Bug 665562

Summary: lvm2 creates device nodes that don't follow DM_DEVICE_{UID,GID,MODE} defines
Product: [Fedora] Fedora Reporter: Christos Zoulas <christos>
Component: lvm2Assignee: Peter Rajnoha <prajnoha>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: rawhideCC: agk, bmarzins, bmr, dwysocha, heinzm, jonathan, lvm-team, mbroz, msnitzer, prajnoha, prockai
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: lvm2-2.02.81-1.fc15 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-01-18 08:14:33 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
amended patch (umask save/restore addition and restore on error) none

Description Christos Zoulas 2010-12-24 19:12:22 UTC 
Description of problem:

lvm device not creation does not have the proper owner group and permission.

Version-Release number of selected component (if applicable):


How reproducible:

Always

Steps to Reproduce:
1. compile lvm2 with DM_DEVICE_UID, DM_DEVICE_GID, DM_DEVICE_MODE different than default.
2. ls -l on the device nodes lvm creates
3.

Actual results:


Expected results:


Additional info:
Comment 1 Alasdair Kergon 2010-12-25 00:39:23 UTC 
Are you using udev?  If so, its setting will override compiled-in ones.
Comment 2 Christos Zoulas 2010-12-25 03:28:46 UTC 
Thanks for the quick reply and happy holidays. I understand that with udev this is irrelevant. No, I am using it in NetBSD and we don't have devfs. We don't even compile this part of the code, but I thought you would want to put it in just for correctness.
Comment 3 Christos Zoulas 2010-12-26 14:53:20 UTC 
Created attachment 470739 [details]
amended patch (umask save/restore addition and restore on error)
Comment 4 Alasdair Kergon 2010-12-26 19:09:16 UTC 
Patch was against which old version?  Some of this has already changed (and got fixed?) in upstream CVS.
Comment 5 Christos Zoulas 2010-12-26 23:07:25 UTC 
I am working against 2.02.56(1) (2009-11-24). If some of it still applies, please change it and we'll import a new version. Thanks!
Comment 6 Alasdair Kergon 2011-01-04 14:03:21 UTC 
Just the control node hunk is still needed - we'll fix that.
Comment 7 Peter Rajnoha 2011-01-04 14:48:47 UTC 
Committed upstream (libdevmapper 1.02.61, lvm2 2.02.80).
Comment 8 Peter Rajnoha 2011-01-04 14:55:05 UTC 
Though we don't use the "chown(control, DM_DEVICE_UID, DM_DEVICE_GID)" - only root can use the control node, so changing this would be useless.
Comment 9 Christos Zoulas 2011-01-04 21:22:45 UTC 
How access control is defined is up to the kernel implementation of the ioctl commands for the control device node to decide. For example on the NetBSD lvm2 kernel implementation we allow group operator to do inspection operations to the lvm system (and disallow changes for non root users). Please make sure if you are making this change that your kernel implementation of the ioctl() commands does the proper access checking and does not depend on the mode of the device node.
Comment 10 Alasdair Kergon 2011-01-04 21:33:17 UTC 
The linux kernel currently requires root for the dm ioctls.  The current userspace implementation here assumes the /dev dir is also restricted to root i.e. drwxr-xr-x and trusted.
Comment 11 Peter Rajnoha 2011-01-18 08:14:33 UTC 
The fix is in rawhide now (lvm2-2.02.81-1, device-mapper-1.02.61-1).