Jonathan%20Buzzard>" <[email protected] on behalf of [email protected]<mailto:[email protected]%20on%20behalf%20of%[email protected]>> wrote: On Tue, 2019-10-15 at 12:34 +0000, Paul Ward wrote: > We are in the process of changing the way GPFS assigns UID/GIDs from > internal tdb to using AD RIDs with an offset that matches our linux > systems. We, therefore, need to change the ACLs for all the files in > GPFS (up to 80 million). You do realize that will mean backing everything up again.... > We are running in mixed ACL mode, with some POSIX and some NFSv4 ACLs > being applied. (This system was set up 14 years ago and has changed > roles over time) We are running on linux, so need to have POSIX > permissions enabled. We run on Linux and only have NFSv4 ACL's applied. I am not sure why you need POSIX ACL's if you are running Linux. Very very few applications will actually check ACL's or even for that matter permissions. They just do an fopen call or similar and the OS either goes yeah or neah, and the app needs to do something in the case of neah. > > What I want to know for those in a similar environment, what do you > have as the POSIX owner and group, when NFSv4 ACLs are in use? > root:root > > or do you have all files owned by a filesystem administrator account > and group: > <ad service account>:<ad fileserver admin group> > > on our samba shares we have : > admin users = @<ad fileserver admin group> > So don’t actually need the group defined in POSIX. > Samba works much better with NFSv4 ACL's. JAB. -- Jonathan A. Buzzard Tel: +44141-5483420 HPC System Administrator, ARCHIE-WeSt. University of Strathclyde, John Anderson Building, Glasgow. G4 0NG _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org gpfsug.org<outlook.com> _______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org gpfsug.org<outlook.com>
_______________________________________________ gpfsug-discuss mailing list gpfsug-discuss at spectrumscale.org http://gpfsug.org/mailman/listinfo/gpfsug-discuss
