Hi, I am not able to reproduce your issue. I compiled your C program, in all cases I am not getting Permission Denied.
You say that it works when you deactivate the nodemap. But given that you have a fileset on your nodemap entry « sif », when you deactivate it you might end up doing IOs in a different directory. So you might compare different things. Also, does the uid/gid 20501 exist on server side? Cheers, Sebastien. > Le 6 févr. 2020 à 14:29, Hans Henrik Happe <ha...@nbi.dk> a écrit : > > Hi, > > Thanks for a very quick reply :-) Here are the map: > > # lctl get_param nodemap.sif.* > nodemap.sif.admin_nodemap=1 > nodemap.sif.audit_mode=1 > nodemap.sif.deny_unknown=0 > nodemap.sif.exports= > [ > { nid: 172.25.10.51@tcp, uuid: 56bb9b04-9bb5-d7b5-3f50-d62804690db1 }, > ] > nodemap.sif.fileset=/sif > nodemap.sif.id=2 > nodemap.sif.idmap= > [ > { idtype: uid, client_id: 501, fs_id: 20501 }, > { idtype: gid, client_id: 501, fs_id: 20501 } > ] > nodemap.sif.map_mode=both > nodemap.sif.ranges= > [ > { id: 11, start_nid: 172.25.1.28@tcp, end_nid: 172.25.1.28@tcp }, > { id: 10, start_nid: 172.25.1.27@tcp, end_nid: 172.25.1.27@tcp }, > { id: 9, start_nid: 172.25.10.51@tcp, end_nid: 172.25.10.51@tcp } > ] > nodemap.sif.sepol= > > nodemap.sif.squash_gid=20000 > nodemap.sif.squash_uid=20000 > nodemap.sif.trusted_nodemap=0 > > Cheers, > Hans Henrik > > On 06.02.2020 14.17, Sebastien Buisson wrote: >> Hi, >> >> It might be due to a property on the nodemap you defined. >> Could you please dump your nodemap definition? >> >> Thanks, >> Sebastien. >> >> >>> Le 6 févr. 2020 à 14:14, Hans Henrik Happe <ha...@nbi.dk> >>> a écrit : >>> >>> Hi, >>> >>> Has anyone had success with gocryptfs 1.7.x on top of a Lustre nodemap? >>> >>> I've tested with Lustre 2.12.3. >>> >>> I found that gocryptfs 1.6 worked. However, with 1.7.x I got a lot of >>> "Permission denied". I tried all permutations of trusted and admin on >>> the nodemap. >>> >>> By stracing a bit, I've created a small peace of code provoking the issue: >>> >>> --- >>> >>> #include <unistd.h> >>> #include <sys/types.h> >>> #include <fcntl.h> >>> #include <stdio.h> >>> >>> int main() { >>> int r; >>> >>> setregid(-1, 501); >>> setreuid(-1, 501); >>> >>> r = open("foo", O_CREAT, S_IRWXU); >>> if (r < 0) { >>> perror("open"); >>> } >>> return 0; >>> } >>> >>> --- >>> >>> >>> >>> When run as root in a directory owned by uid=501 and gid=501 in a >>> nodemap based Lustre fs it returns: >>> >>> open: Permission denied >>> >>> Works when I deactivate nodemap (lctl nodemap_activate 0) or just use a >>> plain local fs. >>> >>> I don't think this is intended behavior for nodemaps, but I might be wrong. >>> >>> Cheers, >>> Hans Henrik >>> _______________________________________________ >>> lustre-discuss mailing list >>> >>> lustre-discuss@lists.lustre.org >>> http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org > > _______________________________________________ > lustre-discuss mailing list > lustre-discuss@lists.lustre.org > http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org _______________________________________________ lustre-discuss mailing list lustre-discuss@lists.lustre.org http://lists.lustre.org/listinfo.cgi/lustre-discuss-lustre.org