Open Stack

We haven't spent much time (as a community) discussing root squashing, 
but Rodrigo's migration work has made it clear that we need clearer 
definitions around NFS permissions, and root squashing in particular.

I hope it's obvious to everyone that an NFS share with root squash for 
ALL HOSTS is pretty useless because it's impossible to change ownership 
of files and to create different directories owned by different users. 
The best you can get with root squash turned on for all hosts is an NFS 
share with all files owned by a single user (presumably the "nobody" user).

Now there are use cases for shares where most clients have root squash 
turned on, as long as 1 host has root squash turned off. That 1 host 
would be the "NFS admin" host, where the admin in that case would just 
be a special user who was still a tenant from the Manila perspective. 
Unfortunately we don't have different "access levels" for root squash = 
on/off. This is something to address for Newton.

In the mean time, I hope that everyone agrees that the only sane option 
is for root squash to be disabled by default, and that we need a way to 
allow users to enable it optionally in the future.

If any drivers are currently turning root squash on, I would consider 
that a bug -- and it will prevent migration for working on your backend.

-Ben Swartzlander