geo-rep: Add support for acls

This patch adds support for ACLS. When it sees SETXATTR
in Changelog, it adds the file to data queue. rsync/tar+ssh
will take care of syncing ACLS. User set ACLS will be
synced to Slave.

This requires "system.posix_acl_access" to go through when
client-pid is equal GF_CLIENT_PID_GSYNCD in fuse layer.

New config interface is introduced, sync-acls
Which can be set using geo-rep config(Default is True)

gluster volume geo-replication <VOLUME> <SLAVEHOST>::<SLAVEVOL> \
               config sync-acls false

Change-Id: I7eb3523fa72b8fed830efc98138891244e830d65
BUG: 1187021
Signed-off-by: Kotresh HR <khiremat@redhat.com>
Reviewed-on: http://review.gluster.org/10001
Reviewed-by: Aravinda VK <avishwan@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Venky Shankar <vshankar@redhat.com>
Tested-by: Venky Shankar <vshankar@redhat.com>

geo-replication/syncdaemon/configinterface.py.in

@@ -42,6 +42,10 @@ CONFIGS = (
      "gluster_params",
      "aux-gfid-mount xlator-option=\*-dht.assert-no-child-down=true",
      "aux-gfid-mount"),
+    ("peersrx .",
+     "gluster_params",
+     "aux-gfid-mount",
+     "aux-gfid-mount acl"),
     ("peersrx . .",
      "ssh_command_tar",
      "",

geo-replication/syncdaemon/gsyncd.py

@@ -232,6 +232,7 @@ def main_i():
     op.add_option('--isolated-slave', default=False, action='store_true')
     op.add_option('--use-rsync-xattrs', default=False, action='store_true')
     op.add_option('--sync-xattrs', default=True, action='store_true')
+    op.add_option('--sync-acls', default=True, action='store_true')
     op.add_option('--pause-on-start', default=False, action='store_true')
     op.add_option('-L', '--log-level', metavar='LVL')
     op.add_option('-r', '--remote-gsyncd', metavar='CMD',

geo-replication/syncdaemon/master.py

@@ -1001,9 +1001,9 @@ class GMasterChangelogMixin(GMasterCommon):
                     else:
                         meta_gfid.add((os.path.join(pfx, ec[0]), ))
                 elif ec[1] == 'SETXATTR':
-                    # To sync xattr use rsync/tar, --xattrs switch
-                    # to rsync and tar
-                    if boolify(gconf.sync_xattrs):
+                    # To sync xattr/acls use rsync/tar, --xattrs and --acls
+                    # switch to rsync and tar
+                    if boolify(gconf.sync_xattrs) or boolify(gconf.sync_acls):
                         datas.add(os.path.join(pfx, ec[0]))
             else:
                 logging.warn('got invalid changelog type: %s' % (et))

geo-replication/syncdaemon/resource.py

@@ -831,6 +831,7 @@ class SlaveRemote(object):
              '--stats', '--numeric-ids', '--no-implied-dirs'] + \
             gconf.rsync_options.split() + \
             (boolify(gconf.sync_xattrs) and ['--xattrs'] or []) + \
+            (boolify(gconf.sync_acls) and ['--acls'] or []) + \
             ['.'] + list(args)
         po = Popen(argv, stdin=subprocess.PIPE, stderr=subprocess.PIPE)
         for f in files:
@@ -854,10 +855,12 @@ class SlaveRemote(object):
         (host, rdir) = slaveurl.split(':')
         tar_cmd = ["tar"] + \
             (boolify(gconf.sync_xattrs) and ['--xattrs'] or []) + \
+            (boolify(gconf.sync_acls) and ['--acls'] or []) + \
             ["-cf", "-", "--files-from", "-"]
         ssh_cmd = gconf.ssh_command_tar.split() + \
             [host, "tar"] + \
             (boolify(gconf.sync_xattrs) and ['--xattrs'] or []) + \
+            (boolify(gconf.sync_acls) and ['--acls'] or []) + \
             ["--overwrite", "-xf", "-", "-C", rdir]
         p0 = Popen(tar_cmd, stdout=subprocess.PIPE,
                    stdin=subprocess.PIPE, stderr=subprocess.PIPE)

xlators/mgmt/glusterd/src/glusterd-geo-rep.c

@@ -5025,7 +5025,7 @@ create_conf_file (glusterd_conf_t *conf, char *conf_path)
         /* gluster-params */
         runinit_gsyncd_setrx (&runner, conf_path);
         runner_add_args (&runner, "gluster-params",
-                         "aux-gfid-mount",
+                         "aux-gfid-mount acl",
                          ".", ".", NULL);
         RUN_GSYNCD_CMD;
 
@@ -5148,7 +5148,7 @@ create_conf_file (glusterd_conf_t *conf, char *conf_path)
         /* gluster-params */
         runinit_gsyncd_setrx (&runner, conf_path);
         runner_add_args (&runner, "gluster-params",
-                         "aux-gfid-mount",
+                         "aux-gfid-mount acl",
                          ".", NULL);
         RUN_GSYNCD_CMD;
 

xlators/mgmt/glusterd/src/glusterd.c

@@ -640,7 +640,7 @@ configure_syncdaemon (glusterd_conf_t *conf)
         /* gluster-params */
         runinit_gsyncd_setrx (&runner, conf);
         runner_add_args (&runner, "gluster-params",
-                         "aux-gfid-mount",
+                         "aux-gfid-mount acl",
                          ".", ".", NULL);
         RUN_GSYNCD_CMD;
 
@@ -764,7 +764,7 @@ configure_syncdaemon (glusterd_conf_t *conf)
         /* gluster-params */
         runinit_gsyncd_setrx (&runner, conf);
         runner_add_args (&runner, "gluster-params",
-                         "aux-gfid-mount",
+                         "aux-gfid-mount acl",
                          ".", NULL);
         RUN_GSYNCD_CMD;
 

xlators/mount/fuse/src/fuse-helpers.c

@@ -600,6 +600,8 @@ fuse_ignore_xattr_set (fuse_private_t *priv, char *key)
                            key, FNM_PERIOD) == 0)
               || (fnmatch ("*.glusterfs.volume-mark.*",
                            key, FNM_PERIOD) == 0)
+              || (fnmatch ("system.posix_acl_access",
+                           key, FNM_PERIOD) == 0)
               || (fnmatch ("glusterfs.gfid.newfile",
                            key, FNM_PERIOD) == 0)))
                 ret = -1;