diff options
| author | Shehjar Tikoo <shehjart@gluster.com> | 2010-12-20 00:24:33 +0000 |
|---|---|---|
| committer | Anand V. Avati <avati@dev.gluster.com> | 2010-12-27 20:51:05 -0800 |
| commit | 48f3faaa492b7a6f93e1f3d79cb66b34fd080468 (patch) | |
| tree | b33be507c9ce669a85fed66feaa9de9ef0ea2ae6 /xlators/nfs/server/src/nfs3-helpers.c | |
| parent | d0fff8965875ed7e7cee223bd2c7b12df10cb6d7 (diff) | |
nfs3: Access cbk must account for auxgids on group access checks
Signed-off-by: Shehjar Tikoo <shehjart@gluster.com>
Signed-off-by: Anand V. Avati <avati@dev.gluster.com>
BUG: 2045 (Write permission denied for non-primary group membership)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2045
Diffstat (limited to 'xlators/nfs/server/src/nfs3-helpers.c')
| -rw-r--r-- | xlators/nfs/server/src/nfs3-helpers.c | 21 |
1 files changed, 17 insertions, 4 deletions
diff --git a/xlators/nfs/server/src/nfs3-helpers.c b/xlators/nfs/server/src/nfs3-helpers.c index dabcdc82e..a74a90412 100644 --- a/xlators/nfs/server/src/nfs3-helpers.c +++ b/xlators/nfs/server/src/nfs3-helpers.c @@ -677,20 +677,33 @@ nfs3_superuser_accessbits (ia_prot_t prot, ia_type_t type, uint32_t request) uint32_t nfs3_stat_to_accessbits (struct iatt *buf, uint32_t request, uid_t uid, - gid_t gid) + gid_t gid, gid_t *auxgids, int gids) { uint32_t accresult = 0; ia_prot_t prot = {0, }; ia_type_t type = 0; + int testgid = -1; + int x = 0; prot = buf->ia_prot; type = buf->ia_type; + if (buf->ia_gid == gid) + testgid = gid; + else { + for (; x < gids; ++x) { + if (buf->ia_gid == auxgids[x]) { + testgid = buf->ia_gid; + break; + } + } + } + if (uid == 0) accresult = nfs3_superuser_accessbits (prot, type, request); else if (buf->ia_uid == uid) accresult = nfs3_owner_accessbits (prot, type, request); - else if (buf->ia_gid == gid) + else if ((testgid != -1) && (buf->ia_gid == testgid)) accresult = nfs3_group_accessbits (prot, type, request); else accresult = nfs3_other_accessbits (prot, type, request); @@ -702,7 +715,7 @@ nfs3_stat_to_accessbits (struct iatt *buf, uint32_t request, uid_t uid, void nfs3_fill_access3res (access3res *res, nfsstat3 status, struct iatt *buf, uint32_t accbits, uid_t uid, gid_t gid, - uint64_t deviceid) + uint64_t deviceid, gid_t *gidarr, int gids) { post_op_attr objattr; uint32_t accres = 0; @@ -714,7 +727,7 @@ nfs3_fill_access3res (access3res *res, nfsstat3 status, struct iatt *buf, nfs3_map_deviceid_to_statdev (buf, deviceid); objattr = nfs3_stat_to_post_op_attr (buf); - accres = nfs3_stat_to_accessbits (buf, accbits, uid, gid); + accres = nfs3_stat_to_accessbits (buf, accbits, uid, gid, gidarr, gids); res->access3res_u.resok.obj_attributes = objattr; res->access3res_u.resok.access = accres; |