Am 06.04.2018 um 10:35 schrieb Yang, Wei:
> It is a bit surprise. Here is what I have:
>
> xrootd.seclib /usr/lib64/libXrdSec.so
> sec.protocol /usr/lib64 unix
> acc.authdb $(scriptspath)/auth_file
> acc.authrefresh 300
> ofs.authorize
>
>
> and with your AuthFile
>
> u * /xrootd lr
> u root /xrootd a
>
> Everyone (every remote user) should be able to read from /xrootd and only (remote) root can read-write. BTW, Xrootd use access control list. The above AuthFile reflect ACL rules.
Update: This seems works with the xrootd tools i.e.:
schroete@pc1 # xrdfs REDIRECTOR chmod /xrootd/myTestDir/willi "rwxrwxrwx"
[ERROR] Server responded with an error: [3010] Unable to chmod
/xrootd/myTestDir/willi; permission denied
But using the xrootd fuse mount i'am able to create/delete files in
/xrootd as everyone.
/etc/fstab:
xrootdfs /mnt/xrootd fuse
rdr=xroot://REDIRECTOR:1094//xrootd/,fsname=xrootdfs,max_write=131072,attr_timeout=10,entry_timeout=10,rw,noatime
0 0
cd /mnt/xrootd; echo "laura" > willi; rm willi --> no error
Is this intended with the FUSE module ?
>
> The CNSd (composed name space, along with ofs.forward) is essentially a DB of what files are in an xrootd storage cluster.
As far as i understood the docs it might be used as an inventory in case
of a desaster loss of an raid system. So we would have at least an index
of the files. This is very good to have for us.
Regards
Heiko
>
> -----Original Message-----
> From: <[log in to unmask]> on behalf of Heiko Schröter <[log in to unmask]>
> Date: Friday, April 6, 2018 at 1:11 AM
> To: xrootd-l <[log in to unmask]>
> Subject: Re: read write permissions
>
>> Hello,
>>
>>>> --> sec.protocol /usr/lib/xrootd unix
>>> This is wrong. It should be something like:
>>>
>>> xrootd.seclib /usr/lib64/libXrdSec.so
>>> sec.protocol /usr/lib64 unix
>> Tried it, but it does not change a thing. Any user has r/w access to the
>> file system.
>> So i it would be nice when there would be a pointer to some docs or such
>> how i can achieve the r/w permissions.
>> I don't get it how xrootd decides between access to the "storage pool",
>> or access permissions for a file/directory.
>>
>>> Also, I am curious, we used the following lines a long time ago but stopped using since. Are you sure you need them?
>>>> ofs.notify closew create mkdir mv rm rmdir trunc |
>>>> /usr/bin/XrdCnsd -d -D 2 -i 90 -b $(xrdr):1095:$(inventory)
>>>> ofs.notifymsg create $TID create $FMODE $LFN?$CGI
>>>> ofs.notifymsg closew $TID closew $LFN $FSIZE
>> I got this from a tutorial for setting up an Inventory. The inventory
>> works. But i have to admit that i don't fully understand all the bits
>> and pieces in the docs.
>>
>> Heiko
>>
>> ########################################################################
>> Use REPLY-ALL to reply to list
>>
>> To unsubscribe from the XROOTD-L list, click the following link:
>> https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1
> ########################################################################
> Use REPLY-ALL to reply to list
>
> To unsubscribe from the XROOTD-L list, click the following link:
> https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1
>
--
-----------------------------------------------------------------------
Dipl.-Ing. Heiko Schröter
Institute of Environmental Physics (IUP) phone: ++49-(0)421-218-62092
Institute of Remote Sensing (IFE) fax: ++49-(0)421-218-62070
University of Bremen (FB1)
P.O. Box 330440 email: [log in to unmask]
Otto-Hahn-Allee 1
28359 Bremen
Germany
-----------------------------------------------------------------------
########################################################################
Use REPLY-ALL to reply to list
To unsubscribe from the XROOTD-L list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-L&A=1
|