On Tue, May 23, 2017 at 08:08:54PM +, Dilger, Andreas wrote:
>On May 19, 2017, at 08:47, Robin Humble wrote:
>> On Wed, May 17, 2017 at 02:37:31PM +, Sebastien Buisson wrote:
>>> Le 17 mai 2017 à 16:16, Robin Humble a écrit :
I took a gander at the source and noticed that llite/xattr
On May 19, 2017, at 08:47, Robin Humble wrote:
>
> Hi Sebastien,
>
> On Wed, May 17, 2017 at 02:37:31PM +, Sebastien Buisson wrote:
>> Le 17 mai 2017 à 16:16, Robin Humble a écrit :
>>> I took a gander at the source and noticed that llite/xattr.c
>>> deliberately filters out 'security.capab
> Le 19 mai 2017 à 08:47, Robin Humble a écrit :
> On Wed, May 17, 2017 at 02:37:31PM +, Sebastien Buisson wrote:
>>
>> Reading the discussion in the ticket, supporting xattr at the time of Lustre
>> 1.8 and 2.0 was causing issues on MDS side in some situations. So it was
>> decided to dis
Hi Sebastien,
On Wed, May 17, 2017 at 02:37:31PM +, Sebastien Buisson wrote:
> Le 17 mai 2017 à 16:16, Robin Humble a écrit :
>> I took a gander at the source and noticed that llite/xattr.c
>> deliberately filters out 'security.capability' and returns 0/-ENODATA
>> for setcap/getcap, which is
Hi Robin,
b15587 refers to the old Lustre Bugzilla tracking tool:
https://projectlava.xyratex.com/show_bug.cgi?id=15587
Reading the discussion in the ticket, supporting xattr at the time of Lustre
1.8 and 2.0 was causing issues on MDS side in some situations. So it was
decided to discard securi
I setup a couple of VMs with 2.9 clients and servers (ldiskfs) and
unfortunately setcap/getcap still are unhappy - same as with my
previous 2.9 clients with 2.8 servers (ZFS).
hmm.
I took a gander at the source and noticed that llite/xattr.c
deliberately filters out 'security.capability' and retur
Hi Eli et al,
>> Le 15 mai 2017 à 14:39, E.S. Rosenberg a écrit :
>> Hi Robin,
>> Did you ever solve this?
>> We are considering trying root-on-lustre but that would be a deal-breaker.
no. instead I started down the track of layering overlayfs on top of
lustre. tmpfs (used by overlayfs's upper l
I hope to move us to 2.9 in the very near future, currently 2.8
On Tue, May 16, 2017 at 11:17 AM, Sebastien Buisson
wrote:
> From Lustre 2.8, we have basic support of SELinux on Lustre client side.
> It means Lustre stores the security context of files in extended
> attributes. In this way Lustr
From Lustre 2.8, we have basic support of SELinux on Lustre client side. It
means Lustre stores the security context of files in extended attributes. In
this way Lustre supports seclabel.
In Lustre 2.9, an additional enhancement for SELinux support was landed.
Which version are you using?
Cheer
Hi Robin,
Did you ever solve this?
We are considering trying root-on-lustre but that would be a deal-breaker.
Thanks,
Eli
On Sat, Mar 4, 2017 at 9:38 AM, Dilger, Andreas
wrote:
> On Mar 2, 2017, at 05:55, Robin Humble
> wrote:
> >
> > Hiya,
> >
> > I'm updating an image for a root-on-lustre clu
On Mar 2, 2017, at 05:55, Robin Humble wrote:
>
> Hiya,
>
> I'm updating an image for a root-on-lustre cluster from centos6 to 7
> and I've hit a little snag. I can't seem to mount lustre so that it
> understands seclabel. ie. setcap/getcap don't work. the upshot is that
> root can use ping (and
Hiya,
I'm updating an image for a root-on-lustre cluster from centos6 to 7
and I've hit a little snag. I can't seem to mount lustre so that it
understands seclabel. ie. setcap/getcap don't work. the upshot is that
root can use ping (and a few other tools), but users can't.
any idea what I'm doing
12 matches
Mail list logo
