Bug 1450401 - [NFS:RGW]: Unable to permanently change Ownership of buckets in NFS mount
Summary: [NFS:RGW]: Unable to permanently change Ownership of buckets in NFS mount
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Ceph Storage
Classification: Red Hat
Component: RGW
Version: 2.3
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: 2.3
Assignee: Matt Benjamin (redhat)
QA Contact: ceph-qe-bugs
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-05-12 12:33 UTC by Ramakrishnan Periyasamy
Modified: 2017-07-30 15:46 UTC (History)
10 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2017-06-19 13:33:18 UTC


Attachments (Terms of Use)


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:1497 normal SHIPPED_LIVE Red Hat Ceph Storage 2.3 bug fix and enhancement update 2017-06-19 17:24:11 UTC
Github ceph ceph pull 15293 None None None 2017-05-25 21:04 UTC
Ceph Project Bug Tracker 20082 None None None 2017-05-25 21:01 UTC

Description Ramakrishnan Periyasamy 2017-05-12 12:33:34 UTC
Description of problem:
Unable to change Ownership of directories created in NFS mount and buckets created using S3.

Default all the directories and files are created using specific ownership(i.e in NFS using '4294967294' ownership and in S3 using 'root' ownership)
[root@node1 hello]# ll
total 0
drwxr-xr-x. 1 4294967294 4294967294 0 May 11 12:29 new_dir
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:30 nfs
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:30 nfs1
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:40 nfs2
drwxrwxrwx. 1 root       root       0 May 11 15:14 s3_bucket1
drwxrwxrwx. 1 root       root       0 May 11 15:17 s3_bucket2
drwxrwxrwx. 1 root       root       0 May 12 17:31 s3_bucket3

Unable to change ownership to root or other user. This behaviour is there for both NFSv3 and NFSv4.

[root@host1 hello]# ll
total 0
drwxr-xr-x. 1 4294967294 4294967294 0 May 11 12:29 new_dir
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:30 nfs
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:30 nfs1
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:40 nfs2
drwxrwxrwx. 1 root       root       0 May 11 15:14 s3_bucket1
drwxrwxrwx. 1 root       root       0 May 11 15:17 s3_bucket2
drwxrwxrwx. 1 root       root       0 May 12 17:31 s3_bucket3
[root@host1 hello]# chown test:test s3_bucket3/
chown: changing ownership of ‘s3_bucket3/’: Operation not permitted
[root@host1 hello]# chown root:root nfs
[root@host1 hello]# ll
total 0
drwxr-xr-x. 1 4294967294 4294967294 0 May 11 12:29 new_dir
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:30 nfs
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:30 nfs1
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:40 nfs2
drwxrwxrwx. 1 root       root       0 May 11 15:14 s3_bucket1
drwxrwxrwx. 1 root       root       0 May 11 15:17 s3_bucket2
drwxrwxrwx. 1 root       root       0 May 12 17:31 s3_bucket3
[root@host1 hello]# 
[root@host1 hello]# cd nfs
[root@host1 nfs]# ls
[root@host1 nfs]# mkdir dir1
[root@host1 nfs]# mkdir dir2
[root@host1 nfs]# ll
total 0
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:49 dir1
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:49 dir2
[root@host1 nfs]# chown root:root dir1
[root@host1 nfs]# ll
total 0
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:49 dir1
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:49 dir2
[root@host1 nfs]# chmod 640 dir1/
[root@host1 nfs]# ll
total 0
drw-r-----. 1 4294967294 4294967294 0 May 12 17:49 dir1
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:49 dir2
[root@host1 nfs]# cd ..


Version-Release number of selected component (if applicable):
NFS Version: nfs-ganesha-2.4.5-4.el7cp.x86_64
             nfs-ganesha-rgw-2.4.5-4.el7cp.x86_64

Ceph Version: ceph-common-10.2.7-12.el7cp.x86_64


How reproducible:
3/3

Steps to Reproduce:
1. Configure Ceph, RGW and NFS service
2. Mount nfs mount
3. Create directories in NFS mount and create some s3 buckets
4. Check the ownership of the files and try to change using 'chown' commands.

Actual results:
Unable to change ownership of the directory or files

Expected results:
Should be updated according to user need

Additional info:
N/A

Comment 2 Matt Benjamin (redhat) 2017-05-12 12:36:56 UTC
Hi Ramakrishnan,

It looks strongly to me like you are root squashed, and you won't be able to set any perms.  So strongly suspect not a bug.

Can I please inspect this setup?

Matt

Comment 4 Ramakrishnan Periyasamy 2017-05-12 12:53:12 UTC
(In reply to Matt Benjamin (redhat) from comment #2)
> Hi Ramakrishnan,
> 
> It looks strongly to me like you are root squashed, and you won't be able to
> set any perms.  So strongly suspect not a bug.
> 
> Can I please inspect this setup?
> 
> Matt

Yes Matt you are correct it is because of root squash, I just checked in my setup by adding "Squash = No_Root_Squash;" param in EXPORT Section of ganesha.conf it is working as expected.

output after adding the param in ganesha.conf

[root@host1 hello]# ll
total 0
drwxr-xr-x. 1 4294967294 4294967294 0 May 11 12:29 new_dir
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:30 nfs
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:30 nfs1
drwxr-xr-x. 1 4294967294 4294967294 0 May 12 17:40 nfs2
drwxrwxrwx. 1 root       root       0 May 11 15:14 s3_bucket1
drwxrwxrwx. 1 root       root       0 May 11 15:17 s3_bucket2
drwxrwxrwx. 1 root       root       0 May 12 17:31 s3_bucket3
drwxrwxrwx. 1 root       root       0 May 12 17:41 s3_bucket4
[root@host1 hello]# chown root:root new_dir/
[root@host1 hello]# ll
total 0
drwxr-xr-x.  1 root       root       0 May 11 12:29 new_dir
drwxr-xr-x.  1 4294967294 4294967294 0 May 12 17:30 nfs
drwxr-xr-x.  1 test       test       0 May 12 17:30 nfs1
drwxr-xr-x.  1 4294967294 4294967294 0 May 12 17:40 nfs2
drwxrwxrwx.  1 root       root       0 May 11 15:14 s3_bucket1
drwxrwxrwx.  1 root       root       0 May 11 15:17 s3_bucket2
drwxrwxrwx.  1 root       root       0 May 12 17:31 s3_bucket3
drwxrwxrwx. 51 test       test       0 May 12 17:41 s3_bucket4
[root@host1 hello]# 

can we add this param in documentation as a Notes ?

This will be helpful if it is added in document.

Comment 10 Ramakrishnan Periyasamy 2017-05-25 09:29:05 UTC
Hi Matt,

Can you please triage this problem. 

Regards,
Ramakrishnan

Comment 19 Ramakrishnan Periyasamy 2017-05-26 14:02:37 UTC
Moving this bug to verified state, as we decided to track the documentation issue in separate bug. 

The issue mentioned in this bug is fixed and verified in "ceph version 10.2.7-21.el7cp (ebe0fca146985f59e6ab136a860d1f063a26c700)" build.

Comment 21 errata-xmlrpc 2017-06-19 13:33:18 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1497


Note You need to log in before you can comment on or make changes to this bug.