Hi Sam,
Sure. Those seemed like good things to have (and we already have
them). We're removing those features now?
Not really removing them.. We still get these features indirectly though.
Now we expect admins to create separate home
directories for each user and chown them to those users only. So users
cannot stomp on each other anymore. But yes, you are correct in that
we cannot have users create directories for themselves at the top
level..
Seems like we're vacillating. Maybe its too much work to add an
option that enables/disables the sticky bit on the root dir, but if
setting extended attributes is the only win without the sticky bit,
and we lose the ability for users to add directories to the root
themselves (like /tmp as you mention), it seems like the latter is
more generally useful.
Hmm.. yeah.. that is true. I think I will let you guys decide how you want
this problem to be solved. Unfortunately, we cannot have both (i.e. sticky
and setting xattrs on root through the kernel interface). that said, the
libpvfs2 system interface would let that work correctly if Phil is
willing to live with that
although I doubt that is true..
I guess it seems like we (you especially) already spent the time to
think about this, and came up with the sticky bit as the best
option. You implemented it, and its in the code. I think its
generally useful to have -- sure we can make admins do more work --
but we're not adding functionality here, we're taking it away.
hehe; thats why I asked you guys :)
I am ok either ways!
I agree with Phil that it would be nice to set an xattr on the root
do and let it get inherited for the entire fs, but I'm not sure we've
spent much time thinking about that. Certainly we already have a
config option for the distribution -- and all files inherit that
dist. Are we going to get rid of that option? Otherwise, won't it
conflict with the dist_name xattr that we can set on dirs?
hold on.. I did not realize that phil wanted this for the entire FS.
We only have ways of inheriting 1 level, don't we?
thanks!
Murali
-sam
> thanks,
> Murali
>>
>> -sam
>>
>> > I will send out a patch to do this trick *if* folks are willing to
>> > live with no top-level
>> > files or dirs...
>> > Murali
>> >
>> > On 6/28/07, Sam Lang <[EMAIL PROTECTED]> wrote:
>> >>
>> >> Hi Murali,
>> >>
>> >> Can't we just have people remove the sticky bit so they can set
>> >> xattrs?
>> >>
>> >> -sam
>> >>
>> >> On Jun 28, 2007, at 12:37 PM, Murali Vilayannur wrote:
>> >>
>> >> > Phil,
>> >> > Umm.. The problem is that we mark the root directory as sticky
>> >> so that
>> >> > users can create files/directories at the top level instead of
>> >> having
>> >> > admins create directories owned by a user under top level. The
>> >> kernel
>> >> > does not allow setxattr on inodes marked sticky..
>> >> >
>> >> > if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
>> >> > if (!S_ISREG(inode->i_mode) &&
>> >> > (!S_ISDIR(inode->i_mode) || inode->i_mode &
>> >> > S_ISVTX)) <--
>> >> > return -EPERM;
>> >> > }
>> >> > Thats why we don't even have a chance to subvirt those checks..
>> >> > What do you guys suggest? Shall we step back and make the root
>> >> > directory non-sticky by default? That way admins will need to
>> >> > explicitly create user directories etc and chown them.
>> >> > I think a rerun of ltp may also be required if we do this
>> change.
>> >> > comments?
>> >> > Murali
>> >> >
>> >> > On 6/28/07, Phil Carns <[EMAIL PROTECTED]> wrote:
>> >> >> This is with 2.6 (both very recent and relatively old
>> >> version). Many
>> >> >> thanks for looking at it.
>> >> >>
>> >> >> -Phil
>> >> >>
>> >> >> Murali Vilayannur wrote:
>> >> >> > hi Phil,
>> >> >> > Are you using 2.4. kernel versions? or 2.6?
>> >> >> > If xattrs dont work, ACLs also won't work.
>> >> >> > I will dig into this and let you know what I find out..
>> >> >> > thanks,
>> >> >> > Murali
>> >> >> >
>> >> >> > On 6/28/07, Phil Carns <[EMAIL PROTECTED]> wrote:
>> >> >> >> I am interested in this because it would be nice to be able
>> >> to set
>> >> >> >> tuning options at the root directory level without modifying
>> >> >> the server
>> >> >> >> side configuration files. I also wonder if this issue would
>> >> cause
>> >> >> >> problems for ACLs on the root directory.
>> >> >> >>
>> >> >> >> -Phil
>> >> >> >>
>> >> >> >> Murali Vilayannur wrote:
>> >> >> >> > Hey Phil,
>> >> >> >> > Sorry I forgot to get back to you on this..
>> >> >> >> > No I don't think this would work.
>> >> >> >> > It is a kernel module issue that I hadnt tracked down
>> fully..
>> >> >> >> > Do you need this feature?
>> >> >> >> > thanks,
>> >> >> >> > Murali
>> >> >> >> >
>> >> >> >> > On 6/27/07, Phil Carns <[EMAIL PROTECTED]> wrote:
>> >> >> >> >> Just pinging on this one again- has any one else
>> bumped into
>> >> >> this
>> >> >> >> >> problem?
>> >> >> >> >>
>> >> >> >> >> -Phil
>> >> >> >> >>
>> >> >> >> >> Phil Carns wrote:
>> >> >> >> >> > It looks like pvfs2 does not allow you to set xattrs on
>> >> >> the root
>> >> >> >> >> > directory. Is this expected?
>> >> >> >> >> >
>> >> >> >> >> > # checking the mount options:
>> >> >> >> >> >
>> >> >> >> >> > > mount -t pvfs2
>> >> >> >> >> > tcp://localhost:3334/pvfs2-fs on /mnt/pvfs2 type pvfs2
>> >> >> >> (rw,user_xattr)
>> >> >> >> >> >
>> >> >> >> >> > # confirming that xattrs can be set on a normal
>> directory:
>> >> >> >> >> >
>> >> >> >> >> > > setfattr -n user.pvfs2.num_dfiles -v "1" /mnt/pvfs2/
>> >> dir1
>> >> >> >> >> > > getfattr -n user.pvfs2.num_dfiles /mnt/pvfs2/dir1
>> >> >> >> >> > getfattr: Removing leading '/' from absolute path names
>> >> >> >> >> > # file: mnt/pvfs2/dir1
>> >> >> >> >> > user.pvfs2.num_dfiles="1"
>> >> >> >> >> >
>> >> >> >> >> > # trying to set xattrs on the root directory:
>> >> >> >> >> >
>> >> >> >> >> > > setfattr -n user.pvfs2.num_dfiles -v "1" /mnt/pvfs2
>> >> >> >> >> > setfattr: /mnt/pvfs2: Operation not permitted
>> >> >> >> >> > > getfattr -n user.pvfs2.num_dfiles /mnt/pvfs2
>> >> >> >> >> > /mnt/pvfs2: user.pvfs2.num_dfiles: No such attribute
>> >> >> >> >> >
>> >> >> >> >> > All of the above is run as root. I don't think it is
>> >> >> anything
>> >> >> >> special
>> >> >> >> >> > about the num_dfiles attribute either; it looks like I
>> >> >> can't set any
>> >> >> >> >> > xattrs on the root directory. It always responds with
>> >> >> "Operation
>> >> >> >> not
>> >> >> >> >> > permitted".
>> >> >> >> >> >
>> >> >> >> >> > -Phil
>> >> >> >> >> >
>> >> >> >> >>
>> >> >> >> >> _______________________________________________
>> >> >> >> >> Pvfs2-developers mailing list
>> >> >> >> >> [email protected]
>> >> >> >> >> http://www.beowulf-underground.org/mailman/listinfo/
>> pvfs2-
>> >> >> developers
>> >> >> >> >>
>> >> >> >>
>> >> >> >>
>> >> >>
>> >> >>
>> >> > _______________________________________________
>> >> > Pvfs2-developers mailing list
>> >> > [email protected]
>> >> > http://www.beowulf-underground.org/mailman/listinfo/pvfs2-
>> >> developers
>> >> >
>> >>
>> >>
>> >
>>
>>
>
_______________________________________________
Pvfs2-developers mailing list
[email protected]
http://www.beowulf-underground.org/mailman/listinfo/pvfs2-developers
