On Jan 26, 2020, at 15:15, Hans Henrik Happe <[email protected]<mailto:[email protected]>> wrote:
Hi, When looking into the documentation (28.2.1) and also while testing, it seems that it is not possible to give a tenant access to a fileset like it was a regular lustre fs. I would like to map IDs to a separate range including root (0). This works when admin=0 for the nodemap, but then root will not be able to modify other user's files. In admin=1 mode, root is not mapped and will become id 0 on the underlying fs. Have I missed a way to accomplish this? If not it would be on my wishlist. Mapping ranges is also on that list. My understanding is that if root is mapped, and admin=0, then the "root" user on the client node could still use client-side access to impersonate other users (e.g. "su - user -c command", assuming that "user" is part of the nodemap for that client), and perform other commands locally. This does not extend to the filesystem operations themselves, because that would make containers insecure as "root" within the container image could perform any action they wanted. I could also see a lot of quota control scenarios for this kind of setup. I.e. allow to control quotas for mapped UIDs and GIDs, but not others. That likely needs some other kind of permission granting, which does not exist today. Otherwise, again "root" users in a container could assign any quota they like, which is probably not what most sysadmins want. You _might_ be able to use project quotas to handle this within the nodemap, but it isn't clear what you want to do in the end. Cheers, Andreas -- Andreas Dilger Principal Lustre Architect Whamcloud
_______________________________________________ lustre-discuss mailing list [email protected] http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org
