[Ocfs2-users] howto achieve inter-node file permissions / workarounds
Petr Vacek
petr.vacek at office.mediawork.cz
Fri Feb 4 12:44:00 PST 2011
Greetings,
I would like to know if there is possibility to deny / obscure access into
some directory within ocfs2 for specific nodes - or allow just specific
nodes.
I am using ocfs2 shared storage among Xen VM (because it's performance is
better than NFS with our hardware), but then root of each VM has absolute
access to the whole ocfs2 filesystem - which I would like to limit this at
least a little bit,
I know that the root of node has access to a raw block device so it cannot
be done down to all levels, but if the mounted filesystem would respect some
limits for a local root
that would be very fine for me.
Is this doable and if it is easy which utility/ command would allow that ?
If not, should a simple kernel module/patch limiting access to specific
UID/GIDs for all users including root do the trick ? (I am thinking that if
such module does not exist, I can get it made and then map node-specific
directories into these uid/gids , so they will be accessible only from a
single node , if that's viable ...)
Thanks for any hints or tips in advance
Regards
Petr Vacek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://oss.oracle.com/pipermail/ocfs2-users/attachments/20110204/147e2d15/attachment.html
More information about the Ocfs2-users
mailing list