-
Notifications
You must be signed in to change notification settings - Fork 149
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
POSC doesn't work well with XrdOss plugins #830
Comments
I guess I don' understand how you got yourself in this predicament in the first place unless you are using a setfsuid plugin. That said,
Failing initialization when a POSC file cannot be deleted is he correct response in order to guarantee "poscness". I would not give xrootd root privileges. Even if you did you would have to change the start-up options and the code would work anyway as it reverts to a non-root uid when it starts running. Passing a fake security object wouldn't work also as the clean-up happens during initialization and there is no reference to a security object that point (xrootd assumes it can cleanup files it created notwithstanding a setfsuid plugin). Here are some options (assuming I understand what is going on here): If you give me details on how this situation occurs n the first place, perhaps I can provide additional suggestions. |
This is actually the HDFS backend - but, logically, it works the same way as Honestly, I don't want to support POSC since, as you point out, it really isn't plausible to "do it right" in this configuration. Rather than trying to fix something that is fundamentally unfixable, is it possible to return an error or otherwise disable POSC? For me, the bigger problem is someone who starts a POSC transfer can cause my server to be unable to restart. |
Hi Brian,
By default, POSC is only available when specifically requested. But, es,
it does get setup so cleanup will also occur (though, there shouldn't be
anything to cleanup). If you don't want it, simply say
ofs.persist off
http://xrootd.org/doc/dev48/ofs_config.htm#_Toc401930722
Andy
…On Sun, 30 Sep 2018, Brian P Bockelman wrote:
This is actually the HDFS backend - but, logically, it works the same way as `setfsuid`. The HDFS client is setup to be able to impersonate any HDFS user.
Honestly, I don't _want_ to support POSC since, as you point out, it really isn't plausible to "do it right" in this configuration.
Rather than trying to fix something that is fundamentally unfixable, is it possible to return an error or otherwise disable POSC? For me, the bigger problem is someone who starts a POSC transfer can cause my server to be unable to restart.
--
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
#830 (comment)
|
Ah, great! It's not clear from the docs: when I do |
Hi Brian,
It is silently ignored.
Andy
…On Tue, 2 Oct 2018, Brian P Bockelman wrote:
Ah, great!
It's not clear from the docs: when I do `ofs.persist off`, what happens when a client requests POSC behavior? Is it silently ignored or does the server return an error?
--
You are receiving this because you commented.
Reply to this email directly or view it on GitHub:
#830 (comment)
|
I believe this issue has been addressed with the persists configuration option. If not, please reopen it. |
When there are uploads-in-progress when Xrootd is started, the POSC subsystem will attempt to clean them up when the server restarts. The code is here:
https://github.com/xrootd/xrootd/blob/master/src/XrdOfs/XrdOfsPoscq.cc#L141
There's two problems here:
nobody
for HDFS. Needless to say,nobody
doesn't have permission to unlink the file.I'm reluctant to have the default user be
root
, just from a least privilege point-of-view. What's the best way to proceed here? Should I patch the OFS to make a "fake" security object?The text was updated successfully, but these errors were encountered: