+++ This bug was initially created as a clone of Bug #1459972 +++ +++ This bug was initially created as a clone of Bug #1459971 +++ Description of problem: Similar to system.posix_acl_* xattrs, all users should be able to read virtual acl xattrs too (glusterfs.posix-acl-*). Otherwise it shall result in EACCESS error when any non-root user is trying to ACL of any file created under gluster volume. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. Start NFS-ganesha using a non-root user 2. Export a volume via NFS-Ganesha 3. Mount the volume using NFSv4 4. Try to read/get acl. Actual results: It results in "Permission denied" error. Expected results: All users should be able to read POSIX ACLs for any file. Additional info: --- Additional comment from Red Hat Bugzilla Rules Engine on 2017-06-08 13:24:27 EDT --- This bug is automatically being proposed for the current release of Red Hat Gluster Storage 3 under active development, by setting the release flag 'rhgs‑3.3.0' to '?'. If this bug should be proposed for a different release, please manually change the proposed release flag. --- Additional comment from Soumya Koduri on 2017-06-08 13:29:26 EDT --- Patch posted upstream for review - https://review.gluster.org/17493 --- Additional comment from Atin Mukherjee on 2017-06-09 04:12:18 EDT --- I believe this issue blocks BZ 1450836 and given the later is already approved for rhgs-3.3.0, this bug needs to be fixed for rhgs-3.3.0 and hence giving devel_ack.
REVIEW: https://review.gluster.org/17512 (posix-acl: Whitelist virtual ACL xattrs) posted (#1) for review on release-3.11 by soumya k (skoduri)
REVIEW: https://review.gluster.org/17512 (posix-acl: Whitelist virtual ACL xattrs) posted (#2) for review on release-3.11 by soumya k (skoduri)
COMMIT: https://review.gluster.org/17512 committed in release-3.11 by Shyamsundar Ranganathan (srangana) ------ commit 51eee2bf5c878920e83b118422e193fd087e0778 Author: Soumya Koduri <skoduri> Date: Thu Jun 8 22:19:17 2017 +0530 posix-acl: Whitelist virtual ACL xattrs Similar to system.posix_acl_* xattrs, all users should get permission to be able to read glusterfs.posix.acl* xattrs too. This is backport of below mainline patch - https://review.gluster.org/17493 >Change-Id: I1fc2b67c8a12113910e4ec57cd114e4baefe0d38 >BUG: 1459971 >Signed-off-by: Soumya Koduri <skoduri> >Reviewed-on: https://review.gluster.org/17493 >Smoke: Gluster Build System <jenkins.org> >Reviewed-by: jiffin tony Thottan <jthottan> >NetBSD-regression: NetBSD Build System <jenkins.org> >CentOS-regression: Gluster Build System <jenkins.org> >Reviewed-by: Raghavendra Talur <rtalur> >Reviewed-by: Niels de Vos <ndevos> >(cherry picked from commit 68f2192df570b5ee615d440c2e0c88d49a75a34f) Change-Id: I0e22e28d053481d201223631342362a27a4a8f36 BUG: 1460647 Signed-off-by: Soumya Koduri <skoduri> Reviewed-on: https://review.gluster.org/17512 NetBSD-regression: NetBSD Build System <jenkins.org> Smoke: Gluster Build System <jenkins.org> CentOS-regression: Gluster Build System <jenkins.org> Reviewed-by: Shyamsundar Ranganathan <srangana>
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.11.1, please open a new bug report. glusterfs-3.11.1 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] http://lists.gluster.org/pipermail/announce/2017-June/000074.html [2] https://www.gluster.org/pipermail/gluster-users/