Bug 1327546

Summary: Write permission doesn't get updated for group and everyone after copying a file.
Product: Red Hat Gluster Storage Reporter: Shashank Raj <sraj>
Component: nfs-ganeshaAssignee: Jiffin <jthottan>
Status: CLOSED NOTABUG QA Contact: storage-qa-internal <storage-qa-internal>
Severity: high Docs Contact:
Priority: unspecified    
Version: rhgs-3.1CC: jthottan, kkeithle, ndevos, nlevinki, sashinde, skoduri
Target Milestone: ---Keywords: ZStream
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-04-29 06:32:09 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Shashank Raj 2016-04-15 11:08:53 UTC 
Description of problem:
Write permission doesn't get updated for group and everyone after copying the file.

Version-Release number of selected component (if applicable):
nfs-ganesha-2.3.1-3

How reproducible:
Always

Steps to Reproduce:
1.Create a 4 node cluster and configure ganesha on it.
2.Create a volume, enable ganesha on it and mount it using version 4
3.Create a file under the mount point and set rwx permission for owner, group and everyone.

[root@dhcp37-206 nfs1]# touch file

[root@dhcp37-206 nfs1]# nfs4_getfacl file
A::OWNER@:rwatTcCy
A::GROUP@:rtcy
A::EVERYONE@:rtcy

[root@dhcp37-206 nfs1]# nfs4_setfacl -a "A::OWNER@:rxw" file
[root@dhcp37-206 nfs1]# nfs4_setfacl -a "A::GROUP@:rxw" file
[root@dhcp37-206 nfs1]# nfs4_setfacl -a "A::EVERYONE@:rxw" file

[root@dhcp37-206 nfs1]# nfs4_getfacl file
A::OWNER@:rwaxtTcCy
A::GROUP@:rwaxtcy
A::EVERYONE@:rwaxtcy

4. Create a dir on the mount point and copy the file into this dir

[root@dhcp37-206 nfs1]# mkdir dir

[root@dhcp37-206 nfs1]# ls
dir  file

[root@dhcp37-206 nfs1]# cp file /mnt/nfs1/dir/

5. do a getfacl on this copied file and observe that the write permission for group and everyone is not updated.

[root@dhcp37-206 nfs1]# cd dir/

[root@dhcp37-206 dir]# ls
file

[root@dhcp37-206 dir]# nfs4_getfacl file
A::OWNER@:rwaxtTcCy
A::GROUP@:rxtcy
A::EVERYONE@:rxtcy


Actual results:

Write permission doesn't get updated for group and everyone after copying the file.

Expected results:

All the ace should get copied correctly after copying a file to other location.

Additional info:
Comment 2 Jiffin 2016-04-18 14:02:48 UTC 
I checked this behavior in posix and knfs. For "w", the permission are not copied to "copy file". May be its related to umask entry. For "x" it works fine.

[root@dhcp42-42 ~]# touch file
[root@dhcp42-42 ~]# setfacl -m "g::rw,o::rw" file
[root@dhcp42-42 ~]# getfacl file
# file: file
# owner: root
# group: root
user::rw-
group::rw-
other::rw-
[root@dhcp42-42 ~]# cp file abc
[root@dhcp42-42 ~]# getfacl abc
# file: abc
# owner: root
# group: root
user::rw-
group::r--
other::r--
[root@dhcp42-42 ~]# setfacl -m "u::rwx,g::r-x,o::r-x" abc
[root@dhcp42-42 ~]# getfacl abc
# file: abc
# owner: root
# group: root
user::rwx
group::r-x
other::r-x
[root@dhcp42-42 ~]# cp abc def
[root@dhcp42-42 ~]# getfacl def
# file: def
# owner: root
# group: root
user::rwx
group::r-x
other::r-x

Putting a needinfo ndevos who might have much idea about that.
Comment 3 Jiffin 2016-04-19 17:02:21 UTC 
[root@jiffin17 ~]# mount -t nfs -o vers=4.0 10.70.43.14:/brick/new /mnt/nfs/1/
[root@jiffin17 ~]# cd /mnt/nfs/1/
[root@jiffin17 1]# ls
a  abc  b  dir  dir2  foo  new  xyz
[root@jiffin17 1]# mkdir dir3
[root@jiffin17 1]# cd dir3
[root@jiffin17 dir3]# ls
[root@jiffin17 dir3]# touch file
[root@jiffin17 dir3]# nfs4_getfacl file
A::OWNER@:rwatTcCy
A::GROUP@:rtcy
A::EVERYONE@:rtcy
[root@jiffin17 dir3]# nfs4_setfacl -e file
[root@jiffin17 dir3]# nfs4_getfacl file
A::OWNER@:rwaxtTcCy
A::GROUP@:rwaxtcy
A::EVERYONE@:rwaxtcy
[root@jiffin17 dir3]# cp file foo
[root@jiffin17 dir3]# nfs4_getfacl foo
A::OWNER@:rwaxtTcCy
A::GROUP@:rxtcy
A::EVERYONE@:rxtcy
Comment 4 Niels de Vos 2016-04-28 14:48:41 UTC 
I would say that this is not a bug in NFS-Ganesha because knfsd handles it the exact same way. When users are questioning this behaviour, we should check with the Linux kernel NFS developers and see why it is done like this, and if we can/should change it.
Comment 5 Jiffin 2016-04-29 06:31:47 UTC 
IMHO it may not related to knfs. NFS server(knfs/ganesha) both just imitates what backend does. Since backend does not copy the write permission what else server can do?