Bug 1277886 - FSAL_GLUSTER : if only DENY entry is set for a user/group, then it lost all its default permission
FSAL_GLUSTER : if only DENY entry is set for a user/group, then it lost all i...
Status: CLOSED ERRATA
Product: Red Hat Gluster Storage
Classification: Red Hat
Component: nfs-ganesha (Show other bugs)
3.1
All All
high Severity high
: ---
: RHGS 3.1.2
Assigned To: Bug Updates Notification Mailing List
Matt Zywusko
: ZStream
Depends On: 1277877
Blocks: 1260783
  Show dependency treegraph
 
Reported: 2015-11-04 05:09 EST by Jiffin
Modified: 2016-03-01 00:51 EST (History)
10 users (show)

See Also:
Fixed In Version: nfs-ganesha-2.2.0-11
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 1277877
Environment:
Last Closed: 2016-03-01 00:51:01 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jiffin 2015-11-04 05:09:39 EST
+++ This bug was initially created as a clone of Bug #1277877 +++

Description of problem:
If only  one DENY entry is set for the user/group ,then all of the existing permission(by default it will permission of everyone) will be lost

Version-Release number of selected component (if applicable):
mainline

How reproducible:
always

Steps to Reproduce:
1.Export a gluster volume via ganesha with acls enabled
2.Mount the volume using nfsv4
3.create a file
4.Now set a DENY ENTRY for that file(no corresponding ALLOW ENTRY should exist) 

example
at the mount point

# touch file
# nfs4_getfacl file

A::OWNER@:rwatTcCy
A::GROUP@:rtcy
A::EVERYONE@:rtcy

nfs4_setfacl -a D::user_b@{$DOMAIN}:W file

Actual results:
nfs4_getfacl file

A::OWNER@:rwatTcCy
D::user_b@{$DOMAIN}:rwa
A::user_b@{$DOMAIN}:tcy
A::GROUP@:rtcy
A::EVERYONE@:rtcy


Expected results:
nfs4_getfacl file

A::OWNER@:rwatTcCy
D::user_b@{$DOMAIN}:wa
A::user_b@{$DOMAIN}:rtcy
A::GROUP@:rtcy
A::EVERYONE@:rtcy

Additional info:
Comment 2 Jiffin 2015-11-04 05:21:11 EST
The patch is sent for upstream for review  https://review.gerrithub.io/#/c/251342/
Comment 4 Saurabh 2015-11-23 04:52:56 EST
tested it on latest build, i.e.
nfs-ganesha-2.2.0-11.el7rhgs.x86_64

and result is as expected,
# nfs4_getfacl /mnt/acl-test/fil1
A::OWNER@:rwatTcCy
D::ric@lab.eng.blr.redhat.com:wa
A::ric@lab.eng.blr.redhat.com:rtcy
A::GROUP@:rwatcy
A::EVERYONE@:rwatcy
Comment 7 errata-xmlrpc 2016-03-01 00:51:01 EST
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2016-0193.html

Note You need to log in before you can comment on or make changes to this bug.