Provided by: gfmd_2.4.1-1.1ubuntu1_amd64 
NAME
gfarm2.conf - Gfarm configuration file
DESCRIPTION
gfarm2.conf is a text file that contains a Gfarm configuration. Gfarm server processes gfmd and gfsd
refer to %%SYSCONFDIR%%/gfmd.conf and %%SYSCONFDIR%%/gfarm2.conf, respectively, by default. Since this
configuration file is only read at startup, it is necessary to restart servers when the contents of the
configuration file are updated.
Application programs, such as gfls and gfhost, refer to both %%SYSCONFDIR%%/gfarm2.conf, and a file
specified by an environment variable, GFARM_CONFIG_FILE. If both configuration files exist, the file
specified by the environment variable, GFARM_CONFIG_FILE, is read first. Both files have the same
grammar. If the environment variable GFARM_CONFIG_FILE doesn't exist, ~/.gfarm2rc in a user's home
directory is used instead.
Each line of gfarm2.conf consists of one statement. When the line ends with the character ``\'', the
line continues for the next line. A word beginning with ``#'' causes that word and all remaining
characters on that line to be ignored.
HOST_SPECIFICATION
Host_specification has the following forms.
III.JJJ.KKK.LLL
Specifies an IP address with four octets from 0 to 255, separated by ".".
III.JJJ.KKK.LLL/MM
Specifies a network address with an IP address and a netmask from 0 to 31 separated by "/".
domain.name
Specifies a host name.
.domain.name
Specifies all hosts which belong to the domain.name.
* Specifies all hosts.
STATEMENT
The following statements are supported.
spool directory
The spool statement specifies a spool directory for a Gfarm filesystem on this filesystem node.
For example,
spool /var/spool/gfarm
spool_server_listen_address IP-address
The spool_server_listen_address statement specifies the IP address at which the gfsd accepts TCP
and UDP requests. The default address is all IP addresses of the host. This option is useful
when one wants to invoke multiple gfsd to provide multiple spool directories on the host.
For example,
spool_server_listen_address 192.168.121.1
spool_server_cred_type cred_type
This statement specifies the type of credential used by gfsd for GSI authentication. This is
ignored when you are using sharedsecret authentication.
If this statement isn't used on the server side, the server uses a host certificate, if the server
is invoked with root privileges. Or, if the server is invoked as a non-privileged user, the
server uses the user's certificate.
If this statement isn't used on the client side, the client assumes that the server that the
client is going to connect is using a host certificate of the server host. Thus, if the server is
not invoked with root privileges, but invoked with user privileges where the user is the same as
the user who invoked the client, the client side needs to specify the following one line.
Example:
spool_server_cred_type self
The possible types of cred_type are ``self'', ``host'', ``user'' and ``mechanism-specific''. And
those are used with the spool_server_cred_service and spool_server_cred_name statements as
follows:
self This keyword specifies that the certificate that the user currently has is used. You must
not use either the spool_server_cred_service or spool_server_cred_name statement, if you
are using this type.
host This keyword specifies that a host certificate or a service certificate is used. To choose
a service certificate, the name of the service may be specified by the
spool_server_cred_service statement. If ``host'' is specified as the service name, a host
certificate in the file ``/etc/grid-security/hostcert.pem'' will be used. If any server
name other than ``host'' is specified, a service certificate in the file ``/etc/grid-
security/SERVICE/SERVICEcert.pem'' will be used. If the service name is omitted, ``host''
will be used as the service name by default. Only the Common Name field of a certificate
will be used to check the server's identity for both a host certificate and a service
certificate. And the Common Name field must be in the ``CN=SERVERNAME/HOSTNAME'' format.
Also, the hostname must match the canonical name configured by the gfhost command exactly.
Alias hostnames are not allowed.
This feature corresponds to the GSS_C_NT_HOSTBASED_SERVICE feature in GSSAPI
(RFC2743/RFC2744).
Example:
spool_server_cred_type host
spool_server_cred_service host
user This keyword specifies that a user certificate is used. The account name of the user may
be specified by the spool_server_cred_name statement. If the account name is omitted, the
user who invoked the command will be used by default. You must not specify a service name
using the spool_server_cred_service statement, if you are using a user certificate.
To map from the account name to a Distinguished Name of a certificate, file ``/etc/grid-
security/grid-mapfile'' is used. Thus, if there isn't such a file, or if the user isn't
specified in this file, this feature cannot be used.
This feature corresponds to the GSS_C_NT_USER_NAME feature in GSSAPI (RFC2743/RFC2744).
Example:
spool_server_cred_type user
spool_server_cred_name guest
mechanism-specific
This keyword specifies that spool_server_cred_name is treated as a raw X.509 Distinguished
Name serving as a server's certificate. You must not specify a service name using a
spool_server_cred_service statement, if you are using this type.
This feature corresponds to a case where GSS_C_NO_OID is specified as a Name Type in GSSAPI
(RFC2743/RFC2744).
Example:
spool_server_cred_type mechanism-specific
spool_server_cred_name "/O=Grid/O=Globus/OU=example.com/CN=John Smith"
spool_server_cred_service cred_service
This statement specifies the service name of a service certificate used by gfsd for GSI
authentication, when ``host'' is specified in spool_server_cred_type statement. This is ignored
when you are using sharedsecret authentication. Please read the description of the
spool_server_cred_type statement for details.
spool_server_cred_name cred_name
This statement specifies the setting of a certificate used by gfsd for GSI authentication. What
this setting means depends on the type specified in the spool_server_cred_type statement. This is
ignored when you are using sharedsecret authentication. Please read the description of the
spool_server_cred_type statement for details.
metadb_server_host hostname
The metadb_server_host statement specifies the host name on which gfmd is running.
This statement cannot be omitted.
For example,
metadb_server_host ldap.example.com
metadb_server_port port
The metadb_server_port statement specifies the tcp port number the gfmd is listening on. The
default port number is 601.
For example,
metadb_server_port 601
metadb_server_cred_type cred_type
This statement specifies the type of credential used by gfmd for GSI authentication. This is
ignored when you are using sharedsecret authentication. Please read the description of the
spool_server_cred_type statement on the configuration of this statement.
metadb_server_cred_service cred_service
This statement specifies the service name of a service certificate used by gfmd for GSI
authentication, when ``host'' is specified in metadb_server_cred_type statement. This is ignored
when you are using sharedsecret authentication. Please read the description of the
spool_server_cred_type statement on the configuration of this statement.
metadb_server_cred_name cred_name
This statement specifies the setting of a certificate used by gfmd for GSI authentication. What
this setting means depends on the type specified in the metadb_server_cred_type statement. This
is ignored when you are using sharedsecret authentication. Please read the description of the
spool_server_cred_type statement on the configuration of this statement.
metadb_server_stack_size bytes
This directive specifies the size of each thread in the gfmd metadata server process. If not
specified, the default size of the OS is used. This parameter is used to cut down the size of
virtual memory space used by gfmd.
For example, the default stack size on CentOS 5/i386 is 10MB, thus, you can decrease the size of
the virtual memory space of gfmd to 1/40, by specifying 256KB as this parameter.
This parameter is only available in gfmd.conf, and ignored in gfarm2.conf.
For example,
metadb_server_stack_size 262144
metadb_server_thread_pool_size size
This directive specifies the maximum number of threads in a thread pool in the gfmd. It is
effective to specify around the number of CPU cores of the metadata server node. Default is 16.
This parameter is only available in gfmd.conf, and ignored in gfarm2.conf.
For example,
metadb_server_thread_pool_size 16
metadb_server_job_queue_length length
This directive specifies the length of job queue in the gfmd. It is effective to specify around
the maximum number of clients that access the Gfarm file system at the same time. Default is
16000.
This parameter is only available in gfmd.conf, and ignored in gfarm2.conf.
For example,
metadb_server_job_queue_length 160
metadb_server_heartbeat_interval seconds
This directive specifies the interval of heartbeat in seconds for gfmd to check availability of
each gfsd. Default is 180 seconds.
Until gfarm-2.3.0, this parameter was only available in gfmd.conf, and ignored in gfarm2.conf. But
since gfarm-2.4.0, gfsd also uses this parameter to detect whether gfmd is down or not, this
parameter has to be specified in both gfarm2.conf and gfmd.conf.
For example,
metadb_server_heartbeat_interval 180
metadb_server_dbq_size size
This directive specifies the queue length of metadata updates for a backend database in gfmd.
Longer queue length may avoid slow down due to waiting backend database updates in case of
frequent metadata operations. Default is 65536.
This parameter is only available in gfmd.conf, and ignored in gfarm2.conf.
For example,
metadb_server_dbq_size 65536
ldap_server_host hostname
The ldap_server_host statement specifies the host name on which an LDAP server is running. This
statement is required when the LDAP server is used for a backend database of gfmd. This statement
is used in gfmd.conf not gfarm2.conf.
For example,
ldap_server_host ldap.example.com
ldap_server_port port
The ldap_server_port statement specifies the tcp port number of the LDAP server.
This statement cannot be omitted if ldap_server_host is specified.
For example,
ldap_server_port 602
ldap_base_dn LDAP_base_distinguished_name
The ldap_base_dn statement specifies the base-distinguished name of the LDAP database.
This statement cannot be omitted if ldap_server_host is specified.
For example,
ldap_base_dn "dc=example, dc=com"
ldap_bind_dn LDAP_bind_distinguished_name
The ldap_bind_dn statement specifies the distinguished name for the bind operation which is used
for authentication to the LDAP database.
For example,
ldap_bind_dn "cn=gfarmuser, dc=example, dc=com"
ldap_bind_password password
The ldap_bind_password statement specifies the password for the bind operation which is used for
authentication to the LDAP database.
For example,
ldap_bind_password "secret-ldap-password"
postgresql_server_host hostname
The postgresql_server_host statement specifies the host name on which a PostgreSQL server is
running. This statement is required when the PostgreSQL server is used for a backend database of
gfmd. This statement is used in gfmd.conf not gfarm2.conf.
For example,
postgresql_server_host postgresql.example.com
postgresql_server_port port
The postgresql_server_port statement specifies the tcp port number of the PostgreSQL server.
This statement cannot be omitted if postgresql_server_host is specified.
For example,
postgresql_server_port 602
postgresql_dbname dbname
The postgresql_dbname statement specifies the database name of the PostgreSQL database.
This statement cannot be omitted if postgresql_server_host is specified.
For example,
postgresql_dbname gfarm
postgresql_user user
The postgresql_user statement specifies the username used to connect the PostgreSQL database.
For example,
postgresql_user gfarm
postgresql_password password
The postgresql_password statement specifies the password used to connect the PostgreSQL database.
For example,
postgresql_password gfarm
postgresql_conninfo connection_info
The postgresql_conninfo statement specifies the connection option used to connect the PostgreSQL
database.
For example,
postgresql_conninfo "sslmode=require connect_timeout=30"
auth validity method Host_specification
This statement specifies the authentication method when communicating with the host(s) specified
by the third argument.
The first argument should be either the enable or disable keyword. The second argument, auth
method, should be the gsi, gsi_auth, or sharedsecret keyword. The third argument specifies the
host(s) by using Host specification.
The auth statement may be specified any number of times. For each authentication method, it
becomes a candidate when the first entry whose host_specification matches the target host has the
enable keyword. When there is no corresponding entry, or when the first corresponding entry has
the disable keyword, the authentication method does not become a candidate.
This process takes place on both client and server sides. Candidates for authentication method on
both sides will be tried.
The order of statements with different authentication methods is not relevant. When there are
several candidates for the authentication method for the host, the order of the authentication
trial is sharedsecret, gsi_auth, and then gsi.
The GSI methods are available if and only if the --with-globus option is specified at
configuration. When the methods are not available, an auth statement with gsi or gsi_auth will be
ignored.
This statement cannot be omitted.
For example,
auth disable sharedsecret 192.168.0.100
auth disable sharedsecret 192.168.0.101
auth enable sharedsecret 192.168.0.0/24
auth enable gsi_auth 10.0.0.0/8
auth enable gsi *
In this example, all hosts which belong to the network address 192.168.0.0/24, except for two
hosts, 192.168.0.100 and 192.168.0.101, will be tested for authenticated by both sharedsecret and
gsi; all hosts which belong to the network address 10.0.0.0/8 will be tested for authentication by
both gsi_auth and gsi; and all other hosts will be authenticated by gsi. Note that two hosts,
192.168.0.100 and 192.168.0.101, will be tested for authentication by gsi only.
sockopt option[=value] [LISTENER | Host_specification]
The sockopt parameter specifies the socket option option via the setsockopt(2) system call.
When LISTENER (all capital letters) is specified by the second argument, the socket option is
applied to any socket on the server side (accepting side).
When the host_specification is specified by the second argument, the socket option is applied to
sockets that connect to the specified host(s). If the second argument is "*", the socket option
is applied to any hosts on the client side (connecting side).
If the second argument is omitted, the socket option is applied to every socket.
The following socket options can be specified.
debug. The SO_DEBUG socket option is specified. A value is not necessary.
keepalive. The SO_KEEPALIVE socket option is specified. A value is not necessary.
sndbuf. The SO_SNDBUF socket option is specified with a value.
rcvbuf. The SO_RCVBUF socket option is specified with a value.
tcp_nodelay. The TCP_NODELAY socket option is specified. A value is not necessary.
For example,
sockopt tcp_nodelay 192.168.0.0/24
sockopt sndbuf=1048576 10.0.0.0/8
sockopt sndbuf=1048576 LISTENER
sockopt rcvbuf=1048576 10.0.0.0/8
sockopt rcvbuf=1048576 LISTENER
known_network Host_specification
The known_network statement specifies a network address for file system nodes. It is used to
group file system nodes at file systen node scheduling. File system nodes that are not specified
in this directive are assumed to be in an IPv4 class C network.
For example,
known_network 192.168.0.0/24
admin_user user
This directive specifies an administrator user name, which is specified in gfmd.conf.
admin_user_gsi_dn user_gsi_dn
This directive specifies a subject DN of an administrator, which is specified in gfmd.conf.
local_user_map user-map-file
This directive specifies a file name user-map-file for mapping local user names to global user
names. This map file is used only for sharedsecret authentication. When this file is not
specified, a global user name is assumed to be same as the local user name.
user-map-file is needed when you have to use the sharedsecret authentication method in the case
where you have different unix account names on different filesystem nodes. In such a case, the
user-map-file on each filesystem node should have an entry from each local user name to a unique
global user name.
Example:
local_user_map /etc/gfarm/gfarm-usermap
Each line of the user-map-file consists of two fields separated by spaces; the first field is a
global user name, and the second field is a local user name.
Example of the user mapping file:
foobar foo
quux baz
According to the first line of this mapping file, a global user name, "foobar", is mapped to a
local user name, "foo", on this node.
local_group_map group-map-file
This directive specifies a file name group-map-file for mapping global group names to local group
names. This map file is used by legacy clients that use local group id such as gfarm2fs and gfarm
dsi for Globus GridFTP to display mapped local groups. When this file is not specified, a local
group name is assumed to be same as the global group name.
Example:
local_group_map /etc/gfarm/gfarm-groupmap
Each line of the group-map-file consists of two fields separated by spaces; the first field is a
global group name, and the second field is a local group name.
schedule_cache_timeout seconds
This directive specifies the time (in seconds) until the cache used for filesystem node scheduling
expires. The cache holds information on each filesystem node, e.g. load average, disk free space,
and whether authentication succeeds or not. The default time is 600 seconds, i.e. ten minutes.
For example,
schedule_cache_timeout 60
schedule_idle_load_thresh load-average
This directive specifies the threshold of CPU load average to be considered idle. The file system
nodes whose CPU load average is equal to or below the specified CPU load average are to be
scheduled at first. The default load average is 0.1.
For example,
schedule_idle_load_thresh 0.1
schedule_busy_load_thresh load-average
This directive specifies the threshold of CPU load average to be considered busy. The file system
nodes whose CPU load average is above the specified CPU load average are to be scheduled lastly.
The default load average is 0.5.
For example,
schedule_busy_load_thresh 0.5
schedule_virtual_load load-average
This directive specifies the virtual CPU load average. The virtual CPU load is added when the
host is scheduled to avoid scheduling the same host multiple times. The default load average is
0.3.
For example,
schedule_virtual_load 0.3
minimum_free_disk_space bytes
This directive specifies free disk space (in bytes) which is required on filesystem nodes. The
Gfarm scheduler excludes filesystem nodes which have less free space than this parameter, when it
schedules nodes for jobs which may write files. The free space value may have a suffix like ``k''
(kilo bytes), ``M'' (mega bytes), ``G'' (giga bytes) and ``T'' (tera bytes). The default size is
128M bytes.
This directive has to be specified in both gfarm2.conf and gfmd.conf. After restarting the gfmd
and the Gfarm client, it is effective.
For example,
minimum_free_disk_space 1G
simultaneous_replication_receivers number
This directive specifies maximum number of simultaneous gfmd-initiated replications to same host.
The default is 20.
For example,
simultaneous_replication_receivers 40
gfsd_connection_cache number
This directive specifies maximum number of cached gfsd connections. The default is 16.
For example,
gfsd_connection_cache 32
attr_cache_limit number
This directive specifies maximum number of cached attributes in gfarm library. The default is
40000.
For example,
attr_cache_limit 100000
attr_cache_timeout milliseconds
This directive specifies maximum time until cached attributes expire in milliseconds. The default
is 1000, i.e. 1 second.
For example,
attr_cache_timeout 3600000
log_level priority_level
This directive specifies a level of log priority. The log output, which priority is inferior to
this level, will not be sent to syslog or standard error. The priority levels are "emerg",
"alert", "crit", "err", "warning", "notice", "info" and "debug" in highest first order. The
default level is "info". It's not recommended to specify a level higher or equal to "crit".
For example,
log_level debug
log_message_verbose_level level
This directive specifies how verbose the log message is. The default value is 0, which outputs
the log message id. The level 1 additionally outputs the file name and the line of source code.
The level 2 additionally outputs the function name.
For example,
log_message_verbose_level 1
no_file_system_node_timeout seconds
If there is no file system node available, Gfarm client library periodically tries to find a file
system node. This directive specifies the timeout to try in seconds. The default is 30 seconds.
For example,
no_file_system_node_timeout 30
gfmd_reconnection_timeout seconds
If the connection to the metadata server is disconnected, Gfarm client library periodically tries
to reconnect. This directive specifies the timeout to try in seconds. The default is 30 seconds.
For example,
gfmd_reconnection_timeout 30
GRAMMAR
This is a grammar of gfarm2.conf described by the BNF notation.
<statement> ::=
<spool_statement> |
<spool_server_listen_address_statement> |
<spool_server_cred_type_statement> |
<spool_server_cred_service_statement> |
<spool_server_cred_name_statement> |
<metadb_server_host_statement> |
<metadb_server_port_statement> |
<metadb_server_cred_type_statement> |
<metadb_server_cred_service_statement> |
<metadb_server_cred_name_statement> |
<metadb_server_stack_size_statement> |
<metadb_server_thread_pool_size_statement> |
<metadb_server_job_queue_length_statement> |
<metadb_server_heartbeat_interval_statement> |
<metadb_server_dbq_size_statement> |
<ldap_server_host_statement> |
<ldap_server_port_statement> |
<ldap_base_dn_statement> |
<ldap_bind_dn_statement> |
<ldap_bind_password_statement> |
<postgresql_server_host_statement> |
<postgresql_server_port_statement> |
<postgresql_dbname_statement> |
<postgresql_user_statement> |
<postgresql_password_statement> |
<postgresql_conninfo_statement> |
<auth_statement> |
<sockopt_statement> |
<known_network_statement> |
<admin_user_statement> |
<admin_user_gsi_dn_statement> |
<local_user_map_statement> |
<local_group_map_statement> |
<schedule_cache_timeout_statement> |
<schedule_idle_load_thresh_statement> |
<schedule_busy_load_thresh_statement> |
<schedule_virtual_load_statement> |
<minimum_free_disk_space_statement> |
<simultaneous_replication_receivers> |
<gfsd_connection_cache_statement> |
<attr_cache_limit_statement> |
<attr_cache_timeout_statement> |
<log_level_statement> |
<log_message_verbose_level_statement>
<spool_statement> ::= "spool" <pathname>
<spool_server_listen_address_statement> ::=
"spool_server_listen_address" <ipv4_address>
<spool_server_cred_type_statement> ::=
"spool_server_cred_type" <cred_type>
<spool_server_cred_service_statement> ::=
"spool_server_cred_service" <cred_service>
<spool_server_cred_name_statement> ::=
"spool_server_cred_name" <cred_name>
<metadb_server_host_statement> ::= "metadb_server_host" <hostname>
<metadb_server_port_statement> ::= "metadb_server_port" <portnumber>
<metadb_server_cred_type_statement> ::=
"metadb_server_cred_type" <cred_type>
<metadb_server_cred_service_statement> ::=
"metadb_server_cred_service" <cred_service>
<metadb_server_cred_name_statement> ::=
"metadb_server_cred_name" <cred_name>
<metadb_server_stack_size_statement> ::=
"metadb_server_stack_size" <number>
<metadb_server_thread_pool_size_statement> ::=
"metadb_server_thread_pool_size" <number>
<metadb_server_job_queue_length_statement> ::=
"metadb_server_job_queue_length" <number>
<metadb_server_heartbeat_interval_statement> ::=
"metadb_server_heartbeat_interval" <number>
<metadb_server_dbq_size_statement> ::=
"metadb_server_dbq_size" <number>
<ldap_server_host_statement> ::= "ldap_server_host" <hostname>
<ldap_server_port_statement> ::= "ldap_server_port" <portnumber>
<ldap_base_dn_statement> ::= "ldap_base_dn" <string>
<ldap_bind_dn_statement> ::= "ldap_bind_dn" <string>
<ldap_bind_password_statement> ::= "ldap_bind_password" <string>
<postgresql_server_host_statement> ::= "postgresql_server_host" <hostname>
<postgresql_server_port_statement> ::= "postgresql_server_port" <portnumber>
<postgresql_dbname_statement> ::= "postgresql_dbname" <string>
<postgresql_user_statement> ::= "postgresql_user" <string>
<postgresql_password_statement> ::= "postgresql_password" <string>
<postgresql_conninfo_statement> ::= "postgresql_conninfo" <string>
<auth_statement> ::=
"auth" <validity> <auth_method> <hostspec>
<auth_command> ::= "enable" | "disable"
<auth_method> ::= "gsi" | "gsi_auth" | "sharedsecret"
<sockopt_statement> ::=
"sockopt" <socket_option>[=<number>] [""LISTENER" | <hostspec>]
<socket_option> = "debug" | "keepalive" | "sndbuf" | "rcvbuf" |
"tcp_nodelay"
<known_network_statement> ::= "known_network" <hostspec>
<admin_user_statement> ::= "admin_user" <string>
<admin_user_gsi_dn_statement> ::= "admin_user_gsi_dn" <string>
<local_user_map_statement> ::= "local_user_map" <pathname>
<local_group_map_statement> ::= "local_group_map" <pathname>
<schedule_cache_timeout_statement> ::= "schedule_cache_timeout" <number>
<schedule_idle_load_thresh_statement> ::= "schedule_idle_load_thresh" <load>
<schedule_busy_load_thresh_statement> ::= "schedule_busy_load_thresh" <load>
<schedule_virtual_load_statement> ::= "schedule_virtual_load" <load>
<minimum_free_disk_space_statement> ::=
"minimum_free_disk_space" <size>
<simultaneous_replication_receivers> ::= "simultaneous_replication_receivers" <number>
<gfsd_connection_cache_statement> ::= "gfsd_connection_cache" <number>
<attr_cache_limit_statement> ::= "attr_cache_limit" <number>
<attr_cache_timeout_statement> ::= "attr_cache_timeout" <number>
<log_level_statement> ::= "log_level" <log_priority>
<log_message_verbose_level_statement> ::= "log_message_verbose_level" <number>
<no_file_system_node_timeout_statement> ::= "no_file_system_node_timeout" <number>
<gfmd_reconnection_timeout_statement> ::= "gfmd_reconnection_timeout" <number>
<hostspec> ::= <ipv4_address> | <ipv4_address> "/" <address_mask> |
<hostname> | "." <domain_name> | "*"
<pathname> ::= <pathname_character> <pathname_character>*
<pathname_character> ::= <hostname_character> | "," | "/" | "_"
<hostname> ::= <hostname_character> <hostname_character>*
<hostname_character> ::= <alphabet> | <digit> | "-" | "."
<portnumber> ::= <number>
<size> ::= <number> [ "k" | "M" | "G" | "T" ]
<number> ::= <digit> [<digit>*]
<digit> ::= "0" | "1" | "2" | "3" | "4" | "5" | "6" | "7" | "8" | "9"
<string> ::= """ <double_quoted_character>* """
<double_quoted_character> ::=
<any_character_except_backslash_and_double_quotation> |
"\\" | "\""
<validity> ::= "enable" | "disable"
<log_priority> ::= "emerg" | "alert" | "crit" | "err" | "warning" |
"notice" | "info" | "debug"
EXAMPLES
The following is an example usin PostgreSQL to store the metadata, and to allow access from filesystem
nodes and clients at IP address 192.168.0.0/24, via sharedsecret authentication.
spool /var/spool/gfarm
metadb_server_host metadb.example.org
metadb_server_port 601
postgresql_server_host metadb.example.org
postgresql_server_port 5432
postgresql_dbname gfarm
postgresql_user gfarm
postgresql_password "secret-postgresql-password"
auth enable sharedsecret 192.168.0.0/24
sockopt keepalive
The following is an example using LDAP to store the metadata, and to allow access from filesystem nodes
and clients at any IP address, via GSI authentication.
spool /var/spool/gfarm
metadb_server_host metadb.example.com
metadb_server_port 601
ldap_server_host metadb.example.com
ldap_server_port 602
ldap_base_dn "dc=example, dc=com"
ldap_bind_dn "cn=gfarmuser, dc=example, dc=com"
ldap_bind_password "secret-ldap-password"
auth enable gsi *
sockopt keepalive
FILES
%%SYSCONFDIR%%/gfarm2.conf
$HOME/.gfarm2rc
SEE ALSO
gfmd(8), gfsd(8), setsockopt(2)
Gfarm 30 December 2010 GFARM2.CONF(5)