Hide Forgot
Description of problem: Write permission doesn't get updated for group and everyone after copying the file. Version-Release number of selected component (if applicable): nfs-ganesha-2.3.1-3 How reproducible: Always Steps to Reproduce: 1.Create a 4 node cluster and configure ganesha on it. 2.Create a volume, enable ganesha on it and mount it using version 4 3.Create a file under the mount point and set rwx permission for owner, group and everyone. [root@dhcp37-206 nfs1]# touch file [root@dhcp37-206 nfs1]# nfs4_getfacl file A::OWNER@:rwatTcCy A::GROUP@:rtcy A::EVERYONE@:rtcy [root@dhcp37-206 nfs1]# nfs4_setfacl -a "A::OWNER@:rxw" file [root@dhcp37-206 nfs1]# nfs4_setfacl -a "A::GROUP@:rxw" file [root@dhcp37-206 nfs1]# nfs4_setfacl -a "A::EVERYONE@:rxw" file [root@dhcp37-206 nfs1]# nfs4_getfacl file A::OWNER@:rwaxtTcCy A::GROUP@:rwaxtcy A::EVERYONE@:rwaxtcy 4. Create a dir on the mount point and copy the file into this dir [root@dhcp37-206 nfs1]# mkdir dir [root@dhcp37-206 nfs1]# ls dir file [root@dhcp37-206 nfs1]# cp file /mnt/nfs1/dir/ 5. do a getfacl on this copied file and observe that the write permission for group and everyone is not updated. [root@dhcp37-206 nfs1]# cd dir/ [root@dhcp37-206 dir]# ls file [root@dhcp37-206 dir]# nfs4_getfacl file A::OWNER@:rwaxtTcCy A::GROUP@:rxtcy A::EVERYONE@:rxtcy Actual results: Write permission doesn't get updated for group and everyone after copying the file. Expected results: All the ace should get copied correctly after copying a file to other location. Additional info:
I checked this behavior in posix and knfs. For "w", the permission are not copied to "copy file". May be its related to umask entry. For "x" it works fine. [root@dhcp42-42 ~]# touch file [root@dhcp42-42 ~]# setfacl -m "g::rw,o::rw" file [root@dhcp42-42 ~]# getfacl file # file: file # owner: root # group: root user::rw- group::rw- other::rw- [root@dhcp42-42 ~]# cp file abc [root@dhcp42-42 ~]# getfacl abc # file: abc # owner: root # group: root user::rw- group::r-- other::r-- [root@dhcp42-42 ~]# setfacl -m "u::rwx,g::r-x,o::r-x" abc [root@dhcp42-42 ~]# getfacl abc # file: abc # owner: root # group: root user::rwx group::r-x other::r-x [root@dhcp42-42 ~]# cp abc def [root@dhcp42-42 ~]# getfacl def # file: def # owner: root # group: root user::rwx group::r-x other::r-x Putting a needinfo ndevos who might have much idea about that.
[root@jiffin17 ~]# mount -t nfs -o vers=4.0 10.70.43.14:/brick/new /mnt/nfs/1/ [root@jiffin17 ~]# cd /mnt/nfs/1/ [root@jiffin17 1]# ls a abc b dir dir2 foo new xyz [root@jiffin17 1]# mkdir dir3 [root@jiffin17 1]# cd dir3 [root@jiffin17 dir3]# ls [root@jiffin17 dir3]# touch file [root@jiffin17 dir3]# nfs4_getfacl file A::OWNER@:rwatTcCy A::GROUP@:rtcy A::EVERYONE@:rtcy [root@jiffin17 dir3]# nfs4_setfacl -e file [root@jiffin17 dir3]# nfs4_getfacl file A::OWNER@:rwaxtTcCy A::GROUP@:rwaxtcy A::EVERYONE@:rwaxtcy [root@jiffin17 dir3]# cp file foo [root@jiffin17 dir3]# nfs4_getfacl foo A::OWNER@:rwaxtTcCy A::GROUP@:rxtcy A::EVERYONE@:rxtcy
I would say that this is not a bug in NFS-Ganesha because knfsd handles it the exact same way. When users are questioning this behaviour, we should check with the Linux kernel NFS developers and see why it is done like this, and if we can/should change it.
IMHO it may not related to knfs. NFS server(knfs/ganesha) both just imitates what backend does. Since backend does not copy the write permission what else server can do?