HP3PAR Allow/deny requires knowledge of 3PAR fsuser. This should be removed or optional.
HP 3PAR driver currently secures CIFS shares by IP and user. The user needs to be a 3PAR local 'fsuser' and to mount the shares the fsuser credentials need to be used. This works for a 3PAR shop, but in a mixed backend environment the user shouldn't need to know these details. I think the CIFS shares should only be secured by IP by default.
The local user security could be supported by extra specs, perhaps, to make it a share-type-specific option. LDAP/AD is not addressed yet.
Blueprint information
- Status:
- Complete
- Approver:
- Ben Swartzlander
- Priority:
- Low
- Drafter:
- Mark Sturdevant
- Direction:
- Approved
- Assignee:
- Mark Sturdevant
- Definition:
- Obsolete
- Series goal:
- None
- Implementation:
- Blocked
- Milestone target:
- None
- Started by
- Mark Sturdevant
- Completed by
- Mark Sturdevant
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
HP3PAR Remove support for user security for CIFS
The proposed solution still required a 3PAR admin to mount and set ACLs. Since this can't be made vendor transparent (for now), it is better to keep the 3PAR user security as-is -- with documentation of limitations needed. Future AD/LDAP will help. Otherwise some out-of-manila knowledge is needed.