Bug 521206

Summary: Permissions problem on block devices
Product: Red Hat Enterprise Linux 5 Reporter: Baptiste Mille-Mathias <baptiste.millemathias>
Component: lvm2Assignee: LVM and device-mapper development team <lvm-team>
Status: CLOSED DUPLICATE QA Contact: Cluster QE <mspqa-list>
Severity: high Docs Contact:
Priority: low    
Version: 5.4CC: agk, dwysocha, edamato, heinzm, jbrassow, mbroz, prockai
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-09-04 17:13:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Baptiste Mille-Mathias 2009-09-04 10:21:45 UTC 
Description of problem:
I've just upgraded one server which was in 5.3 to 5.4 and after the upgrade (I didn't rebooted yet) the command "df -k /dev/mapper/LogVol*" executed by a simple system user "sitescope" (used form monitoring) returned "Permission denied".
Executing the command with root obviously worked.

Version-Release number of selected component (if applicable):
udev-095-14.21.el5

How reproducible:
use a RHEL 5.4 server.

Steps to Reproduce:
1. type "df -k /dev/mapper/LogVol*" with a simple user with no particular permissions.
  
Actual results:
"Permissions denied"

Expected results:
To return the disk usage.

Additional info:
(command executed on a just upgrade to RHEL 5.4 server)
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
sitescope@sa-qua001-cm2 ~]$ ll /dev/sd*
brw-r----- 1 root disk 8,  0 Sep  4  2009 /dev/sda
brw-r----- 1 root disk 8,  1 Sep  4  2009 /dev/sda1
brw-r----- 1 root disk 8,  2 Sep  4  2009 /dev/sda2
brw-r----- 1 root disk 8,  3 Sep  4 12:30 /dev/sda3
brw-r----- 1 root disk 8,  4 Sep  4  2009 /dev/sda4
brw-r----- 1 root disk 8,  5 Sep  4  2009 /dev/sda5
brw-r----- 1 root disk 8, 16 Sep  4  2009 /dev/sdb
brw-r----- 1 root disk 8, 32 Sep  4  2009 /dev/sdc
[sitescope@sa-qua001-cm2 ~]$ ll /dev/mapper/
total 0
crw------- 1 root root  10, 63 Sep  4  2009 control
brw-rw---- 1 root disk 253,  6 Sep  4 12:30 mpath0
brw------- 1 root root 253,  4 Sep  4  2009 VolGroup_ID_19884-LogVol0
brw------- 1 root root 253,  0 Sep  4 12:30 VolGroup_ID_19884-LogVol1
brw------- 1 root root 253,  1 Sep  4 12:30 VolGroup_ID_19884-LogVol2
brw------- 1 root root 253,  3 Sep  4 12:30 VolGroup_ID_19884-LogVol4
brw------- 1 root root 253,  2 Sep  4 12:30 VolGroup_ID_19884-LogVol5
brw------- 1 root root 253,  5 Sep  4 12:30 VolGroup_ID_19884-LogVolHome
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

(same command on a rhel 5.3 server)
[monitoring@sa-hoa001-wb1 ~]$ ll /dev/sd*
brw-r----- 1 root disk 8,  0 Sep  2 03:33 /dev/sda
brw-r----- 1 root disk 8, 16 Sep  2 03:33 /dev/sdb
brw-r----- 1 root disk 8, 32 Sep  2 03:33 /dev/sdc
brw-r----- 1 root disk 8, 33 Sep  2 03:33 /dev/sdc1
brw-r----- 1 root disk 8, 34 Sep  2 03:33 /dev/sdc2
brw-r----- 1 root disk 8, 35 Sep  2 00:33 /dev/sdc3
brw-r----- 1 root disk 8, 36 Sep  2 03:33 /dev/sdc4
brw-r----- 1 root disk 8, 37 Sep  2 03:33 /dev/sdc5
[monitoring@sa-hoa001-wb1 ~]$ ll /dev/mapper/
total 0
crw------- 1 root root  10, 63 Sep  2 03:33 control
brw-rw---- 1 root disk 253,  4 Sep  2 03:33 VolGroup_ID_32524-LogVol0
brw-rw---- 1 root disk 253,  0 Sep  2 00:33 VolGroup_ID_32524-LogVol1
brw-rw---- 1 root disk 253,  1 Sep  2 00:33 VolGroup_ID_32524-LogVol2
brw-rw---- 1 root disk 253,  3 Sep  2 00:33 VolGroup_ID_32524-LogVol4
brw-rw---- 1 root disk 253,  2 Sep  2 00:33 VolGroup_ID_32524-LogVol5
brw-rw---- 1 root disk 253,  5 Sep  2 00:33 VolGroup_ID_32524-LogVolHome
brw-rw---- 1 root disk 253,  6 Sep  2 03:33 VolGroup_ID_32524-LogVolWWW
Comment 1 Harald Hoyer 2009-09-04 10:45:36 UTC 
devices in /dev/mapper are _not_ created by udev but lvm/dmsetup
Comment 2 Alasdair Kergon 2009-09-04 12:23:34 UTC 
This part of the lvm2 code has not changed, to my knowledge.  You're seeing the correct lvm2 defaults on 5.4 and not seeing them on 5.3.  (What you see on 5.3 matches Fedora and is the likely default for RHEL6.)  Did you customise udev rules or initscripts locally to do this perhaps?
Comment 3 Baptiste Mille-Mathias 2009-09-04 12:42:11 UTC 
Hi Alasdair,

No I didn't perform change on udev or any storage permission this part of the system. the only thing I did 1 month ago is setup a multipath storage.
Unfortunately I don't have the permissions of the system before the upgrade to 5.4.
I can perform a "df" or "df /tmp" but not "df /dev/mapper/VolGroup_ID_19884-LogVol2" which is the command that run my monitoring tool :/.
Comment 4 Baptiste Mille-Mathias 2009-09-04 14:39:41 UTC 
Sorry to ask that, but is there a possible workaround in order to make my monitoring works?

Thanks
Comment 5 Alasdair Kergon 2009-09-04 17:13:18 UTC 
Make sure /dev/mapper dir and /etc/mtab are readable so df can stat the files.

Use strace to see what's actually failing in df.

Try rebooting in case there's customisation to set perms at boot.

I don't think there's an lvm2 package problem here, so closing this.

Please use www.redhat.com/support if you need further assistance.
Comment 6 Baptiste Mille-Mathias 2009-09-07 09:41:17 UTC 
Just changing the title as the permissions problem is experienced also on block device under /dev.

I'll make the adviced checks, but for customization I'm sure I didn't change a thing.

Anyway thanks.
Comment 7 Baptiste Mille-Mathias 2009-09-07 12:47:47 UTC 
Actually this is a real bug.
I'm Duping this one in favor of https://bugzilla.redhat.com/show_bug.cgi?id=520630

*** This bug has been marked as a duplicate of bug 520630 ***