Bug 1277877 - FSAL_GLUSTER : if only DENY entry is set for a user/group, then it lost all its default permission
FSAL_GLUSTER : if only DENY entry is set for a user/group, then it lost all i...
Status: CLOSED CURRENTRELEASE
Product: nfs-ganesha
Classification: Community
Component: FSAL_GLUSTER (Show other bugs)
devel
All All
high Severity high
: ---
: ---
Assigned To: Jiffin
:
Depends On:
Blocks: 1277886
  Show dependency treegraph
 
Reported: 2015-11-04 04:58 EST by Jiffin
Modified: 2016-08-08 10:11 EDT (History)
6 users (show)

See Also:
Fixed In Version: nfs-ganesha-2.4-dev-2
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1277886 (view as bug list)
Environment:
Last Closed: 2016-02-17 02:13:39 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jiffin 2015-11-04 04:58:08 EST
Description of problem:
If only  one DENY entry is set for the user/group ,then all of the existing permission(by default it will permission of everyone) will be lost

Version-Release number of selected component (if applicable):
mainline

How reproducible:
always

Steps to Reproduce:
1.Export a gluster volume via ganesha with acls enabled
2.Mount the volume using nfsv4
3.create a file
4.Now set a DENY ENTRY for that file(no corresponding ALLOW ENTRY should exist) 

example
at the mount point

# touch file
# nfs4_getfacl file

A::OWNER@:rwatTcCy
A::GROUP@:rtcy
A::EVERYONE@:rtcy

nfs4_setfacl -a D::user_b@{$DOMAIN}:W file

Actual results:
nfs4_getfacl file

A::OWNER@:rwatTcCy
D::user_b@{$DOMAIN}:rwa
A::user_b@{$DOMAIN}:tcy
A::GROUP@:rtcy
A::EVERYONE@:rtcy


Expected results:
nfs4_getfacl file

A::OWNER@:rwatTcCy
D::user_b@{$DOMAIN}:wa
A::user_b@{$DOMAIN}:rtcy
A::GROUP@:rtcy
A::EVERYONE@:rtcy

Additional info:

Note You need to log in before you can comment on or make changes to this bug.