Bug 665562 - lvm2 creates device nodes that don't follow DM_DEVICE_{UID,GID,MODE} defines
lvm2 creates device nodes that don't follow DM_DEVICE_{UID,GID,MODE} defines
Product: Fedora
Classification: Fedora
Component: lvm2 (Show other bugs)
Unspecified Unspecified
low Severity medium
: ---
: ---
Assigned To: Peter Rajnoha
Fedora Extras Quality Assurance
Depends On:
  Show dependency treegraph
Reported: 2010-12-24 14:12 EST by Christos Zoulas
Modified: 2011-01-18 03:17 EST (History)
11 users (show)

See Also:
Fixed In Version: lvm2-2.02.81-1.fc15
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2011-01-18 03:14:33 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
amended patch (umask save/restore addition and restore on error) (2.06 KB, patch)
2010-12-26 09:53 EST, Christos Zoulas
no flags Details | Diff

  None (edit)
Description Christos Zoulas 2010-12-24 14:12:22 EST
Description of problem:

lvm device not creation does not have the proper owner group and permission.

Version-Release number of selected component (if applicable):

How reproducible:


Steps to Reproduce:
1. compile lvm2 with DM_DEVICE_UID, DM_DEVICE_GID, DM_DEVICE_MODE different than default.
2. ls -l on the device nodes lvm creates

Actual results:

Expected results:

Additional info:
Comment 1 Alasdair Kergon 2010-12-24 19:39:23 EST
Are you using udev?  If so, its setting will override compiled-in ones.
Comment 2 Christos Zoulas 2010-12-24 22:28:46 EST
Thanks for the quick reply and happy holidays. I understand that with udev this is irrelevant. No, I am using it in NetBSD and we don't have devfs. We don't even compile this part of the code, but I thought you would want to put it in just for correctness.
Comment 3 Christos Zoulas 2010-12-26 09:53:20 EST
Created attachment 470739 [details]
amended patch (umask save/restore addition and restore on error)
Comment 4 Alasdair Kergon 2010-12-26 14:09:16 EST
Patch was against which old version?  Some of this has already changed (and got fixed?) in upstream CVS.
Comment 5 Christos Zoulas 2010-12-26 18:07:25 EST
I am working against 2.02.56(1) (2009-11-24). If some of it still applies, please change it and we'll import a new version. Thanks!
Comment 6 Alasdair Kergon 2011-01-04 09:03:21 EST
Just the control node hunk is still needed - we'll fix that.
Comment 7 Peter Rajnoha 2011-01-04 09:48:47 EST
Committed upstream (libdevmapper 1.02.61, lvm2 2.02.80).
Comment 8 Peter Rajnoha 2011-01-04 09:55:05 EST
Though we don't use the "chown(control, DM_DEVICE_UID, DM_DEVICE_GID)" - only root can use the control node, so changing this would be useless.
Comment 9 Christos Zoulas 2011-01-04 16:22:45 EST
How access control is defined is up to the kernel implementation of the ioctl commands for the control device node to decide. For example on the NetBSD lvm2 kernel implementation we allow group operator to do inspection operations to the lvm system (and disallow changes for non root users). Please make sure if you are making this change that your kernel implementation of the ioctl() commands does the proper access checking and does not depend on the mode of the device node.
Comment 10 Alasdair Kergon 2011-01-04 16:33:17 EST
The linux kernel currently requires root for the dm ioctls.  The current userspace implementation here assumes the /dev dir is also restricted to root i.e. drwxr-xr-x and trusted.
Comment 11 Peter Rajnoha 2011-01-18 03:14:33 EST
The fix is in rawhide now (lvm2-2.02.81-1, device-mapper-1.02.61-1).

Note You need to log in before you can comment on or make changes to this bug.