summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--rpc/rpc-lib/src/rpcsvc-auth.c3
-rw-r--r--xlators/nfs/server/src/nfs3-helpers.c10
2 files changed, 8 insertions, 5 deletions
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c
index fc4d44299a4..d62bd100be5 100644
--- a/rpc/rpc-lib/src/rpcsvc-auth.c
+++ b/rpc/rpc-lib/src/rpcsvc-auth.c
@@ -433,7 +433,8 @@ rpcsvc_auth_unix_auxgids (rpcsvc_request_t *req, int *arrlen)
if ((!req) || (!arrlen))
return NULL;
- if ((req->cred.flavour != AUTH_UNIX) ||
+ /* In case of AUTH_NULL auxgids are not used */
+ if ((req->cred.flavour != AUTH_UNIX) &&
(req->cred.flavour != AUTH_GLUSTERFS)) {
gf_log ("rpc", GF_LOG_DEBUG, "auth type not unix or glusterfs");
return NULL;
diff --git a/xlators/nfs/server/src/nfs3-helpers.c b/xlators/nfs/server/src/nfs3-helpers.c
index 5708db1b83d..6ead0154690 100644
--- a/xlators/nfs/server/src/nfs3-helpers.c
+++ b/xlators/nfs/server/src/nfs3-helpers.c
@@ -575,13 +575,14 @@ nfs3_accessbits (int32_t accbits)
uint32_t accresult = 0;
if (accbits & POSIX_READ)
- accresult |= (ACCESS3_READ | ACCESS3_LOOKUP);
+ accresult |= ACCESS3_READ;
if (accbits & POSIX_WRITE)
accresult |= (ACCESS3_MODIFY | ACCESS3_EXTEND);
+ /* lookup on directory allowed only in case of execute permission */
if (accbits & POSIX_EXEC)
- accresult |= ACCESS3_EXECUTE;
+ accresult |= (ACCESS3_EXECUTE | ACCESS3_LOOKUP);
return accresult;
}
@@ -591,13 +592,14 @@ nfs3_request_to_accessbits (int32_t accbits)
{
uint32_t acc_request = 0;
- if (accbits & (ACCESS3_READ | ACCESS3_LOOKUP))
+ if (accbits & ACCESS3_READ)
acc_request |= POSIX_READ;
if (accbits & (ACCESS3_MODIFY | ACCESS3_EXTEND))
acc_request |= POSIX_WRITE;
- if (accbits & ACCESS3_EXECUTE)
+ /* For lookup on directory check for execute permission */
+ if (accbits & (ACCESS3_EXECUTE | ACCESS3_LOOKUP))
acc_request |= POSIX_EXEC;
return acc_request;