Bug 176350 - Default namespace can only be created by root
Default namespace can only be created by root
Status: CLOSED ERRATA
Product: Red Hat Cluster Suite
Classification: Red Hat
Component: dlm (Show other bugs)
4
x86_64 Linux
medium Severity medium
: ---
: ---
Assigned To: Christine Caulfield
Cluster QE
:
Depends On:
Blocks: 180185
  Show dependency treegraph
 
Reported: 2005-12-21 12:24 EST by Matthew Booth
Modified: 2010-10-21 23:48 EDT (History)
5 users (show)

See Also:
Fixed In Version: RHBA-2006-0555
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-08-10 17:29:28 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Matthew Booth 2005-12-21 12:24:12 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.8) Gecko/20051107 Firefox/1.5

Description of problem:
dlm_get_fd() and dlm_pthread_init() both call open_default_lockspace(),
which tries to open the default lockspace, and creates it if it doesn't
already exist. This means that a non-root dlm process will only work if
any root dlm process is running when it starts, which is bizarre.

Version-Release number of selected component (if applicable):
dlm-1.0.0-5

How reproducible:
Always

Steps to Reproduce:
1. Ensure no root processes are using dlm
2. In a non-root process, execute dlm_get_fd()
  

Actual Results:  EPERM

Expected Results:  Get a fd for dlm

Additional info:
Comment 1 Christine Caulfield 2005-12-22 08:22:32 EST
Checked in some code to -rSTABLE for people to have a go with. I have tested it
briefly and it's fairly innocuous (I think).

You'll need Udev running with the rules file shown below and also build the dlm
library with ./confgure --have_udev.

Checking in dlm-kernel/src/device.c;
/cvs/cluster/cluster/dlm-kernel/src/device.c,v  <--  device.c
new revision: 1.24.2.1.4.1.2.6; previous revision: 1.24.2.1.4.1.2.5
done
Checking in dlm-kernel/src/dlm_device.h;
/cvs/cluster/cluster/dlm-kernel/src/dlm_device.h,v  <--  dlm_device.h
new revision: 1.4.8.1; previous revision: 1.4
done
Checking in dlm/configure;
/cvs/cluster/cluster/dlm/configure,v  <--  configure
new revision: 1.4.8.1; previous revision: 1.4
done
Checking in dlm/lib/libdlm.c;
/cvs/cluster/cluster/dlm/lib/libdlm.c,v  <--  libdlm.c
new revision: 1.15.2.2.6.1; previous revision: 1.15.2.2
done
Checking in dlm/make/defines.mk.input;
/cvs/cluster/cluster/dlm/make/defines.mk.input,v  <--  defines.mk.input
new revision: 1.1.8.1; previous revision: 1.1
done

------------------------------
udev rules file:

KERNEL=="dlm-control", NAME="misc/dlm-control"
KERNEL=="dlm_default", NAME="misc/dlm_default" MODE="0666"
KERNEL=="dlm_*", NAME="misc/%k" MODE="0660"


Comment 2 Christine Caulfield 2006-01-05 06:13:09 EST
Here's a udev rules file that actually works on RHEL4. put it in
/etc/udev/rules.d/51-dlm.rules

KERNEL="dlm-control", NAME="misc/dlm-control", MODE="0666"
KERNEL="dlm_default", NAME="misc/dlm_default", MODE="0666"
KERNEL="dlm_*", NAME="misc/%k", MODE="0660"

Comment 3 Christine Caulfield 2006-01-06 10:14:20 EST
and checked into RHEL4 for U4

Checking in dlm/lib/51-udev-dlm.rules;
/cvs/cluster/cluster/dlm/lib/Attic/51-udev-dlm.rules,v  <--  51-udev-dlm.rules
new revision: 1.1.2.1; previous revision: 1.1
done
Checking in dlm/lib/libdlm.c;
/cvs/cluster/cluster/dlm/lib/libdlm.c,v  <--  libdlm.c
new revision: 1.15.2.3; previous revision: 1.15.2.2
done
Checking in dlm-kernel/src/device.c;
/cvs/cluster/cluster/dlm-kernel/src/device.c,v  <--  device.c
new revision: 1.24.2.6; previous revision: 1.24.2.5
done
Checking in dlm-kernel/src/dlm_device.h;
/cvs/cluster/cluster/dlm-kernel/src/dlm_device.h,v  <--  dlm_device.h
new revision: 1.4.2.1; previous revision: 1.4
done
Comment 4 Jan Semmelink 2006-01-09 07:36:58 EST
Tried this, but problem remains for normal users.
The /dev/misc directory is created with rx permission for other users, and if 
this is changed manually to include write-permission, the problem is solved.
Comment 5 Christine Caulfield 2006-01-09 08:14:53 EST
Normal users don't need to be able to write into /dev/misc - that's Udev's job.

Did you add the udev rules file into /etc/udev/rules.d ?
Comment 6 Jan Semmelink 2006-01-10 06:18:44 EST
I did add the udev rules, and it made a difference:
  Before, the /dev/dlm* files had no rwx on any users other than root.
  After, the /dev/misc/dlm* files had r-x on others and group.

When I tested and it failed, I looked at permission on /dev/misc:
drwxr-xr-x 2 root root 60 Jan  9 12:32   /dev/misc

This made me think that pds_manager(my user in its own group also called 
pds_manager) (or who ever makes the dlm_default device) probably has no 
permission to add dlm_default to the /dev/misc directory, so I did:
  chmod a+w /dev/misc
When I re-run the test, it works.

But this is not the right solution - /dev/misc is created when the system boots 
and starts the dlm daemon and must therefore be created with other permissions, 
or something else must change to allow dlm_default to be created in /dev/misc.
Comment 7 Christine Caulfield 2006-01-10 06:44:36 EST
drwxr-xr-x  is a perfectly correct permission for /dev/misc. It's not the user
that creates the /dev/misc/dlm* files - it's Udev. So the user only needs
permission to read from the directory. Udev runs privileged.

Users need to be able to read/write the dlm-default and dlm_control files in
there though - the udev rules file I wrote sets the permissions on those files
to 0666.

If the dlm-* files that are being created have r-x permission for users then either
a) udev is not creating the device at all, libdlm is still creating them as a
fallback or
b) the rules file is wrong or being ignored.

Be careful with the rules file, RHEL4 has an older udev and needs the last of
the rules file mentioned in this bugzilla (comment #2) or from the RHEL4 brtanch
of CVS.

The rules file in comment#1 only works on later versions of udev and also needs
a MODE=0666 adding to the dlm_contorl line. (this is fixed in STABLE CVS).
Comment 8 Christine Caulfield 2006-01-10 06:46:51 EST
Also, make sure you have the matching libdlm. The old libdlm always creates the
files. The new libdlm will wait for a while to give udev a chance to create them.
Comment 9 Jan Semmelink 2006-01-10 07:08:45 EST
Rebuilt with --have_udev and the problem is solved!
Thank you for your patience.
Comment 18 Red Hat Bugzilla 2006-08-10 17:29:36 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2006-0555.html

Note You need to log in before you can comment on or make changes to this bug.