xrootdfs(1) | General Commands Manual | xrootdfs(1) |
NAME
xrootdfs - xrootd FUSE file system daemon
SYNOPSIS
xrootdfs [options] parameters
DESCRIPTION
The xrootdfs daemon provides a file system view of an xrootd cluster using FUSE. Usage synopsis can be displayed by typing "xrootdfs -h". Short documentation can be found in a README file in the src/XrdFfs source directory.
EXAMPLES
Assuming the redirector is rdr:port
run from command line with debugging output
use in /etc/fstab
use with autofs
/- /etc/auto.fuse
2. create /etc/auto.fuse with the following one line
/mnt -fstype=fuse,uid=2,rdr=root://rdr\:port//data :xrootdfs.sh
3. create script /usr/bin/xrootdfs.sh (make sure +x bit is set)
#!/bin/sh
exec /usr/bin/xrootdfs $@ >/dev/null 2>&1
NOTES
Documentation for all components associated with xrootdfs can be found at http://xrootd.org/docs.html
xrootdfs allows users and administators to query and change the internal parameters on the fly via the filesystem extended attributes
getfattr -n attribute_name /mount_point
setfattr -n attribute_name [ -v value ] /mount_point
attribute_name:
xrootdfs.fs.nworkers: query or change the number of threads working in parallel on operations such as stat(), unlink()/rmdir(), readdir(), statvfs(), etc.
xrootdfs.fs.dataserverlist: query or refresh the list of all data servers known to this xrootdfs instance (or "kill -USR1 pid" to refresh)
SECURITY
By default, XrootdFS does not send individual user identity to the Xrootd storage servers. So Xrootd storage thinks that all operations from an XrootdFS instance come from the user that runs the XrootdFS instance. When the Xrootd "sss" security module (Simple Shared Security) is enabled at both XrootdFS and Xrootd storage system, XrootdFS will send individual user identity information to the Xrootd storage servers. This info can be used along with the Xrootd ACL to control file/directory access.
To use "sss" security module, both Xrootd data servers and XrootdFS should be configured to use "sss" in a particular way, e.g. both sides should use a key file that contains the same key generated by the xrdsssadmin program in the following way:
xrdsssadmin -k my_key_name -u anybody -g usrgroup add keyfile
(change only "my_key_name" and "keyfile"). Please refer to environment variable "XrdSecsssKT" in Xrootd "Authentication & Access Control Configuration Reference" for more information on the location of the keyfile and its unix permission bits. That same document also describes the Xrootd ACL DB file.
To enable "sss" with XrootdFS, use the sss=/keyfile option with XrootdFS.
The following example shows how to use both unix and sss security modules with the Xrootd data servers.
xrootd.seclib /usr/lib64/libXrdSec.so
sec.protocol /usr/lib64 sss -s /keyfile
sec.protocol /usr/lib64 unix
acc.authdb /your_xrootd_ACL_auth_db_file
acc.authrefresh 300
ofs.authorize
DIAGNOSTICS
Errors yield an error message and a non-zero exit status. The program never exits upon success. Use the umount command to terminate the program.
Additional logging information can be found in syslog (/var/log/messages)
LICENSE
License terms can be displayed by typing "xrootd -H".
SUPPORT LEVEL
The xrootdfs daemon is supported by the xrootd
collaboration. Contact information can be found at
http://xrootd.org/contact.html
v5.6.4 |