Bug 1030443
Summary: | NFS_ACL : Inconsistent behaviour of setfacl and getfacl. | |||
---|---|---|---|---|
Product: | [Red Hat Storage] Red Hat Gluster Storage | Reporter: | Anil Shah <ashah> | |
Component: | glusterd | Assignee: | santosh pradhan <spradhan> | |
Status: | CLOSED ERRATA | QA Contact: | Anil Shah <ashah> | |
Severity: | urgent | Docs Contact: | ||
Priority: | high | |||
Version: | 2.1 | CC: | grajaiya, rtalur, spradhan, vagarwal, vbellur, vraman | |
Target Milestone: | --- | Keywords: | Reopened, TestBlocker, ZStream | |
Target Release: | RHGS 2.1.2 | |||
Hardware: | x86_64 | |||
OS: | Linux | |||
Whiteboard: | ||||
Fixed In Version: | 3.4.0.47.1u2rhs-1 | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1035218 (view as bug list) | Environment: | ||
Last Closed: | 2014-02-25 08:03:42 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1032984, 1035218 |
Description
Anil Shah
2013-11-14 13:05:29 UTC
Hi Anil, Can you re-run the test after this command and see if it still fails? Command: gluster volume set <VOLNAME> stat-prefetch off No luck. [root@rhsauto001 ~]# gluster volume set dist-rep2 stat-prefetch off volume set: success [root@rhsauto010 acl2]# touch dot [root@rhsauto010 acl2]# getfacl dot # file: dot # owner: root # group: root user::rw- group::r-- other::r-- [root@rhsauto010 acl2]# setfacl -m u:adm:rw dot [root@rhsauto010 acl2]# getfacl dot # file: dot # owner: root # group: root user::rw- user:adm:rw- group::r-- mask::rw- other::r-- [root@rhsauto010 acl2]# setfacl -m u:adm:rw dot [root@rhsauto010 acl2]# getfacl dot getfacl: dot: Invalid argument [root@rhsauto010 acl2]# rm -rf dot [root@rhsauto010 acl2]# touch dot [root@rhsauto010 acl2]# setfacl -m u:acltest_user2:rwx dot [root@rhsauto010 acl2]# getfacl dot getfacl: dot: Invalid argument The pcap shows that the permissions are getting set improperly by posix-acl i.e. in glusterfs backend (brick). The NFS is working as expected. Except permissions, everything else look good. The permissions needs to be masked properly in the backend/brick process. When I fixed the permissions properly the getfacl/setfacl worked in my local workstation. When I tested in the upstream code, the commands getfacl/sefacl just worked without any change. That means the issue is already fixed upstream. Little more code investigation shows the issue is really fixed upstream. Ported the fix downstream (see BZ 1032984) and its up for review: https://code.engineering.redhat.com/gerrit/#/c/16121/ Posted another FIX to this: http://review.gluster.org/#/c/6368/ Tried running setfacl and getfacl on build glusterfs 3.4.0.44.1u2rhs. However behaviour is still in-consistent. [root@rhsauto010 acl2]# setfacl -m u:adm:rw dot [root@rhsauto010 acl2]# getfacl dot # file: dot # owner: root # group: root user::rw- user:adm:rw- group::r-- mask::rw- other::r-- [root@rhsauto010 acl2]# getfacl dot getfacl: dot: Invalid argument Posted the patch for review: https://code.engineering.redhat.com/gerrit/16748 Behaviour is Consistent. [root@rhsauto010 acl2]# setfacl -m u:adm:rwx abc [root@rhsauto010 acl2]# getfacl abc # file: abc # owner: root # group: root user::rw- user:adm:rwx group::r-- mask::rwx other::r-- [root@rhsauto010 acl2]# setfacl -m u:adm:rwx abc [root@rhsauto010 acl2]# getfacl abc # file: abc # owner: root # group: root user::rw- user:adm:rwx group::r-- mask::rwx other::r-- [root@rhsauto010 acl2]# getfacl abc # file: abc # owner: root # group: root user::rw- user:adm:rwx group::r-- mask::rwx other::r-- [root@rhsauto010 acl2]# getfacl abc # file: abc # owner: root # group: root user::rw- user:adm:rwx group::r-- mask::rwx other::r-- Closing this Bug. Changing state to ON_QA to have it addressed appropriately. NFS ACL Behaviour is Consistent. [root@rhsauto010 acl2]# setfacl -m u:adm:rwx dot [root@rhsauto010 acl2]# getfacl dot # file: dot # owner: root # group: root user::rw- user:adm:rwx group::r-- mask::rwx other::r-- [root@rhsauto010 acl2]# setfacl -m u:adm:rwx dot [root@rhsauto010 acl2]# getfacl dot # file: dot # owner: root # group: root user::rw- user:adm:rwx group::r-- mask::rwx other::r-- [root@rhsauto010 acl2]# getfacl dot # file: dot # owner: root # group: root user::rw- user:adm:rwx group::r-- mask::rwx other::r-- [root@rhsauto010 acl2]# setfacl -m u:gopher:rw dot [root@rhsauto010 acl2]# getfacl dot # file: dot # owner: root # group: root user::rw- user:adm:rwx user:gopher:rw- group::r-- mask::rwx other::r-- [root@rhsauto010 acl2]# setfacl -m u:gopher:rw dot [root@rhsauto010 acl2]# getfacl dot # file: dot # owner: root # group: root user::rw- user:adm:rwx user:gopher:rw- group::r-- mask::rwx other::r-- Bug verified on build glusterfs 3.4.0.49rhs. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHEA-2014-0208.html |