GPFS: Administration and Programming Reference - IRA Home

More documents

Recommendations

Info

group::rwx- #effective:rw-- other::--x- mask::rw-c user:alpha:rwxc #effective:rw-c group:audit:rwx- #effective:rw-- group:system:-w-- See the “mmgetacl Command” on page 185 and the “mmputacl Command” on page 233 for complete usage information. Changing traditional GPFS access control lists Use the mmeditacl command to change or create the traditional ACL of a file or directory, or the default ACL of a directory. For example, to interactively edit the ACL for the file project2.history, enter: mmeditacl project2.history The current ACL entries are displayed using the default editor, provided that the EDITOR environment variable specifies a complete path name. When the file is saved, the system displays information similar to: mmeditacl: 6027-967 Should the modified ACL be applied? (yes) or (no) After responding yes, the ACLs are applied. See the “mmeditacl Command” on page 168 for complete usage information. Deleting traditional GPFS access control lists Use the mmdelacl command to delete the extended entries in a traditional ACL of a file or directory, or the default ACL of a directory. For example, to delete the ACL for the directory project2, enter: mmdelacl project2 To confirm the deletion, enter: mmgetacl project2 The system displays information similar to: #owner:uno #group:system user::rwxc group::r-x- other::--x- You cannot delete the base permissions. These remain in effect after this command is executed. See the “mmdelacl Command” on page 149 and the “mmgetacl Command” on page 185 for complete usage information. NFS V4 ACL administration AIX does not allow a file system to be NFS V4 exported unless it supports NFS V4 ACLs. Normally, GPFS has POSIX ACLs (the default for the mmcrfs command is -k posix) so the file system must first be changed to allow NFS V4 ACLs (either exclusively using the -k nfs4 flag, or along with POSIX, using the -k all flag). Once the file system is configured to allow NFS V4 ACLs, it may be exported and NFS V4 clients may mount and use the file system (including setting ACLs which will, of course, be NFS V4 style). Depending on the value (posix | nfs4 | all) of the -k parameter, one or both ACL types can be allowed for a given file system. Since ACLs are assigned on a per-file basis, this means that within the same file system one file may have an NFS V4 ACL, while another has a POSIX ACL. The type of ACL can be 48 GPFS: Administration and Programming Reference
changed by using the mmputacl or mmeditacl command to assign a new ACL or by the mmdelacl command (causing the permissions to revert to the mode which is in effect a POSIX ACL). At any point in time, only a single ACL can be associated with a file. Access evaluation is done as required by the ACL type associated with the file. NFS V4 ACLs are represented in a completely different format than traditional ACLs. For detailed information on NFS V4 and its ACLs, refer to the paper, NFS Version 4 Protocol and other information found at: www.nfsv4.org. In the case of NFS V4 ACLs, there is no concept of a default ACL. Instead, there is a single ACL and the individual ACL entries can be flagged as being inherited (either by files, directories, both, or neither). Consequently, specifying the -d flag on the mmputacl command for an NFS V4 ACL is an error. NFS V4 ACL Syntax An NFS V4 ACL consists of a list of ACL entries. Where traditional ACLs can display one entry per line, the GPFS representation of NFS V4 ACL entries are three lines each, due to the increased number of available permissions beyond the traditional rwxc. The first line has several parts separated by colons (’:’). v The first part identifies the user or group. v The second part displays a rwxc translation of the permissions that appear on the subsequent two lines. v The third part is the ACL type. NFS V4 provides both an allow and deny type. allow Means to allow (or permit) those permissions that have been selected with an ’X’. deny Means to not allow (or deny) those permissions that have been selected with an ’X’. v The fourth and final part is a list of flags indicating inheritance. Valid flag values are: FileInherit Indicates that the ACL entry should be included in the initial ACL for files created in this directory. DirInherit Indicates that the ACL entry should be included in the initial ACL for subdirectories created in this directory (as well as the current directory). InheritOnly Indicates that the current ACL entry should NOT apply to the directory, but SHOULD be included in the initial ACL for objects created in this directory. As in traditional ACLs, users and groups are identified by specifying the type and name. For example, group:staff or user:bin. NFS V4 provides for a set of special names that are not associated with a specific local UID or GID. These special names are identified with the keyword special followed by the NFS V4 name. These names are recognized by the fact that they end in with the character ’@’. For example, special:owner@ refers to the owner of the file, special:group@ the owning group, and special:everyone@ applies to all users. The next two lines provide a list of the available access permissions that may be allowed or denied, based on the ACL type specified on the first line. A permission is selected using an ’X’. Permissions that are not specified by the entry should be left marked with ’-’ (minus sign). These are examples of NFS V4 ACLs. 1. An ACL entry that explicitly allows READ, EXECUTE and READ_ATTR to the staff group on a file is similar to this: group:staff:r-x-:allow (X)READ/LIST (-)WRITE/CREATE (-)MKDIR (-)SYNCHRONIZE (-)READ_ACL (X)READ_ATTR (-)READ_NAMED (-)DELETE (-)DELETE_CHILD (-)CHOWN (X)EXEC/SEARCH (-)WRITE_ACL (-)WRITE_ATTR (-)WRITE_NAMED Chapter 6. Managing GPFS access control lists and NFS export 49
Page 1:
General Parallel File System Admini
Page 4 and 5:
Note: Before using this information
Page 6 and 7:
Chapter 4. Managing disks . . . . .
Page 8 and 9:
mmrestripefile Command . . . . . .
Page 10 and 11:
viii GPFS: Administration and Progr
Page 12 and 13:
x GPFS: Administration and Programm
Page 14 and 15:
Table 1. Typographic conventions (c
Page 16 and 17:
- The mmmount and mmumount commands
Page 18 and 19: - The local cluster no longer needs
Page 20 and 21: xviii GPFS: Administration and Prog
Page 22 and 23: 2 GPFS: Administration and Programm
Page 24 and 25: Remote shell command: /usr/bin/rsh
Page 26 and 27: v A node being deleted cannot be th
Page 28 and 29: You may be able to tune your cluste
Page 30 and 31: The system displays information sim
Page 32 and 33: If it becomes necessary to stop GPF
Page 34 and 35: ecorded in the GPFS configuration f
Page 36 and 37: Checking and repairing a file syste
Page 38 and 39: -j scatter Block allocation type -D
Page 40 and 41: Restriping offers the opportunity t
Page 42 and 43: See the “mmdf Command” on page
Page 44 and 45: 2. The TSM client code must be inst
Page 46 and 47: 26 GPFS: Administration and Program
Page 48 and 49: gpfs3nsd 0903C1573F2AD7B6 /dev/sdb1
Page 50 and 51: 12 % complete on Fri Feb 3 16:02:39
Page 52 and 53: suspended Indicates that data is to
Page 54 and 55: v You must identify the disks by th
Page 58 and 59: To disable quota management: 1. Iss
Page 60 and 61: During the normal operation of file
Page 62 and 63: The system displays output similar
Page 66 and 67: Each GPFS file or directory has an
Page 70 and 71: 2. A Directory ACL is similar to th
Page 72 and 73: This ACL shows four ACL entries (an
Page 74 and 75: general suggestion is for the compu
Page 80 and 81: Table 4. GPFS commands (continued)
Page 82 and 83: mmadddisk Command mmadddisk Command
Page 84 and 85: mmadddisk Command Note: Rebalancing
Page 86 and 87: mmaddnode Command Name mmaddnode Ad
Page 88 and 89: mmaddnode Command See also “mmchc
Page 90 and 91: mmapplypolicy Command how the mmapp
Page 92 and 93: mmapplypolicy Command MIGRATED /fs1
Page 94 and 95: mmauth Command delete Deletes a clu
Page 96 and 97: mmauth Command mmauth: Propagating
Page 98 and 99: mmbackup Command Name mmbackup - Ba
Page 100 and 101: mmbackup Command Tue Mar 18 14:03:2
Page 102 and 103: mmchattr Command -m MetadataReplica
Page 104 and 105: mmchcluster Command Name mmchcluste
Page 106 and 107: mmchcluster Command Security You mu
Page 108 and 109: mmchconfig Command Name mmchconfig
Page 110 and 111: mmchconfig Command dmapiMountTimeou
Page 112 and 113: mmchconfig Command and search for n
Page 114 and 115: mmchdisk Command Name mmchdisk - Ch
Page 116 and 117: mmchdisk Command resume Informs GPF
Page 118 and 119:
mmcheckquota Command Name mmcheckqu
Page 120 and 121:
mmcheckquota Command 55 % complete
Page 122 and 123:
mmchfileset Command Examples This c
Page 124 and 125:
mmchfs Command If your file system
Page 126 and 127:
mmchfs Command When considering dat
Page 128 and 129:
mmchmgr Command GPFS: 6027-628 Send
Page 130 and 131:
mmchnsd Command Options NONE DiskNa
Page 132 and 133:
mmchpolicy Command Name mmchpolicy
Page 134 and 135:
mmcrcluster Command Name mmcrcluste
Page 136 and 137:
mmcrcluster Command If your primary
Page 138 and 139:
mmcrfileset Command Name mmcrfilese
Page 140 and 141:
mmcrfs Command Name mmcrfs - Create
Page 142 and 143:
mmcrfs Command Options other disk)
Page 144 and 145:
mmcrfs Command -z {yes | no} Enable
Page 146 and 147:
mmcrnsd Command Name mmcrnsd - Crea
Page 148 and 149:
mmcrnsd Command Note: This name can
Page 150 and 151:
mmcrnsd Command Location /usr/lpp/m
Page 152 and 153:
mmcrsnapshot Command Options NONE I
Page 154 and 155:
mmcrvsd Command Name mmcrvsd - Crea
Page 156 and 157:
mmcrvsd Command Options dataOnly In
Page 158 and 159:
mmcrvsd Command See also “mmcrnsd
Page 160 and 161:
mmdefedquota Command -u Specifies t
Page 162 and 163:
mmdefquotaoff Command mmlsquota -d
Page 164 and 165:
mmdefquotaon Command Security You m
Page 166 and 167:
mmdefragfs Command Name mmdefragfs
Page 168 and 169:
mmdefragfs Command gpfs60nsd 50688
Page 170 and 171:
mmdelacl Command “mmputacl Comman
Page 172 and 173:
mmdeldisk Command -F DescFile A fil
Page 174 and 175:
mmdelfileset Command Name mmdelfile
Page 176 and 177:
mmdelfileset Command 88 % complete
Page 178 and 179:
mmdelfs Command Examples To delete
Page 180 and 181:
mmdelnode Command Exit status 0 Suc
Page 182 and 183:
mmdelnsd Command Options NONE Exit
Page 184 and 185:
mmdelsnapshot Command When using th
Page 186 and 187:
mmdf Command Exit status 0 Successf
Page 188 and 189:
mmeditacl Command Name mmeditacl -
Page 190 and 191:
mmeditacl Command Exit status 0 Suc
Page 192 and 193:
mmedquota Command Group Name or gro
Page 194 and 195:
mmexportfs Command Name mmexportfs
Page 196 and 197:
mmfsck Command Name mmfsck - Checks
Page 198 and 199:
mmfsck Command -n Specifies a no re
Page 200 and 201:
mmfsck Command See also “mmcheckq
Page 202 and 203:
mmfsctl Command v Modifications to
Page 204 and 205:
mmfsctl Command lunA2 FlashCopy tar
Page 206 and 207:
mmgetacl Command Parameters Filenam
Page 208 and 209:
mmgetstate Command Name The mmgetst
Page 210 and 211:
mmgetstate Command See also “mmch
Page 212 and 213:
mmimportfs Command Parameters Devic
Page 214 and 215:
mmlinkfileset Command Name mmlinkfi
Page 216 and 217:
mmlsattr Command Name mmlsattr - Qu
Page 218 and 219:
mmlscluster Command Name mmlscluste
Page 220 and 221:
mmlsconfig Command Name mmlsconfig
Page 222 and 223:
mmlsdisk Command Name mmlsdisk - Di
Page 224 and 225:
mmlsdisk Command disk driver sector
Page 226 and 227:
mmlsfileset Command Name mmlsfilese
Page 228 and 229:
mmlsfileset Command 3. These comman
Page 230 and 231:
mmlsfs Command -o Additional mount
Page 232 and 233:
mmlsmgr Command Name mmlsmgr - Disp
Page 234 and 235:
mmlsmount Command Name mmlsmount -
Page 236 and 237:
mmlsnsd Command Name mmlsnsd - Disp
Page 238 and 239:
mmlsnsd Command gpfs1 gpfs1nsd 0972
Page 240 and 241:
mmlspolicy Command mmlspolicy fs2 -
Page 242 and 243:
mmlsquota Command When a quota mana
Page 244 and 245:
mmlssnapshot Command Name mmlssnaps
Page 246 and 247:
mmmount Command Name mmmount - Moun
Page 248 and 249:
mmpmon Command Name mmpmon - Manage
Page 250 and 251:
mmpmon Command Use of the -i flag i
Page 252 and 253:
mmpmon Command bytes written: 13946
Page 254 and 255:
mmputacl Command Options -d Specifi
Page 256 and 257:
mmquotaoff Command Name mmquotaoff
Page 258 and 259:
mmquotaon Command Name mmquotaon -
Page 260 and 261:
mmremotecluster Command Name mmremo
Page 262 and 263:
mmremotecluster Command 2. This com
Page 264 and 265:
mmremotefs Command Options -A {yes
Page 266 and 267:
mmrepquota Command Name mmrepquota
Page 268 and 269:
mmrepquota Command *** Report for U
Page 270 and 271:
mmrestorefs Command Exit status 0 S
Page 272 and 273:
mmrestripefile Command Name mmrestr
Page 274 and 275:
mmrestripefile Command See also “
Page 276 and 277:
mmrestripefs Command Assuming that
Page 278 and 279:
mmrestripefs Command See also “mm
Page 280 and 281:
mmrpldisk Command The disk descript
Page 282 and 283:
mmrpldisk Command See also “mmadd
Page 284 and 285:
mmsanrepairfs Command Repairing hyp
Page 286 and 287:
mmshutdown Command When using the r
Page 288 and 289:
mmsnapdir Command nonzero A failure
Page 290 and 291:
mmstartup Command Name mmstartup -
Page 292 and 293:
mmumount Command Name mmumount - Un
Page 294 and 295:
mmunlinkfileset Command Name mmunli
Page 296 and 297:
mmunlinkfileset Command See also
Page 298 and 299:
Table 9. GPFS programming interface
Page 300 and 301:
gpfs_close_inodescan() Subroutine N
Page 302 and 303:
gpfs_cmp_fssnapid() Subroutine Loca
Page 304 and 305:
gpfs_fcntl() Subroutine Name gpfs_f
Page 306 and 307:
gpfs_fcntl() Subroutine fcntlArg.po
Page 308 and 309:
gpfs_fputattrs() Subroutine Name gp
Page 310 and 311:
gpfs_free_fssnaphandle() Subroutine
Page 312 and 313:
gpfs_fssnap_id_t Structure Name gpf
Page 314 and 315:
gpfs_get_fsname_from_fssnaphandle()
Page 316 and 317:
gpfs_get_fssnaphandle_by_name() Sub
Page 318 and 319:
gpfs_get_fssnaphandle_by_path() Sub
Page 320 and 321:
gpfs_get_fssnapid_from_fssnaphandle
Page 322 and 323:
gpfs_get_snapdirname() Subroutine N
Page 324 and 325:
gpfs_get_snapname_from_fssnaphandle
Page 326 and 327:
gpfs_getacl() Subroutine Error stat
Page 328 and 329:
gpfs_iattr_t Structure /* don’t r
Page 330 and 331:
gpfs_ifile_t Structure Name gpfs_if
Page 332 and 333:
gpfs_igetattrs() Subroutine GPFS_E_
Page 334 and 335:
gpfs_igetfilesetname() Subroutine E
Page 336 and 337:
gpfs_igetstoragepool() Subroutine E
Page 338 and 339:
gpfs_iopen() Subroutine Exceptions
Page 340 and 341:
gpfs_iread() Subroutine EPERM The c
Page 342 and 343:
gpfs_ireaddir() Subroutine Examples
Page 344 and 345:
gpfs_ireadlink() Subroutine Locatio
Page 346 and 347:
gpfs_ireadx() Subroutine offset On
Page 348 and 349:
gpfs_next_inode() Subroutine Name g
Page 350 and 351:
gpfs_opaque_acl_t Structure Name gp
Page 352 and 353:
gpfs_open_inodescan() Subroutine No
Page 354 and 355:
gpfs_prealloc() Subroutine Exceptio
Page 356 and 357:
gpfs_putacl() Subroutine Exceptions
Page 358 and 359:
gpfs_quotactl() Subroutine Q_SETQUO
Page 360 and 361:
gpfs_quotaInfo_t Structure Name gpf
Page 362 and 363:
gpfs_seek_inode() Subroutine Locati
Page 364 and 365:
gpfsAccessRange_t Structure Name gp
Page 366 and 367:
gpfsClearFileCache_t Structure Name
Page 368 and 369:
gpfsDataShipMap_t Structure partiti
Page 370 and 371:
gpfsDataShipStart_t Structure flag
Page 372 and 373:
gpfsDataShipStop_t Structure Name g
Page 374 and 375:
gpfsFreeRange_t Structure Name gpfs
Page 376 and 377:
gpfsGetReplication_t Structure Name
Page 378 and 379:
gpfsGetSnapshotName_t Structure Nam
Page 380 and 381:
gpfsMultipleAccessRange_t Structure
Page 382 and 383:
gpfsRestripeData_t Structure Name g
Page 384 and 385:
gpfsSetReplication_t Structure rese
Page 386 and 387:
366 GPFS: Administration and Progra
Page 388 and 389:
mmsdrbackup User exit mmsdrbackup U
Page 390 and 391:
syncfsconfig User exit Name syncfsc
Page 392 and 393:
GPFS exceptions and limitations to
Page 394 and 395:
Page 396 and 397:
2455 South Road, Poughkeepsie, NY 1
Page 398 and 399:
Page 400 and 401:
metadataOnly Indicates that the dis
Page 402 and 403:
v manager | client - Indicates whet
Page 404 and 405:
Page 406 and 407:
v For AIX nodes, see Installing the
Page 408 and 409:
RPM at www.rpm.org/ The Internet En
Page 410 and 411:
commands (continued) mmchfileset 10
Page 412 and 413:
file systems (continued) creating 1
Page 414 and 415:
mmchattr 19, 81 mmchcluster 6, 84 m
Page 416 and 417:
setting access control lists 46 sna
Page 418 and 419:
Page 420:
Readers’ Comments — We’d Like
show all

GPFS: Administration and Programming Reference - IRA Home

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?