+++ This bug was initially created as a clone of Bug #1229860 +++ Description of problem: An acl can be set using GF_POSIX_ACL_*_KEY xattr without notifying the access-control translator. So evenif an acl is set correctly at the backend, it might not work properly because access-control holds wrong acl information in its context about that file. Version-Release number of selected component (if applicable): mainline How reproducible: always Actual results: Expected results: Additional info: This issue identified in only nfs-ganesha acl conversion. --- Additional comment from Anand Avati on 2015-06-09 16:17:47 EDT --- REVIEW: http://review.gluster.org/11144 (access-control : validating context of access control translator) posted (#1) for review on master by jiffin tony Thottan (jthottan) --- Additional comment from Jiffin on 2015-06-10 02:04:46 EDT ---
REVIEW: http://review.gluster.org/11519 (access-control : validating context of access control translator) posted (#1) for review on release-3.7 by jiffin tony Thottan (jthottan)
COMMIT: http://review.gluster.org/11519 committed in release-3.7 by Kaleb KEITHLEY (kkeithle) ------ commit 4df4c2092478a9813b6bb4b4ee00ed8f4ca2fea0 Author: Jiffin Tony Thottan <jthottan> Date: Wed Jun 10 00:08:39 2015 +0530 access-control : validating context of access control translator By introduction of new acl conversion from http://review.gluster.org/#/c/9627/, an acl can be set using GF_POSIX_ACL_*_KEY xattrs without notifying the access-control translator. So evenif an acl is set correctly at the backend, it might not work properly because access-control holds wrong acl information in its context about that file. Note : This is a simple workaround. The actual solution consists of three steps: 1.) Use new acl api's for acl conversion. 2.) Move the acl conversion part from access-control translator 3.) Introduces standard acl structures and libaries in access-translator for caching, enforcing purposes. Backport of http://review.gluster.org/#/c/11144/ >Change-Id: Iacb6b323810ebe82f7f171f20be16429463cbcf0 >BUG: 1229860 >Signed-off-by: Jiffin Tony Thottan <jthottan> >Reviewed-on: http://review.gluster.org/11144 >Reviewed-by: Niels de Vos <ndevos> >Tested-by: Gluster Build System <jenkins.com> >Reviewed-by: Kaleb KEITHLEY <kkeithle> >cherry-picked from 81cb71e9317e380b1d414038223c72643b35e664 Change-Id: I935f28704a2d401df8224f5042bf7b38177a8a0f BUG: 1230327 Signed-off-by: Jiffin Tony Thottan <jthottan> Reviewed-on: http://review.gluster.org/11519 Tested-by: Gluster Build System <jenkins.com> Reviewed-by: Kaleb KEITHLEY <kkeithle>
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.7.3, please open a new bug report. glusterfs-3.7.3 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] http://thread.gmane.org/gmane.comp.file-systems.gluster.devel/12078 [2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user