Access Control Lists

BeeGFS stores Access Control Lists (ACLs) as Extended Attributes of metadata files on the metadata server.

The client nodes need to run the Linux kernel version 3.1 or above to support ACLs. The ACL enforcement facilities needed by BeeGFS are not supported by older kernel versions.

To enable ACLs, edit the metadata configuration file (/etc/beegfs/beegfs-meta.conf) and check if the following options are set to true.

storeClientXAttrs       = true
storeClientACLs         = true

Then, edit the client configuration file (/etc/beegfs/beegfs-client.conf) and check if the following options are set to true.

sysXAttrsEnabled = true
sysACLsEnabled   = true

If you change the configuration files, remember to restart their respective services afterward.

Note that enabling ACLs comes at some cost of reduced metadata performance, because additional data needs to be transferred and checked.