Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-19901

allow 'lctl nodemap modify rbac=[+-]role'

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Fixed
    • Icon: Medium Medium
    • Lustre 2.18.0
    • Lustre 2.17.0
    • 3
    • 9223372036854775807

      It doesn't appear possible to incrementally modify the rbac roles of an existing nodemap by using "lctl nodemap_modify --name NODEMAP --parameter rbac --value=-ROLE" to remove an existing role, or "... --value=+ROLE" to add a new role. Currently the entire list of rbac roles must be "edited" (e.g. via sed) or fully re-specified and set on the command-line. This is inconvenient for administrators that only want to add or remove individual roles, and possibly introducing errors if the re-specified roles are statically determined and containing some new role that is part of the default.

      There is already an existing mechanism for manipulating parameter masks for debug flags using cfs_str2mask() that should be re-used for this functionality to add or remove individual roles.

            ckansal Chakshu Kansal
            adilger Andreas Dilger
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: