Bug 1480788 - File-level WORM allows mv over read-only files
File-level WORM allows mv over read-only files
Status: CLOSED CURRENTRELEASE
Product: GlusterFS
Classification: Community
Component: unclassified (Show other bugs)
3.10
x86_64 Linux
unspecified Severity high
: ---
: ---
Assigned To: bugs@gluster.org
worm
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2017-08-11 17:26 EDT by Lucas Ferreira
Modified: 2017-11-01 08:58 EDT (History)
2 users (show)

See Also:
Fixed In Version: glusterfs-3.10.7
Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1484486 1484487 1484489 1484490 (view as bug list)
Environment:
Last Closed: 2017-11-01 08:58:54 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Lucas Ferreira 2017-08-11 17:26:56 EDT
Description of problem:

It is possible to move one recently created file over a read only file, overwriting it.

Version-Release number of selected component (if applicable):

3.10 and 3.11

How reproducible:


Steps to Reproduce:

1. create a worm volume file level
$ gluster volume create v1 replica 3 172.17.0.{2,3,4}:/mnt/v1 force
$ gluster volume set v1 features.read-only "off"
$ gluster volume set v1 features.worm "off"
$ gluster volume set v1 features.worm-file-level "on"
$ gluster volume set v1 features.retention-mode relax
$ gluster volume set v1 features.auto-commit-period 20
$ gluster volume set v1 features.default-retention-period 600
$ gluster volume start v1
$ mount -t glusterfs 172.17.0.2:/v1 /home/lucas/storage

Volume Name: v1
Type: Replicate
Volume ID: 72a968d9-9aaa-4cde-9954-4e5a91065abf
Status: Started
Snapshot Count: 0
Number of Bricks: 1 x 3 = 3
Transport-type: tcp
Bricks:
Brick1: 172.17.0.2:/mnt/v1
Brick2: 172.17.0.3:/mnt/v1
Brick3: 172.17.0.4:/mnt/v1
Options Reconfigured:
features.default-retention-period: 600
features.auto-commit-period: 20
features.retention-mode: relax
features.worm-file-level: on
features.worm: off
features.read-only: off
transport.address-family: inet
nfs.disable: on

2. create file on WORM volume (File Level)
$ cd /home/lucas/storage
$ echo "Hello World" > testfile

3. wait for the auto commit time and try to delete it
$ rm testfile
rm: cannot remove 'testfile': Read-only file system

4. create a new file and do a mv command to overwrite the existing file
$ echo "Aloha" > testfile2
$ mv testfile2 testfile

Actual results:

- The mv command executes successfully and overwrites the read only file.

Expected results:

- The mv command should fail, giving some error regarding a read only file.

Additional info:
Comment 1 Worker Ant 2017-08-23 14:51:40 EDT
REVIEW: https://review.gluster.org/18106 (features/worm: Adding check to newloc when doing rename) posted (#1) for review on release-3.10 by Anonymous Coward
Comment 2 Worker Ant 2017-10-10 16:19:55 EDT
REVIEW: https://review.gluster.org/18482 (features/worm: Adding check to newloc when doing rename) posted (#1) for review on release-3.10 by Lucas Ferreira (luneo7@gmail.com)
Comment 3 Worker Ant 2017-10-25 10:03:32 EDT
COMMIT: https://review.gluster.org/18482 committed in release-3.10 by Shyamsundar Ranganathan (srangana@redhat.com) 
------
commit be662aa3007898c22ad2e9d23db63f2e88a6d434
Author: luneo7 <luneo7@gmail.com>
Date:   Tue Oct 10 17:17:35 2017 -0300

    features/worm: Adding check to newloc when doing rename
    
    Problem: Since rename didn't check if newloc exists and it's
    retention state it was possible to rename a new file that wasn't
    in retention over a existing file that was in read-only state.
    
    Cherry picked from commit 00a4dc0:
    > Change-Id: I63c6bbabb7bb456ebedf201cc77b878ffda62229
    > BUG: 1484490
    > Signed-off-by: luneo7 <luneo7@gmail.com>
    > Reviewed-on: https://review.gluster.org/18104
    > Tested-by: jiffin tony Thottan <jthottan@redhat.com>
    > Tested-by: Prashanth Pai <ppai@redhat.com>
    > Smoke: Gluster Build System <jenkins@build.gluster.org>
    > CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
    > Reviewed-by: Prashanth Pai <ppai@redhat.com>
    > Reviewed-by: Karthik U S <ksubrahm@redhat.com>
    > Reviewed-by: Amar Tumballi <amarts@redhat.com>
    
    Change-Id: I63c6bbabb7bb456ebedf201cc77b878ffda62229
    BUG: 1480788
    Signed-off-by: luneo7 <luneo7@gmail.com>
Comment 4 Shyamsundar 2017-11-01 08:58:54 EDT
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.10.7, please open a new bug report.

glusterfs-3.10.7 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution.

[1] http://lists.gluster.org/pipermail/announce/2017-November/000085.html
[2] https://www.gluster.org/pipermail/gluster-users/

Note You need to log in before you can comment on or make changes to this bug.