Bug 764550 - (GLUSTER-2818) Permission problems with gluster NFS works with native FUSE
Permission problems with gluster NFS works with native FUSE
Status: CLOSED CURRENTRELEASE
Product: GlusterFS
Classification: Community
Component: nfs (Show other bugs)
3.1.2
x86_64 Linux
high Severity medium
: ---
: ---
Assigned To: Gaurav
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2011-04-19 18:12 EDT by Harshavardhana
Modified: 2015-03-22 21:04 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed:
Type: ---
Regression: RTP
Mount Type: nfs
Documentation: DNR
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Harshavardhana 2011-04-19 18:12:48 EDT
Procedure to reproduce as below. 

userA creates file 'test' in /mnt/gluster/
userA sets group ownership to groupA on /mnt/gluster/test
userA sets mode to 664 on /mnt/gluster/test
userA tries to edit /mnt/gluster/test and succeeds

root ensures that userB is in groupA
userB tries to edit /mnt/gluster/test and FAILS

http://gluster.org/pipermail/gluster-users/2011-April/007272.html
Comment 1 Shehjar Tikoo 2011-04-19 21:31:24 EDT
Gaurav, its all yours. Let me know if you need help.
Comment 2 Vijay Bellur 2011-04-19 22:00:15 EDT
(In reply to comment #1)
There are two issues mentioned in the thread. With editors like vim, when backup files are being created in the same directory, the backup creation fails. Please investigate that too as part of this bug.
Comment 3 Harshavardhana 2011-04-19 22:07:54 EDT
RHEL 5.5 Native FUSE doesn't work. 

Fedora 14, Ubuntu 8.04 works with Native FUSE.
Comment 4 Gaurav 2011-04-20 01:31:45 EDT
Its failing setattr call for users in the same group other than owner.

Problem is in access_control where we are just checking for Owner Access in case of setattr, so its not allowing others in the same group to do setattr, even after setting proper permissions by owner.
Comment 5 Anand Avati 2011-04-21 00:39:38 EDT
PATCH: http://patches.gluster.com/patch/7000 in master (NFS : Check proper permissions in access control for setattr.)
Comment 6 Anand Avati 2011-04-21 00:40:04 EDT
PATCH: http://patches.gluster.com/patch/7001 in release-3.1 (NFS : Check proper permissions in access control for setattr.)
Comment 7 Saurabh 2011-06-02 23:55:28 EDT
For verfication used the build of 3.2.1qa2

for this test, I simulated the similar setup as mentioned for reproducing it and it worked.

created a group saurabh, added users srj and srj1 to it,

[srj@centos-qa-3 d3]$ grep saurabh /etc/group
saurabh:x:506:srj,srj1


10.1.12.134:/dist on /mnt/gluster type nfs (rw,nfsvers=3,nolock,addr=10.1.12.134)

[srj1@centos-qa-3 gluster]$ ls -l
total 88
-rw-r--r-- 1 root root        0 Jun  2 00:24 1
drwxr-xr-x 2 root root    12288 Jun  1 05:37 d1
drwxrwxrwx 2 srj  saurabh 12288 Jun  2 23:44 d3

[srj@centos-qa-3 gluster]$ cd d3
[srj@centos-qa-3 d3]$ ls
f.1  f.2  
[srj@centos-qa-3 d3]$ vim f.2
[srj@centos-qa-3 d3]$


now tried to edit the file f.2 with user srj1,


[srj@centos-qa-3 gluster]$ ls -li d3
total 92
13572394809226695843 -rw-rw-r-- 1 srj     srj   50 Jun  2 23:35 f.1
5947979786177860277 -rw-rw-r-- 1 srj     srj    0 Jun  2 06:16 f.2
[srj1@centos-qa-3 gluster]$ cd d3
[srj1@centos-qa-3 d3]$ sudo chmod 777 f.2
[srj1@centos-qa-3 d3]$ vim f.2
[srj1@centos-qa-3 d3]$ pwd
/mnt/gluster/d3

Note You need to log in before you can comment on or make changes to this bug.