On Wed, Nov 6, 2019 at 5:47 AM Alex Litvak <alexander.v.lit...@gmail.com> wrote: > > Hello Cephers, > > > I am trying to understand how uid and gid are handled on the shared cephfs > mount. I am using 14.2.2 and cephfs kernel based client. > I have 2 client vms with following uid gid > > vm1 user dev (uid=500) group dev (gid=500) > vm2 user dev (uid=500) group dev (gid=500) > > > vm1 user tomcat (uid=996) group tomcat (gid=995) > vm2 user tomcat (uid=990) group tomcat (gid=990) >
ACLs only record IDs of users/groups. group tomcat is different on vm1/vm2 > > on both machines user tomcat is added to a group dev. > > > Directory /webcluster/data is a kernel cephfs mount and has permissions > visible on both clients as > > rwxrwxr-x dev dev /webcluster/data > > also > > rwxr-xr-x root root /webcluster > > So it is my understanding that on both vms I should be able to successfully > run > > touch /webcluster/data/foo as user tomcat. > > However, on vm2 I get permission denied when I attempt to write a file in > /webcluster/data. > When I change uid and gid of tomcat on vm2 to match those on vm1, then I > successfully can write into /webcluster/data. > > As on both machines user tomcat is a member of group dev and group dev is > allowed to write in the directory, why do the uids of the group members need > to match across network? > > > I tried research it on my own and failed to find a good explanation. > > > Thank you for your help, > > _______________________________________________ > ceph-users mailing list > ceph-users@lists.ceph.com > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com _______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
