On Fri, Mar 5, 2010 at 12:42 PM, Rudi Ahlers <Rudi softdux com>
What kind of security do you apply, both to the NFS cluster, and the
data that get accessed on it?
heya rudi, never realised u were on this list too ;)
the exports are controlled by source IP address in /etc/exports. The data on there is not sensitive data at all in our environment, and GFS is all server environment, with no user access... but I just tested using ACLs and it works 100% (added the acl option to gfs mount, and configured using setfacl). We are using ldap network authentication, so works nicely with group permissions ;)
(although we do have 1 luks volume image on the gfs filesystem that is mounted by one of the phy machines using a keyfile stored locally).