Cluster-Wide Central Control

The purpose of this feature is to provide cluster-wide central control.

Note: The central control file is supported on the Linux platform only.

A central control file called nss_cctl.xml provides a way to restrict the behavior of SNFS cluster nodes (fsm, file system client, cvadmin client) from a central place: an NSS server.

This feature currently supports the following controls that allow you to specify:

  1. Whether a client is allowed to mount as a proxy client.
  2. Whether a client is allowed to mount as read/write or read-only.
  3. Whether a user (especially a local administrator on Windows clients,) is allowed to take ownership of a file or directory on a StorNext file system.
  4. Whether cvadmin running on a certain client is allowed to have super admin privilege to run destructive commands such as starting/stopping the file system, refreshing disks, changing quota settings, and so on.
  5. Whether cvadmin running on certain client is allowed to connect to other fsms via the -H option.
  6. Whether binary executable files on the StorNext file system are allowed to be executed.
  7. Whether the setuid bit of a file is allowed to take effect.

The control file is in xml format and has a hierarchical structure. The top level element, snfsControl, contains control elements with the securityControl label for certain file systems. If you have different controls for different file systems, each file system should have its own control definition. A special virtual file system, #SNFS_ALL#, is used as the default control for file systems not defined in this control file. It is also used to define the cvadmin-related control on clients.

Note: You cannot have a file system named #SNFS_ALL#.

Each file system-related element (indicated by the label securityControl) has a list of controlEntry items. Each controlEntry item defines the client and the controls. The client type can be either host or netgrp. A host can be the IP address or the host name. (Both IP V4 and IP V6 are supported.) Netgrp specifies a group of consecutive IP addresses and has a network IP address (either IP V4 or V6,) and network mask bits. It is possible for there to be overlapping in IP address between an individual host and netgrp, but the individual host should be defined before the netgrp. If a client node has more than one IP address, then define the controls for each IP address.

The following controls are currently supported:

  1. mountReadOnly: Control whether a client should mount as read-only. The default is read/write.
  2. mountDlanClient: Control whether a client can mount as a proxy client. The default is not allowed.
  3. takeOwnership: Control whether users on a Windows client are allowed to take ownership of a file or directory in a StorNext file system.
  4. snfsAdmin: Controls whether cvadmin running on a host is allowed to have super admin privilege to run privileged commands such as start/stop fs.
  5. snfsAdminConnect: Controls whether cvadmin running on a client is allowed to connect to other fsm via the -H option.
  6. exec: Controls whether binary executable files on the file system are allowed to be executed. The default value is “true” (that is, the execution is allowed).
  7. suid: Controls whether the setuid bit is allowed to take effect. (The default value is “true”.)

If no match is found for a given client's IP address, the client has no privileges. If a file system has been defined but the client is not defined in that file system’s control section (securityControl), the client has no access privileges to the specified file system.