diff options
author | Venky Shankar <venky@gluster.com> | 2011-10-05 16:56:30 +0530 |
---|---|---|
committer | Vijay Bellur <vijay@gluster.com> | 2011-10-28 08:08:40 -0700 |
commit | a29f1a0e36bde5ca7b8f3762f10b210b5e12a875 (patch) | |
tree | e44c9bd019796c61e7f7059f34f40de0f984b5c7 /xlators/mount/fuse/src/fuse-helpers.c | |
parent | af708e9fc2eb2104b9e8e3b5a3eaf99201664324 (diff) |
fuse: flip xattr key from user to trusted namespace for certain
clients.
This is needed for gsyncd/hadoop-plugin running as non-super
user to be able to request extended attributes under trusted
namespace. Request for a key is made under 'user.' namespace
and is flipped by fuse xlator for specific xattr name to the
corresponding 'trusted.' extended attribute.
Both applications set a identifier (client-pid) while doing a
FUSE mount, which is checked by get/set/remove interfaces in
FUSE translator.
Change-Id: I72f77a5dd1ee1d69c8b0e09209449348dbcf879a
BUG: 3701
Reviewed-on: http://review.gluster.com/563
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vijay@gluster.com>
Diffstat (limited to 'xlators/mount/fuse/src/fuse-helpers.c')
-rw-r--r-- | xlators/mount/fuse/src/fuse-helpers.c | 84 |
1 files changed, 84 insertions, 0 deletions
diff --git a/xlators/mount/fuse/src/fuse-helpers.c b/xlators/mount/fuse/src/fuse-helpers.c index 5fe3dc9f4cc..f40d1d6a50e 100644 --- a/xlators/mount/fuse/src/fuse-helpers.c +++ b/xlators/mount/fuse/src/fuse-helpers.c @@ -360,5 +360,89 @@ gf_fuse_stat2attr (struct iatt *st, struct fuse_attr *fa) #endif } +int +fuse_flip_user_to_trusted (char *okey, char **nkey) +{ + int ret = 0; + char *key = NULL; + + key = GF_CALLOC (1, strlen(okey) + 10, gf_common_mt_char); + if (!key) { + ret = -1; + goto out; + } + + okey += 5; + strncpy(key, "trusted.", 8); + strncat(key+8, okey, strlen(okey)); + + *nkey = key; + + out: + return ret; +} + +int +fuse_xattr_alloc_default (char *okey, char **nkey) +{ + int ret = 0; + *nkey = gf_strdup (okey); + if (!*nkey) + ret = -1; + return ret; +} +int +fuse_flip_xattr_ns (fuse_private_t *priv, char *okey, char **nkey) +{ + int ret = 0; + gf_boolean_t need_flip = _gf_false; + gf_client_pid_t npid = 0; + + npid = priv->client_pid; + if (gf_client_pid_check (npid)) { + ret = fuse_xattr_alloc_default (okey, nkey); + goto out; + } + + switch (npid) { + /* + * These two cases will never execute as we check the + * pid range above, but are kept to keep the compiler + * happy. + */ + case GF_CLIENT_PID_MAX: + case GF_CLIENT_PID_MIN: + goto out; + + case GF_CLIENT_PID_GSYNCD: + /* valid xattr(s): *xtime, volume-mark* */ + gf_log("glusterfs-fuse", GF_LOG_DEBUG, "PID: %d, checking xattr(s): " + "volume-mark*, *xtime", npid); + if ( (strcmp (okey, "user.glusterfs.volume-mark") == 0) + || (fnmatch (okey, "user.glusterfs.volume-mark.*", FNM_PERIOD) == 0) + || (fnmatch ("user.glusterfs.*.xtime", okey, FNM_PERIOD) == 0) ) + need_flip = _gf_true; + break; + + case GF_CLIENT_PID_HADOOP: + /* valid xattr(s): pathinfo */ + gf_log("glusterfs-fuse", GF_LOG_DEBUG, "PID: %d, checking xattr(s): " + "pathinfo", npid); + if (strcmp (okey, "user.glusterfs.pathinfo") == 0) + need_flip = _gf_true; + break; + } + + if (need_flip) { + gf_log ("glusterfs-fuse", GF_LOG_DEBUG, "flipping %s to trusted equivalent", + okey); + ret = fuse_flip_user_to_trusted (okey, nkey); + } else { + /* if we cannot match, continue with what we got */ + ret = fuse_xattr_alloc_default (okey, nkey); + } + out: + return ret; +} |