We haven't spent much time (as a community) discussing root squashing,
but Rodrigo's migration work has made it clear that we need clearer
definitions around NFS permissions, and root squashing in particular.
I hope it's obvious to everyone that an NFS share with root squash for
ALL HOSTS is pretty useless because it's impossible to change ownership
of files and to create different directories owned by different users.
The best you can get with root squash turned on for all hosts is an NFS
share with all files owned by a single user (presumably the "nobody" user).
Now there are use cases for shares where most clients have root squash
turned on, as long as 1 host has root squash turned off. That 1 host
would be the "NFS admin" host, where the admin in that case would just
be a special user who was still a tenant from the Manila perspective.
Unfortunately we don't have different "access levels" for root squash =
on/off. This is something to address for Newton.
In the mean time, I hope that everyone agrees that the only sane option
is for root squash to be disabled by default, and that we need a way to
allow users to enable it optionally in the future.
If any drivers are currently turning root squash on, I would consider
that a bug -- and it will prevent migration for working on your backend.
-Ben Swartzlander
__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
