From 177f5c0ca6e004c8db5df8679c64f7491a6ce928 Mon Sep 17 00:00:00 2001
From: Joseph Gmitter <joseph.gmitter@intel.com>
Date: Thu, 6 Jul 2017 13:56:25 -0400
Subject: [PATCH] LUDOC-377 misc: cleanup of root squash settings

Specify how to retrieve root squash settings using
lctl get_param and also document the set_param option
in addition to the conf_param settings already described.

Adds a note to mention nodemaps as an alternative.

Signed-off-by: Joseph Gmitter <joseph.gmitter@intel.com>
Change-Id: I753296f097b0006b084e8e0e7e11c369df3105ee
Reviewed-on: https://review.whamcloud.com/27954
Tested-by: Jenkins
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
---
 ManagingSecurity.xml | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/ManagingSecurity.xml b/ManagingSecurity.xml
index ec85979..c2afc2b 100644
--- a/ManagingSecurity.xml
+++ b/ManagingSecurity.xml
@@ -149,6 +149,10 @@ other::---</screen>
       root squash feature also enables the Lustre file system administrator to
       specify a set of client for which UID/GID re-mapping does not apply.
     </para>
+		<note><para>Nodemaps (<xref linkend="lustrenodemap.title" />) are an
+		alternative to root squash, since it also allows root squash on a per-client
+		basis.  With UID maps, the clients can even have a local root UID without
+		actually having root access to the filesystem itself.</para></note>
     <section xml:id="managingSecurity.root_squash.config" remap="h3">
       <title><indexterm>
         <primary>root squash</primary>
@@ -194,9 +198,13 @@ other::---</screen>
 --param &quot;mdt.nosquash_nids=192.168.0.13@tcp0&quot; /dev/sda1
 </screen>
       <para>Root squash parameters can also be changed with the
-        <literal>lctl conf_param</literal> command. For example:</para>
+      <literal>lctl conf_param</literal> command. For example:</para>
       <screen>mgs# lctl conf_param testfs.mdt.root_squash=&quot;1000:101&quot;
 mgs# lctl conf_param testfs.mdt.nosquash_nids=&quot;*@tcp&quot;</screen>
+      <para>To retrieve the current root squash parameter settings, the
+      following <literal>lctl get_param</literal> commands can be used:</para>
+      <screen>mgs# lctl get_param mdt.*.root_squash
+mgs# lctl get_param mdt.*.nosquash_nids</screen>
       <note>
         <para>When using the lctl conf_param command, keep in mind:</para>
         <itemizedlist>
@@ -214,8 +222,12 @@ mgs# lctl conf_param testfs.mdt.nosquash_nids=&quot;*@tcp&quot;</screen>
           </listitem>
         </itemizedlist>
       </note>
-      <para>The <literal>nosquash_nids</literal> list can be cleared with:
-      </para>
+      <para>The root squash settings can also be changed temporarily with
+      <literal>lctl set_param</literal> or persistently with
+      <literal>lctl set_param -P</literal>.  For example:</para>
+      <screen>mgs# lctl set_param mdt.testfs-MDT0000.root_squash="1:0"
+mgs# lctl set_param -P mdt.testfs-MDT0000.root_squash="1:0"</screen>
+      <para>The <literal>nosquash_nids</literal> list can be cleared with:</para>
       <screen>mgs# lctl conf_param testfs.mdt.nosquash_nids=&quot;NONE&quot;</screen>
       <para>- OR -</para>
       <screen>mgs# lctl conf_param testfs.mdt.nosquash_nids=&quot;clear&quot;</screen>
-- 
1.8.3.1