Figured out. Nothing ceph related. Someone created multiple ACL entries on a directory and ls -l had correct numbers but getfacl showed its real colors. Group write permissions were disabled at that level.
On Tue, Nov 5, 2019 at 7:10 PM Yan, Zheng <uker...@gmail.com> wrote: > On Wed, Nov 6, 2019 at 5:47 AM Alex Litvak <alexander.v.lit...@gmail.com> > wrote: > > > > Hello Cephers, > > > > > > I am trying to understand how uid and gid are handled on the shared > cephfs mount. I am using 14.2.2 and cephfs kernel based client. > > I have 2 client vms with following uid gid > > > > vm1 user dev (uid=500) group dev (gid=500) > > vm2 user dev (uid=500) group dev (gid=500) > > > > > > vm1 user tomcat (uid=996) group tomcat (gid=995) > > vm2 user tomcat (uid=990) group tomcat (gid=990) > > > > ACLs only record IDs of users/groups. group tomcat is different on vm1/vm2 > > > > > on both machines user tomcat is added to a group dev. > > > > > > Directory /webcluster/data is a kernel cephfs mount and has permissions > visible on both clients as > > > > rwxrwxr-x dev dev /webcluster/data > > > > also > > > > rwxr-xr-x root root /webcluster > > > > So it is my understanding that on both vms I should be able to > successfully run > > > > touch /webcluster/data/foo as user tomcat. > > > > However, on vm2 I get permission denied when I attempt to write a file > in /webcluster/data. > > When I change uid and gid of tomcat on vm2 to match those on vm1, then I > successfully can write into /webcluster/data. > > > > As on both machines user tomcat is a member of group dev and group dev > is allowed to write in the directory, why do the uids of the group members > need to match across network? > > > > > > I tried research it on my own and failed to find a good explanation. > > > > > > Thank you for your help, > > > > _______________________________________________ > > ceph-users mailing list > > ceph-users@lists.ceph.com > > http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com >
_______________________________________________ ceph-users mailing list ceph-users@lists.ceph.com http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
