Bug 166154 - acls on GFS are still reported when mounted without '-o acl'
Summary: acls on GFS are still reported when mounted without '-o acl'
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Red Hat Cluster Suite
Classification: Retired
Component: gfs
Version: 4
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Ben Marzinski
QA Contact: GFS Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-08-17 15:39 UTC by Corey Marthaler
Modified: 2010-01-12 03:07 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-09-07 15:28:05 UTC
Embargoed:


Attachments (Terms of Use)

Description Corey Marthaler 2005-08-17 15:39:41 UTC
Description of problem:
GFS still reports acls when the fs is not mounted with '-o acl', unlike other
filesystems like ext3 which do not.

Mount a filesystem with acl option
[root@smith-03 ~]# mount -t gfs -o acl  /dev/linear_1/linear_10 /mnt/vedder

As root touch foobar:
[root@smith-03 vedder]# touch foobar

Try to touch foobar as user testmonkey:
[root@smith-03 vedder]# su testmonkey
[testmonkey@smith-03 vedder]$ touch foobar
touch: cannot touch `foobar': Permission denied

Now as root, grant permission to testmonkey:
[root@smith-03 vedder]# setfacl -m user:testmonkey:7 foobar
[root@smith-03 vedder]# ls -l foobar
-rw-rwxr--+ 1 root root 0 Aug 17 10:13 foobar
[root@smith-03 vedder]# getfacl foobar
# file: foobar
# owner: root
# group: root
user::rw-
user:testmonkey:rwx
group::r--
mask::rwx
other::r--

Check that testmonkey can access foobar:
[root@smith-03 vedder]# su testmonkey
[testmonkey@smith-03 vedder]$ touch foobar

Now as root mount again w/o the acl option:
[root@smith-03 ~]# umount /mnt/vedder
[root@smith-03 ~]# mount -t gfs /dev/linear_1/linear_10 /mnt/vedder

The acls are still reported:
[root@smith-03 vedder]# ls -l foobar
-rw-rwxr--+ 1 root root 0 Aug 17 10:22 foobar
[testmonkey@smith-03 vedder]$ getfacl foobar
# file: foobar
# owner: root
# group: root
user::rw-
user:testmonkey:rwx
group::r--
mask::rwx
other::r--

But at least they are not granted:
[root@smith-03 vedder]# su testmonkey
[testmonkey@smith-03 vedder]$ touch foobar
touch: cannot touch `foobar': Permission denied


Version-Release number of selected component (if applicable):
GFS 2.6.9-39.0 (built Aug 16 2005 13:50:02) installed


How reproducible:
everytime

Comment 1 Corey Marthaler 2005-08-17 19:40:57 UTC
Here's what ext3 does:

[root@smith-03 ~]# mount -o acl /dev/gfs/gfs7 /mnt/gfs7
[root@smith-03 ~]# ls -l /mnt/gfs7
total 20
-rw-rwxr--+ 1 root root     0 Aug 17 12:59 foo
drwx------  2 root root 16384 Aug 17 12:55 lost+found
[root@smith-03 ~]# getfacl /mnt/gfs7/foo
getfacl: Removing leading '/' from absolute path names
# file: mnt/gfs7/foo
# owner: root
# group: root
user::rw-
user:testmonkey:rwx
group::r--
mask::rwx
other::r--

[root@smith-03 ~]# umount /mnt/gfs7
[root@smith-03 ~]# mount /dev/gfs/gfs7 /mnt/gfs7
[root@smith-03 ~]# ls -l /mnt/gfs7
total 20
-rw-rwxr--  1 root root     0 Aug 17 12:59 foo
drwx------  2 root root 16384 Aug 17 12:55 lost+found
[root@smith-03 ~]# getfacl /mnt/gfs7/foo
getfacl: Removing leading '/' from absolute path names
# file: mnt/gfs7/foo
# owner: root
# group: root
user::rw-
group::rwx
other::r--


Comment 2 Ben Marzinski 2005-08-29 22:43:55 UTC
GFS wasn't correctly checking whether you can acls enabled when you tried to
read the acl extended attributes.  This is now fixed.

Comment 3 Corey Marthaler 2005-09-07 15:28:05 UTC
fix verified in GFS 2.6.9-40.0 (built Aug 31 2005 14:04:50)



Note You need to log in before you can comment on or make changes to this bug.