[gpfsug-discuss] default owner and group for POSIX ACLs

Simon Thompson S.J.Thompson at bham.ac.uk
Tue Oct 15 19:50:54 BST 2019


Fred,

I thought like you that an ACL change caused a backup with mmbackup. Maybe only if you change the NFSv4 ACL. I'm sure it's documented somewhere and there is a flag to Protect to stop this from happening.

Maybe a POSIX permission (setfacl style) doesn't trigger a backup. This would tie in with Paul's suggestion that changing via SMB caused the backup to occur.

Simon
________________________________
From: gpfsug-discuss-bounces at spectrumscale.org <gpfsug-discuss-bounces at spectrumscale.org> on behalf of stockf at us.ibm.com <stockf at us.ibm.com>
Sent: Tuesday, October 15, 2019 5:49:34 PM
To: gpfsug-discuss at spectrumscale.org <gpfsug-discuss at spectrumscale.org>
Cc: gpfsug-discuss at spectrumscale.org <gpfsug-discuss at spectrumscale.org>
Subject: Re: [gpfsug-discuss] default owner and group for POSIX ACLs

Thanks Paul.  Could you please clarify which ACL you changed, the GPFS NFSv4 ACL or the POSIX ACL?

Fred
__________________________________________________
Fred Stock | IBM Pittsburgh Lab | 720-430-8821
stockf at us.ibm.com


----- Original message -----
From: Paul Ward <p.ward at nhm.ac.uk>
Sent by: gpfsug-discuss-bounces at spectrumscale.org
To: gpfsug main discussion list <gpfsug-discuss at spectrumscale.org>
Cc:
Subject: [EXTERNAL] Re: [gpfsug-discuss] default owner and group for POSIX ACLs
Date: Tue, Oct 15, 2019 12:18 PM


Hi Fred,



From the tests I have done changing the ACL results in just an ‘update’ to when using Spectrum Protect, even on migrated files.



Kindest regards,

Paul



Paul Ward

TS Infrastructure Architect

Natural History Museum

T: 02079426450

E: p.ward at nhm.ac.uk



From: gpfsug-discuss-bounces at spectrumscale.org <gpfsug-discuss-bounces at spectrumscale.org> On Behalf Of Frederick Stock
Sent: 15 October 2019 17:09
To: gpfsug-discuss at spectrumscale.org
Cc: gpfsug-discuss at spectrumscale.org
Subject: Re: [gpfsug-discuss] default owner and group for POSIX ACLs



As I understand if you change only the POSIX attributes on a file then you are correct that TSM will only backup the file metadata, actually just the POSIX relevant metadata.  However, if you change ACLs or other GPFS specific metadata then TSM will backup the entire file, TSM does not keep all file metadata separate from the actual file data.

Fred
__________________________________________________
Fred Stock | IBM Pittsburgh Lab | 720-430-8821
stockf at us.ibm.com<mailto:stockf at us.ibm.com>





----- Original message -----
From: Simon Thompson <S.J.Thompson at bham.ac.uk<mailto:S.J.Thompson at bham.ac.uk>>
Sent by: gpfsug-discuss-bounces at spectrumscale.org<mailto:gpfsug-discuss-bounces at spectrumscale.org>
To: gpfsug main discussion list <gpfsug-discuss at spectrumscale.org<mailto:gpfsug-discuss at spectrumscale.org>>
Cc:
Subject: [EXTERNAL] Re: [gpfsug-discuss] default owner and group for POSIX ACLs
Date: Tue, Oct 15, 2019 11:41 AM


I thought Spectrum Protect didn't actually backup again on a file owner change. Sure mmbackup considers it, but I think Protect just updates the metadata. There are also some other options for dsmc that can stop other similar issues if you change ctime maybe.

(Other backup tools are available)

Simon

On 15/10/2019, 15:31, "gpfsug-discuss-bounces at spectrumscale.org on behalf of Jonathan Buzzard<mailto:gpfsug-discuss-bounces at spectrumscale.org%20on%20behalf%20of%20Jonathan%20Buzzard>" <gpfsug-discuss-bounces at spectrumscale.org on behalf of jonathan.buzzard at strath.ac.uk<mailto:gpfsug-discuss-bounces at spectrumscale.org%20on%20behalf%20of%20jonathan.buzzard at strath.ac.uk>> wrote:

    On Tue, 2019-10-15 at 12:34 +0000, Paul Ward wrote:
    > We are in the process of changing the way GPFS assigns UID/GIDs from
    > internal tdb to using AD RIDs with an offset that matches our linux
    > systems. We, therefore, need to change the ACLs for all the files in
    > GPFS (up to 80 million).

    You do realize that will mean backing everything up again....

    > We are running in mixed ACL mode, with some POSIX and some NFSv4 ACLs
    > being applied. (This system was set up 14 years ago and has changed
    > roles over time) We are running on linux, so need to have POSIX
    > permissions enabled.

    We run on Linux and only have NFSv4 ACL's applied. I am not sure why
    you need POSIX ACL's if you are running Linux. Very very few
    applications will actually check ACL's or even for that matter
    permissions. They just do an fopen call or similar and the OS either
    goes yeah or neah, and the app needs to do something in the case of
    neah.

    >
    > What I want to know for those in a similar environment, what do you
    > have as the POSIX owner and group, when NFSv4 ACLs are in use?
    > root:root
    >
    > or do you have all files owned by a filesystem administrator account
    > and group:
    > <ad service account>:<ad fileserver admin group>
    >
    > on our samba shares we have :
    > admin users = @<ad fileserver admin group>
    > So don’t actually need the group defined in POSIX.
    >

    Samba works much better with NFSv4 ACL's.

    JAB.

    --
    Jonathan A. Buzzard                         Tel: +44141-5483420
    HPC System Administrator, ARCHIE-WeSt.
    University of Strathclyde, John Anderson Building, Glasgow. G4 0NG



    _______________________________________________
    gpfsug-discuss mailing list
    gpfsug-discuss at spectrumscale.org
    gpfsug.org<outlook.com>


_______________________________________________
gpfsug-discuss mailing list
gpfsug-discuss at spectrumscale.org
gpfsug.org<outlook.com>






_______________________________________________
gpfsug-discuss mailing list
gpfsug-discuss at spectrumscale.org
http://gpfsug.org/mailman/listinfo/gpfsug-discuss


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20191015/6e11fdbf/attachment-0002.htm>


More information about the gpfsug-discuss mailing list