Bug 1277877

Summary: FSAL_GLUSTER : if only DENY entry is set for a user/group, then it lost all its default permission
Product: [Retired] nfs-ganesha Reporter: Jiffin <jthottan>
Component: FSAL_GLUSTERAssignee: Jiffin <jthottan>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: develCC: akhakhar, jthottan, kkeithle, mzywusko, ndevos, skoduri
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: nfs-ganesha-2.4-dev-2 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1277886 (view as bug list) Environment:
Last Closed: 2016-02-17 07:13:39 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1277886    

Description Jiffin 2015-11-04 09:58:08 UTC 
Description of problem:
If only  one DENY entry is set for the user/group ,then all of the existing permission(by default it will permission of everyone) will be lost

Version-Release number of selected component (if applicable):
mainline

How reproducible:
always

Steps to Reproduce:
1.Export a gluster volume via ganesha with acls enabled
2.Mount the volume using nfsv4
3.create a file
4.Now set a DENY ENTRY for that file(no corresponding ALLOW ENTRY should exist) 

example
at the mount point

# touch file
# nfs4_getfacl file

A::OWNER@:rwatTcCy
A::GROUP@:rtcy
A::EVERYONE@:rtcy

nfs4_setfacl -a D::user_b@{$DOMAIN}:W file

Actual results:
nfs4_getfacl file

A::OWNER@:rwatTcCy
D::user_b@{$DOMAIN}:rwa
A::user_b@{$DOMAIN}:tcy
A::GROUP@:rtcy
A::EVERYONE@:rtcy


Expected results:
nfs4_getfacl file

A::OWNER@:rwatTcCy
D::user_b@{$DOMAIN}:wa
A::user_b@{$DOMAIN}:rtcy
A::GROUP@:rtcy
A::EVERYONE@:rtcy

Additional info: