Bug 1418650
Summary: | Samba crash when mounting a distributed dispersed volume over CIFS | ||
---|---|---|---|
Product: | [Community] GlusterFS | Reporter: | Xavi Hernandez <jahernan> |
Component: | disperse | Assignee: | Xavi Hernandez <jahernan> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 3.10 | CC: | aspandey, bugs, jahernan, nbalacha, nigelb, pkarampu |
Target Milestone: | --- | Keywords: | Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | glusterfs-3.10.0 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | 1402661 | Environment: | |
Last Closed: | 2017-03-06 17:44:58 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1402661 | ||
Bug Blocks: |
Description
Xavi Hernandez
2017-02-02 12:23:24 UTC
REVIEW: https://review.gluster.org/16522 (cluster/ec: fix selinux issues with mmap()) posted (#1) for review on release-3.10 by Xavier Hernandez (xhernandez) COMMIT: https://review.gluster.org/16522 committed in release-3.10 by Shyamsundar Ranganathan (srangana) ------ commit cc0f3623c037529a3c3f3d1c81f2c8d281d64dba Author: Xavier Hernandez <xhernandez> Date: Fri Jan 13 13:54:35 2017 +0100 cluster/ec: fix selinux issues with mmap() EC uses mmap() to create a memory area for the dynamic code. Since the code is created on the fly and executed when needed, this region of memory needs to have write and execution privileges. This combination is not allowed by default by selinux. To solve the problem a file is used as a backend storage for the dynamic code and it's mapped into two distinct memory regions, one with write access and the other one with execution access. This approach is the recommended way to create dynamic code by a program in a more secure way, and selinux allows it. Additionally selinux requires that the backend file be stored in a directory marked with type bin_t to be able to map it in an executable area. To satisfy this condition, GLUSTERFS_LIBEXECDIR has been used. This fix also changes the error check for mmap(), that was done incorrectly (it checked against NULL instead of MAP_FAILED), and it also correctly propagates the error codes and makes sure they aren't silently ignored. > Change-Id: I71c2f88be4e4d795b6cfff96ab3799c362c54291 > BUG: 1402661 > Signed-off-by: Xavier Hernandez <xhernandez> > Reviewed-on: https://review.gluster.org/16405 > Smoke: Gluster Build System <jenkins.org> > NetBSD-regression: NetBSD Build System <jenkins.org> > CentOS-regression: Gluster Build System <jenkins.org> > Reviewed-by: Jeff Darcy <jdarcy> Change-Id: I5c2dd51b1161505316c8f78b73e9a585d0c115d0 BUG: 1418650 Signed-off-by: Xavier Hernandez <xhernandez> Reviewed-on: https://review.gluster.org/16522 Smoke: Gluster Build System <jenkins.org> NetBSD-regression: NetBSD Build System <jenkins.org> CentOS-regression: Gluster Build System <jenkins.org> Reviewed-by: Shyamsundar Ranganathan <srangana> This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.10.0, please open a new bug report. glusterfs-3.10.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] http://lists.gluster.org/pipermail/gluster-users/2017-February/030119.html [2] https://www.gluster.org/pipermail/gluster-users/ |