Bug 843080

Summary: Permission Denied error when executing userfiles from RHS (gluster) volume
Product: [Red Hat Storage] Red Hat Gluster Storage Reporter: Marcel Hergaarden <mhergaar>
Component: glusterfsAssignee: Amar Tumballi <amarts>
Status: CLOSED ERRATA QA Contact: Saurabh <saujain>
Severity: high Docs Contact:
Priority: high    
Version: 2.0CC: amarts, gluster-bugs, mzywusko, ndevos, psriniva, sdharane, sgowda, ssaha, vbellur, vraman
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: glusterfs-3.4.0qa5-1 Doc Type: Bug Fix
Doc Text:
Previously, a 'Permission Denied' error would occur while executing user files on Red Hat Storage volumes. Now, the access permissions are modified to execute user files on Red Hat Storage volumes.
 Story Points: ---
Clone Of:
: 843960 (view as bug list) Environment:
Last Closed: 2013-09-16 03:23:05 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 843960    

Description Marcel Hergaarden 2012-07-25 14:16:29 UTC 
Description of problem:

When a file has the following file permissions:  “rwx--x--x”  it should be executable for a regular (non-root) user.  This is true for a regular filesystem and NFS.

Within a glustervolume which has been mounted using the glusterfs-fuse option, it is not possible to run the executable which has above file permissions set. However, when the glustervolume has been mounted on a client using NFS as mountoption then the file can be executed as expected.

Version-Release number of selected component (if applicable):

RHSS 2.0

How reproducible:

Create a Glustervolume, copy an executable file into this volume.
Change the permissions to 711 rwx--x--x
Login as a non-root user and try to execute the executable file with above permissions. You will only get Permission Denied as a non-root user.

Steps to Reproduce:
1.Create RHS glustervolume, mount it using Fuse (glusterFS)
2.Create an executable file into the glustervolume and chmod this 711
3.Login as a normal user and try to execute that file with rwx--x--x permission
  
Actual results:

Permission Denied

Expected results:

Normal executable like in a regular filesystem

Additional info:

Those permissions are set by an application and cannot be altered.
It is very important to a customer who is prospect for RHSS 2.0
Comment 2 Amar Tumballi 2012-07-26 11:09:38 UTC 
noticed that this is an issue because linux fs is handled differently for FMODE_EXEC (linux/fs.h) we don't handle that flag at all as of today... I noticed client got open flag as 0100040 and resulting converted flag was 0 (considering glusterfs.h took out O_LARGEFILE(0100000)), we didn't handle the flag in protocol convert, and hence came up with no read permissions in posix_acl_open()

-Amar
Comment 3 Amar Tumballi 2012-07-26 11:50:01 UTC 
possible fix submitted @ http://review.gluster.com/3739
Comment 4 Sayan Saha 2012-07-27 12:37:58 UTC 
Amar,

Let's plan for this fix to be pushed out in the next update i.e. update 2 for 2.0.z.
Comment 7 Amar Tumballi 2012-07-28 08:59:11 UTC 
patch (http://review.gluster.com/3739 - acl: enable handling of FMODE_EXEC flag) approved and applied on upstream.
Comment 9 Pavithra 2013-08-27 09:55:25 UTC 
Kindly verify the edited doc text for technical accuracy and sign off.
Comment 10 shishir gowda 2013-09-02 09:05:28 UTC 
Doc text looks good to me
Comment 12 errata-xmlrpc 2013-09-16 03:23:05 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1262.html