Bug 991035 - ACL mask is calculated incorrectly
ACL mask is calculated incorrectly
Status: CLOSED DUPLICATE of bug 998967
Product: GlusterFS
Classification: Community
Component: access-control (Show other bugs)
3.4.0
x86_64 Linux
unspecified Severity high
: ---
: ---
Assigned To: Nagaprasad Sathyanarayana
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-08-01 09:01 EDT by kristof.wevers
Modified: 2016-02-17 19:19 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-09-18 02:24:15 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description kristof.wevers 2013-08-01 09:01:42 EDT
Description of problem:

The ACL mask is calculated incorrectly on files/directories created on a fuse mounted gluster fs.

Version-Release number of selected component (if applicable):

glusterfs-server-3.4.0-3.el5
glusterfs-fuse-3.4.0-3.el5
glusterfs-3.4.0-3.el5
fuse-2.7.4-8.el5
kernel-2.6.18-348.el5

How reproducible: 100%


Steps to Reproduce:
1. Create directory (ACL) on fuse mounted gluster fs

[tele1522(root):/int_shr_ngxwsc_01] mkdir ACL
[tele1522(root):/int_shr_ngxwsc_01] ll -d ACL
drwxr-xr-x 2 root root 4096 Aug  1 14:45 ACL

2. setfacl on dir ACL

[tele1522(root):/int_shr_ngxwsc_01] setfacl -md:u::rwx ACL/
[tele1522(root):/int_shr_ngxwsc_01] setfacl -md:g::--- ACL/
[tele1522(root):/int_shr_ngxwsc_01] setfacl -md:o::--- ACL/
[tele1522(root):/int_shr_ngxwsc_01] setfacl -md:m::rwx ACL/
[tele1522(root):/int_shr_ngxwsc_01] setfacl -md:u:Ingxwsc:rwx ACL/
[tele1522(root):/int_shr_ngxwsc_01] setfacl -md:g:IWngxwsc:rwx ACL/
[tele1522(root):/int_shr_ngxwsc_01] setfacl -md:g:IRngxwsc:r-x ACL/
[tele1522(root):/int_shr_ngxwsc_01] setfacl -mg::--- ACL/
[tele1522(root):/int_shr_ngxwsc_01] setfacl -mo::--- ACL/
[tele1522(root):/int_shr_ngxwsc_01] setfacl -mg:IWngxwsc:rwx ACL/
[tele1522(root):/int_shr_ngxwsc_01] setfacl -mg:IRngxwsc:r-x ACL/
[tele1522(root):/int_shr_ngxwsc_01] ll -d ACL/
drwxrwx---+ 3 root root 4096 Aug  1 14:52 ACL/
[tele1522(root):/int_shr_ngxwsc_01] getfacl ACL/
# file: ACL
# owner: root
# group: root
user::rwx
group::---
group:IWngxwsc:rwx
group:IRngxwsc:r-x
mask::rwx
other::---
default:user::rwx
default:user:Ingxwsc:rwx
default:group::---
default:group:IWngxwsc:rwx
default:group:IRngxwsc:r-x
default:mask::rwx
default:other::---

3. Create dir ACL/subdir that should inherit default acl/mask from ACL/

[tele1522(root):/int_shr_ngxwsc_01] mkdir ACL/subdir
[tele1522(root):/int_shr_ngxwsc_01] ll -d ACL/subdir/
drwxr-x---+ 2 root root 4096 Aug  1 14:52 ACL/subdir/
[tele1522(root):/int_shr_ngxwsc_01] getfacl ACL/subdir/
# file: ACL/subdir
# owner: root
# group: root
user::rwx
user:Ingxwsc:rwx                #effective:r-x
group::---
group:IWngxwsc:rwx              #effective:r-x
group:IRngxwsc:r-x
mask::r-x
other::---
default:user::rwx
default:user:Ingxwsc:rwx
default:group::---
default:group:IWngxwsc:rwx
default:group:IRngxwsc:r-x
default:mask::rwx
default:other::---


Actual results:
The subdirectory gets a mask of r-x

Expected results:
The subdirectoy should get a mask of rwx
This does happen when the same is done on a local ext3 fs:

[tele1522(root):/] mount | grep root
/dev/mapper/RootVG-root on / type ext3 (rw)
[tele1522(root):/] pwd
/
[tele1522(root):/] mkdir ACL
[tele1522(root):/] setfacl -md:u::rwx ACL/
[tele1522(root):/] setfacl -md:g::--- ACL/
[tele1522(root):/] setfacl -md:o::--- ACL/
[tele1522(root):/] setfacl -md:m::rwx ACL/
[tele1522(root):/] setfacl -md:u:Ingxwsc:rwx ACL/
[tele1522(root):/] setfacl -md:g:IWngxwsc:rwx ACL/
[tele1522(root):/] setfacl -md:g:IRngxwsc:r-x ACL/
[tele1522(root):/] setfacl -mg::--- ACL/
[tele1522(root):/] setfacl -mo::--- ACL/
[tele1522(root):/] setfacl -mg:IWngxwsc:rwx ACL/
[tele1522(root):/] setfacl -mg:IRngxwsc:r-x ACL/
[tele1522(root):/] ll -d ACL/
drwxrwx---+ 3 root root 4096 Aug  1 14:57 ACL/
[tele1522(root):/] getfacl ACL/
# file: ACL
# owner: root
# group: root
user::rwx
group::---
group:IWngxwsc:rwx
group:IRngxwsc:r-x
mask::rwx
other::---
default:user::rwx
default:user:Ingxwsc:rwx
default:group::---
default:group:IWngxwsc:rwx
default:group:IRngxwsc:r-x
default:mask::rwx
default:other::---

[tele1522(root):/] mkdir ACL/subdir
[tele1522(root):/] ll -d ACL/subdir
drwxrwx---+ 2 root root 4096 Aug  1 14:57 ACL/subdir
[tele1522(root):/] getfacl ACL/subdir/
# file: ACL/subdir
# owner: root
# group: root
user::rwx
user:Ingxwsc:rwx
group::---
group:IWngxwsc:rwx
group:IRngxwsc:r-x
mask::rwx
other::---
default:user::rwx
default:user:Ingxwsc:rwx
default:group::---
default:group:IWngxwsc:rwx
default:group:IRngxwsc:r-x
default:mask::rwx
default:other::---

[tele1522(root):/]



Additional info:
Systems are running CentOS 5.9 x86_64
Replicated gluster volume on ext3 filesystems, all mounted with acl option


Volume Name: int_shr_ngxwsc_01
Type: Replicate
Volume ID: f1aa8bde-c5d0-4f92-b3d6-ccd2e50269d4
Status: Started
Number of Bricks: 1 x 2 = 2
Transport-type: tcp
Bricks:
Brick1: tele1522.cust.telenet.be:/int_loc_ngxwsc_01
Brick2: tele1523.cust.telenet.be:/int_loc_ngxwsc_01
Options Reconfigured:
performance.stat-prefetch: off
auth.allow: 192.168.217.*
performance.quick-read: on
performance.io-thread-count: 64
performance.write-behind: on
performance.flush-behind: on


[tele1522(root):/int_shr_ngxwsc_01] mount -l | grep /int_shr_ngxwsc_01
glusterfs#tele1522.cust.telenet.be:/int_shr_ngxwsc_01 on /int_shr_ngxwsc_01 type fuse (rw,allow_other,max_read=131072)
[tele1522(root):/int_shr_ngxwsc_01] grep /int_shr_ngxwsc_01 /etc/fstab
tele1522.cust.telenet.be:/int_shr_ngxwsc_01 /int_shr_ngxwsc_01 glusterfs defaults,_netdev,acl 0 0
[tele1522(root):/int_shr_ngxwsc_01] mount | grep /int_loc_ngxwsc_01
/dev/mapper/int_ngxwsc_dg-int_loc_ngxwsc_01_fs on /int_loc_ngxwsc_01 type ext3 (rw,acl)
[tele1523(root):/int_shr_ngxwsc_01] mount | grep /int_loc_ngxwsc_01
/dev/mapper/int_ngxwsc_dg-int_loc_ngxwsc_01_fs on /int_loc_ngxwsc_01 type ext3 (rw,acl)
[tele1522(root):/int_shr_ngxwsc_01] gluster volume info int_shr_ngxwsc_01
Comment 1 Lukas Bezdicka 2013-08-28 05:09:28 EDT
Probably duplicate of: 998967
Comment 3 Niels de Vos 2014-09-18 02:24:15 EDT
Bug 998967 was used to get this fix in version 3.4.1. Please report in that bug if the problem is not solved yet.

Thanks!

*** This bug has been marked as a duplicate of bug 998967 ***

Note You need to log in before you can comment on or make changes to this bug.