Description of problem: a directory with sticky bit set, allows to create a new file with UID:GID as root:root while trying to rename a file inside it. Version-Release number of selected component (if applicable): glusterfs-3.4.0.1rhs-1.el6rhs.x86_64 How reproducible: always Steps to Reproduce: 1. Create dist-rep volume; start the volume 2. create directory "dir" 3. chmod 1777 dir [root@rhsauto020 nfs-test]# ls -l total 31457281 -rw-r--r--. 1 root root 32212254732 Apr 25 17:34 30GBfile drwxrwxrwt. 2 root root 138 Apr 25 18:39 dir drwxr-xr-x. 2 root root 36 Apr 25 18:32 dir1 4. create files inside this "dir" [root@rhsauto020 nfs-test]# ls -l dir/ total 0 -rw-r--r--. 1 root root 0 Apr 25 18:33 file1 -rwxrwxrwx. 1 root root 0 Apr 25 18:33 file2 5. enable root-squash [root@rhs-goldman1 ~]# ./root-squash-enable.sh VOLNAME:dist-rep volume set: success 6. mv dir/file1 dir/file11 or mv dir/file2 dir/file22 Actual results: [root@rhsauto020 nfs-test]# mv dir/file1 dir/file11 [root@rhsauto020 nfs-test]# ls -l dir/ total 0 -rw-r--r--. 2 root root 0 Apr 25 18:33 file1 -rw-r--r--. 2 root root 0 Apr 25 18:33 file11 -rwxrwxrwx. 1 root root 0 Apr 25 18:33 file2 [root@rhsauto020 nfs-test]# mv dir/file2 dir/file22 [root@rhsauto020 nfs-test]# ls -l dir/ total 0 -rw-r--r--. 2 root root 0 Apr 25 18:33 file1 -rw-r--r--. 2 root root 0 Apr 25 18:33 file11 -rwxrwxrwx. 2 root root 0 Apr 25 18:33 file2 -rwxrwxrwx. 2 root root 0 Apr 25 18:33 file22 [root@rhsauto020 dir]# touch file3 [root@rhsauto020 dir]# ls -l total 0 -rw-r--r--. 2 root root 0 Apr 25 18:33 file1 -rw-r--r--. 2 root root 0 Apr 25 18:33 file11 -rwxrwxrwx. 2 root root 0 Apr 25 18:33 file2 -rwxrwxrwx. 2 root root 0 Apr 25 18:33 file22 -rw-r--r--. 1 nfsnobody nfsnobody 0 Apr 25 18:34 file3 Expected results: Permission should be denied to rename. Additional info:
Client used is RHEL 6.4
https://code.engineering.redhat.com/gerrit/#/c/7257/ has been submitted for review.
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1262.html