| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In posix-acl when there are errors xdata that comes as part of input is used to
unwind which can be used as response xdata which may lead to problems as the
keys in the input will match with keys in the output but the values the
response xdata may expect can be completely different.
For example, we see that dht sends DHT_IATT_IN_XDATA_KEY in setxattr
which will be unwound with the same key in the xdata-response which
dht thinks is valid response and fills stbuf with invalid values
leading to EIO
> BUG: 1374093
> Change-Id: I6b77a1fa1ee99cb62e181e1db2e6fea73f6eaaa3
> Signed-off-by: Pranith Kumar K <pkarampu@redhat.com>
> Reviewed-on: http://review.gluster.org/15421
> Smoke: Gluster Build System <jenkins@build.gluster.org>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
> Reviewed-by: Niels de Vos <ndevos@redhat.com>
(cherry picked from commit c9271ff14d3efa8279cf67907548b3f43970d4fb)
Change-Id: I6b77a1fa1ee99cb62e181e1db2e6fea73f6eaaa3
BUG: 1374641
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/15475
Smoke: Gluster Build System <jenkins@build.gluster.org>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a backport of http://review.gluster.org/13961
> Change-Id: Ibe5b00cd4b5d896133adc61f65094d783c492ed4
> BUG: 1325822
> Signed-off-by: vmallika <vmallika@redhat.com>
Change-Id: I6be941044ea430913bb950c202f65a1c642d7ae4
BUG: 1325826
Signed-off-by: vmallika <vmallika@redhat.com>
Reviewed-on: http://review.gluster.org/13962
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaushal M <kaushal@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a backport of http://review.gluster.org/13894
> Change-Id: I3f478b7e4ecab517200f50eb09f65a634c029437
> BUG: 1320818
> Signed-off-by: vmallika <vmallika@redhat.com>
> Reviewed-on: http://review.gluster.org/13894
> Smoke: Gluster Build System <jenkins@build.gluster.com>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
Change-Id: I5bb727857e94feb4c86574cf2985c71d8b9ad1d7
BUG: 1320817
Signed-off-by: vmallika <vmallika@redhat.com>
Reviewed-on: http://review.gluster.org/13909
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a backport of http://review.gluster.org/13730
* changes in posix to send proper iatt attributes for the root directory
when ancestry is built. Before posix was filling only the gfid and the
inode type in the iatt structure keeping rest of the fields zeros.
This was cached by posix-acl and used to send EACCES when some fops came on
that object if the uid of the caller is same as the uid of the object
on the disk.
* getting and setting inode_ctx in function 'posix_acl_ctx_get' is not
atomic and can lead to memory leak when there are multiple lookups for an
inode at same time. This patch fixes this problem
* Linking an inode in posix_build_ancestry, can cause a race in
posix_acl.
When parent inode is linked in posix_build_ancestry, and before
it reaches posix_acl_readdirp_cbk, create/lookup can
come on a leaf-inode, as parent-inode-ctx not yet updated
in posix_acl_readdirp_cbk, create/lookup can fail
with EACCESS. So do the inode linking in the quota xlator
> Change-Id: I3101eefb65551cc4162c4ff2963be1b73deacd6d
> BUG: 1320818
> Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
> Reviewed-on: http://review.gluster.org/13730
> Tested-by: Vijaikumar Mallikarjuna <vmallika@redhat.com>
> Smoke: Gluster Build System <jenkins@build.gluster.com>
> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
> CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
> Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
Change-Id: I65b0bbf83e563b519db07f2bcddcc6465743b6ea
BUG: 1320892
Signed-off-by: vmallika <vmallika@redhat.com>
Reviewed-on: http://review.gluster.org/13825
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A check for dictionary is required before calling handling_other_acl_related_xattr()
in posix_setxattr_cbk(). Otherwise following message will be poped up on every settxattr
call.
[2016-01-31 17:38:48.027792] I [dict.c:473:dict_get]
(-->/usr/lib/x86_64-linux-gnu/glusterfs/3.7.6/xlator/system/posix-acl.so
(posix_acl_setxattr_cbk+0x26) [0x7f2334c5c166] -->
/usr/lib/x86_64-linux-gnu/glusterfs/3.7.6/xlator/system/posix-acl.so
(handling_other_acl_related_xattr+0xb0) [0x7f2334c5c0f0]
-->/usr/lib/x86_64-linux-gnu/libglusterfs.so.0(dict_get+0x93)
[0x7f233c04b0c3] ) 0-dict: !this ||
key=system.posix_acl_default [Invalid argument]
Upstream reference :
>Change-Id: I93f7e0f764c94dce38bdde95a68341f69a52122d
>BUG: 1303501
>Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
>Reviewed-on: http://review.gluster.org/13325
>Smoke: Gluster Build System <jenkins@build.gluster.com>
>Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
>CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
>NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
>Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
>(cherry picked from commit b72172f4516ff5627f15168213a54b171463803f)
BUG: 1308800
Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
Change-Id: Ide2aea41c01c00bf28294fd3ea4f1d538f54b26f
Reviewed-on: http://review.gluster.org/13452
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In handling_other_acl_related_xattr(), acl variable is unrefered twice
after updating the context of access_control translator.So the acl variable
stored in the inmemory context will become invalid one. When the variable
accessed again , it will result in brick crash. This patch fixes the same.
Backport of http://review.gluster.org/#/c/11632/
>Change-Id: Ib95d2e3d67b0fb20d201244a206379d6261aeb23
>BUG: 1242041
>Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
Change-Id: I5dc69d8ea8f3e4740a90a52cabf86e317950a659
BUG: 1242044
Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
Reviewed-on: http://review.gluster.org/11634
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Tested-by: NetBSD Build System <jenkins@build.gluster.org>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By introduction of new acl conversion from http://review.gluster.org/#/c/9627/,
an acl can be set using GF_POSIX_ACL_*_KEY xattrs without notifying the
access-control translator. So evenif an acl is set correctly at the backend, it
might not work properly because access-control holds wrong acl information in
its context about that file.
Note : This is a simple workaround. The actual solution consists of three steps:
1.) Use new acl api's for acl conversion.
2.) Move the acl conversion part from access-control translator
3.) Introduces standard acl structures and libaries in access-translator
for caching, enforcing purposes.
Backport of http://review.gluster.org/#/c/11144/
>Change-Id: Iacb6b323810ebe82f7f171f20be16429463cbcf0
>BUG: 1229860
>Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
>Reviewed-on: http://review.gluster.org/11144
>Reviewed-by: Niels de Vos <ndevos@redhat.com>
>Tested-by: Gluster Build System <jenkins@build.gluster.com>
>Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
>cherry-picked from 81cb71e9317e380b1d414038223c72643b35e664
Change-Id: I935f28704a2d401df8224f5042bf7b38177a8a0f
BUG: 1230327
Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
Reviewed-on: http://review.gluster.org/11519
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
If we create symlinks are part of make install,
should remove them as part of make uninstall.
Change-Id: Ie6e641caed60104cd256de4f020c1c6743d4ae60
BUG: 1177767
Signed-off-by: Raghavendra Talur <rtalur@redhat.com>
Reviewed-on: http://review.gluster.org/9367
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When root-squash is enabled or when no permissions are given to
a file, NFS threw permission errors. According to the kernel-nfs
behaviour, no permissions are required to read ACLs.
When no ACLs are set, the system call sys_lgetxattr fails and
returns a ENODATA error. This translates to ESERVERFAULT error
in NFS. Fuse makes an exception to this error and returns a success
case. Similar changes are made here to achieve the expected behaviour.
Change-Id: I46b8f5911114eb087a3f8ca4e921b6b41e83f3b3
BUG: 1161092
Signed-off-by: Meghana Madhusudhan <mmadhusu@redhat.com>
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/9085
Tested-by: Gluster Build System <jenkins@build.gluster.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NFSv3 does not have a TRUNCATE procedure, instead it is part of the
SETATTR (change the 'size' attribute). SETATTR with a new 'size'
succeeds on other NFS-servers, even when the owner of the file does not
have write permissions. Make Gluster/NFS behave the same way, by
checking if the RPC/pid comes from the NFS-server, and allow truncate()
when the file is owned by the user calling SETATTR.
BUG: 955753
Change-Id: I4b7cb8efe5a2032c6cd2eef6af610032f76d8b39
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/8889
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: soumya k <skoduri@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The permissions returned by NFS ACL are wrong, which are rejected
by NFS client as "Invalid argument". Refactor the NFS ACL code
to return the proper permissions which would match with the
requested permissions.
Change-Id: I409a6600538a90f2c5c2e8d84657c3b508468fe6
BUG: 1035218
Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>
Reviewed-on: http://review.gluster.org/6368
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
The object in question was created in posix_acl_inherit () and
was being GF_FREE'd as part of data_destroy().
Change-Id: Ibdb7c3b5c10ce447f061bde68452502e5170de92
BUG: 1035751
Signed-off-by: Krutika Dhananjay <kdhananj@redhat.com>
Reviewed-on: http://review.gluster.org/6377
Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Problem:
Incorrect NFS ACL encoding causes "system.posix_acl_default"
setxattr failure on bricks on XFS file system. XFS (potentially
others?) doesn't understand when the 0x10 prefix is added to the
ACL type field for default ACLs (which the Linux NFS client adds)
which causes setfacl()->setxattr() to fail silently. NFS client
adds NFS_ACL_DEFAULT(0x1000) for default ACL.
FIX:
Mask the prefix (added by NFS client) OFF, so the setfacl is not
rejected when it hits the FS.
Original patch by: "Richard Wareing"
Change-Id: I17ad27d84f030cdea8396eb667ee031f0d41b396
BUG: 1009210
Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com>
Reviewed-on: http://review.gluster.org/5980
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Typically when updating cached ACL from backend, we get both iatt and
ACL xattrs (like lookup, readdirplus etc.) However in calls like
setattr(), the mode would have updated but we receive only iatt and not
the ACL xattrs. In such case we need to "spread" the effects of the
changed mode properly into the cached ACL xattr ourselves.
Change-Id: I23a7bc9c14722ff6848e175ed4bbe863a21ce2c9
BUG: 998967
Signed-off-by: Anand Avati <avati@redhat.com>
Reviewed-on: http://review.gluster.org/5979
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* While creating links, check if there is sticky bit set for the parent
directory and whether the sticky bit permits the user to create the link.
Change-Id: Ic0d09d9ed579c4eb47462c71602a3a60cc7d3bc1
BUG: 958691
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-on: http://review.gluster.org/4934
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Not fetching ACLs in readdirplus can potentially result in spurious
wrong ACL decisions (which magically go away on a lookup() which
populates the ACLs)
Change-Id: Ided38b4d868fab482b477ce51b4878289ef9eed0
BUG: 953694
Signed-off-by: Anand Avati <avati@redhat.com>
Reviewed-on: http://review.gluster.org/4926
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: shishir gowda <sgowda@redhat.com>
Change-Id: I9d49537c2c7b51d5598b80627d61f060aaec8549
BUG: 921437
Reviewed-on: http://review.gluster.org/4671
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
|
| |
|
|
|
|
|
|
|
|
| |
Change-Id: I1c9541058c7d07786539a3266ca125a6a15287d8
BUG: 859835
Signed-off-by: Anand Avati <avati@redhat.com>
Original-author: Kacper Kowalik (Xarthisius) <xarthisius.kk@gmail.com>
Signed-off-by: Kacper Kowalik (Xarthisius) <xarthisius.kk@gmail.com>
Reviewed-on: http://review.gluster.org/3967
Tested-by: Gluster Build System <jenkins@build.gluster.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* warnings on 'void *' arguments
* warnings on empty initializations
* warnings on empty array (array[0])
Change-Id: Iae440f54cbd59580eb69f3ecaed5a9926c0edf95
BUG: 875913
Signed-off-by: Avra Sengupta <asengupt@redhat.com>
Reviewed-on: http://review.gluster.org/4219
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Thanks Amar Tumballi.
Change-Id: I3ac9b46d4c3fcd12d1eec779317a03c47d267556
BUG: 887098
Signed-off-by: Varun Shastry <vshastry@redhat.com>
Reviewed-on: http://review.gluster.org/4351
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Automake provides a separate variable for preprocessor flags
(*_CPPFLAGS). They are already uses in a few places, so make it
consistent and use it everywhere. Note that cflags obtained from
pkg-config often are cppflags, which is why LIBXML2_CFLAGS moves with
into AM_CPPFLAGS, for example.
Change-Id: I15feed1d18b2ca497371271c4b5876d5ec6289dd
BUG: 862082
Original-author: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-on: http://review.gluster.org/4029
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
"-L" is a linker flag, and as such should be in LDFLAGS, not CFLAGS, to
have guaranteed effect.
Change-Id: I014db3f48823d4923b45e0695b62b124eb1a1506
BUG: 862082
Original-author: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-on: http://review.gluster.org/4028
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CFLAGS
libtool will automatically add "-fPIC" to the compiler command line as
needed, so there is no need to specify it separately.
"-shared" is normally a linker flag and has an odd effect when used with
libtool --mode=compile, namely that it inhibits production of static
objects. For that however, using AC_DISABLE_STATIC is a lot simpler.
Change-Id: Ic4cba0fad18ffd985cf07f8d6951a976ae59a48f
BUG: 862082
Original-author: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-on: http://review.gluster.org/4027
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The "-nostartfiles" is a discouraged option and is documented to
potentially result in undesired behavior. Since I see no reason why it
should be in glusterfs, remove it.
Change-Id: I56f2b08874516ebad91447b2583ca2fb776bb7ab
BUG: 862082
Original-author: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-on: http://review.gluster.org/4018
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some -D flags are present in all files, so collect them.
This adds -D${GF_HOST_OS} to some compiler command lines,
but this should not be a problem.
Change-Id: I1aeb346143d4984c9cc4f2750c465ce09af1e6ca
BUG: 862082
Original-author: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Jan Engelhardt <jengelh@inai.de>
Signed-off-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-on: http://review.gluster.org/4013
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
License message changed for server-side, dual license GPLV2 and LGPLv3+.
Change-Id: Ia9e53061b9d2df3b3ef3bc9778dceff77db46a09
BUG: 852318
Signed-off-by: Varun Shastry <vshastry@redhat.com>
Reviewed-on: http://review.gluster.org/3940
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Change-Id: I4689602cbea0e46498d10b8785bcde86d369e75d
BUG: 852318
Signed-off-by: Varun Shastry <vshastry@redhat.com>
Reviewed-on: http://review.gluster.org/3880
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The license message is changed to
Copyright (c) 2008-2012 Red Hat, Inc. <http://www.redhat.com>
This file is part of GlusterFS.
This file is licensed to you under your choice of the GNU Lesser
General Public License, version 3 or any later version (LGPLv3 or
later), or the GNU General Public License, version 2 (GPLv2), in all
cases as published by the Free Software Foundation.
Change-Id: I07d2b63ed5fbbbd1884f1e74f2dd56013d15b0f4
BUG: 852318
Signed-off-by: Varun Shastry <vshastry@redhat.com>
Reviewed-on: http://review.gluster.org/3858
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* currently "umask" is reffered only from xdata dictionary, instead
we should utilize fop argument.
* not taking of setting of "umask" in fuse for now, considering the
backward compatibility with earlier releases.
* dict_del() the "umask" and "mode" keys from xdata dict as the fop
after reaching posix layer tries to set every entry in xdata as
xattr on file/dir.
Change-Id: I7199b05a5bde132df20e7812a99bc02ef7b988ce
Signed-off-by: Amar Tumballi <amarts@redhat.com>
BUG: 850873
Reviewed-on: http://review.gluster.org/3843
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
on linux systems, with open(), we can get below flag as per
'linux/fs.h'.
/* File is opened for execution with sys_execve / sys_uselib */
Instead of adding '#include <linux/fs.h>, its better to copy this
absolute number into other variable because then we have to deal
with declaring fmode_t etc etc..
With the fix, we can handle the file with '0711' permissions in
the same way as backend linux filesystems.
Change-Id: Ib1097fc0d2502af89c92d561eb4123cba15713f5
Signed-off-by: Amar Tumballi <amarts@redhat.com>
Reviewed-on: http://review.gluster.com/3739
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Niels de Vos <ndevos@redhat.com>
Tested-by: Niels de Vos <ndevos@redhat.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
See comments in http://bugzilla.redhat.com/839925 for
the code to perform this change.
Signed-off-by: Jim Meyering <meyering@redhat.com>
BUG: 839925
Change-Id: I10e4ecff16c3749fe17c2831c516737e08a3205a
Reviewed-on: http://review.gluster.com/3661
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Send acl xattrs, if present in the xattrs returned during lookup, during
directory self-heal.
Change-Id: I5337bbd3f3963aeed500a8a552e5f6713089b53e
BUG: 764787
Signed-off-by: Kaushal M <kaushal@redhat.com>
Reviewed-on: http://review.gluster.com/737
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
with this change, the xlator APIs will have a dictionary as extra
argument, which is passed between all the layers. This can be
utilized for overloading in some of the operations.
Change-Id: I58a8186b3ef647650280e63f3e5e9b9de7827b40
Signed-off-by: Amar Tumballi <amarts@redhat.com>
BUG: 782265
Reviewed-on: http://review.gluster.com/2960
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
unref. the acl pointers from posix_acl_get()
Change-Id: I1247f64ceded17bfa204d1b899ec56a27bef0cdb
Signed-off-by: Brian Foster <bfoster@redhat.com>
BUG: 801183
Reviewed-on: http://review.gluster.com/2904
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If an entry includes no ACL returned via dictionary, it is possible
to skip down to acl_set without updating acl_access and/or
acl_default. If either are set from the previous iteration, the
unrelated ACLs are set to the current entry. Use a single set of
pointers to ensure that valid ACLs are always set.
Change-Id: Ia94887ded91845bc39d4d5e95ef00d190681e517
BUG: 801183
Signed-off-by: Brian Foster <bfoster@redhat.com>
Reviewed-on: http://review.gluster.com/2903
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
Reviewed-by: Amar Tumballi <amarts@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
needed to implement a proper handling of open flag alterations
using fcntl() on fd.
Change-Id: Ic280d5db6f1dc0418d5c439abb8db1d3ac21ced0
Signed-off-by: Amar Tumballi <amar@gluster.com>
BUG: 782265
Reviewed-on: http://review.gluster.com/2723
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
readdirp_req() call sends a dict_t * as an argument, which
contains all the xattr keys for which the entries got in
readdirp_rsp() are having xattr value filled dictionary.
Change-Id: I8b7e1290740ea3e884e67d19156ce849227167c0
Signed-off-by: Amar Tumballi <amar@gluster.com>
BUG: 765785
Reviewed-on: http://review.gluster.com/771
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
FUSE used to interpret the umask itself. That was a bad idea, since
there are cases where umask is not applied, such as when extended POSIX
ACLs are present and default ACLs are set on parent directory.
The FUSE bridge was changed to send original mode with umask (alongside
masked mode, for compatibility). If that is the case, we decide whether
to apply the umask or not in the posix-acl translator depending on
whether a default umask is set, or not.
The original, broken, behavior is preserved in following cases:
* Unpatched client (not sending umask with original mode)
* Unpatched server (not understanding umask with original mode)
* Old FUSE on client side (FUSE < 7.12 or linux < 2.6.31)
(can not find out the umask and original mode)
Change-Id: I2e3bfc4c7c9611bc51119ca5c8e28f6582677516
Signed-off-by: Lubomir Rintel <lubo.rintel@gooddata.com>
Tested-by: Lubomir Rintel <lubo.rintel@gooddata.com>
BUG: 765508
Reviewed-on: http://review.gluster.com/668
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
| |
|
|
|
|
|
|
|
| |
Signed-off-by: shishir gowda <shishirng@gluster.com>
Change-Id: I6cd3a9c3a513cc2a998b82610613bbfa0622eec4
BUG: 767862
Reviewed-on: http://review.gluster.com/811
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Amar Tumballi <amar@gluster.com>
|
| |
|
|
|
|
|
|
|
|
| |
with this patch, there are no more warnings with gcc (GCC) 4.6.1 20110908
Change-Id: Ice0d52d304b9846395f8a4a191c98eb53125f792
BUG: 2550
Reviewed-on: http://review.gluster.com/607
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In configurations with a uid mapper, super user ID could be mapped
to a non-zero value. Hence making it configurable in access control
would be necessary for proper super-user semantics.
Change-Id: I51e8e0395680e9b96a99657a0af547659bd9affe
BUG: 2815
Reviewed-on: http://review.gluster.com/332
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While inheriting the ACLs from a directory that has default ACLs, make sure
that the mode flags set by the application are saved. It is required to
inherit only the Read, Write and Execute permissions while leaving the others
viz. setuid, setgid and sticky bit untouched hence honouring the requests made
by the application during create operations (mknod, mkdir et al).
For a description of the problem, root cause and evaluation, refer:
http://bugs.gluster.com/show_bug.cgi?id=3522
Change-Id: I994077fb321a35d8254f0cc5a7de99a17ec40c47
BUG: 3522
Reviewed-on: http://review.gluster.com/368
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes ~200 such warnings, but leaves three categories untouched.
(1) Rpcgen code.
(2) Macros which set variables in the outer (calling function) scope.
(3) Variables which are set via function calls which may have side effects.
Change-Id: I6554555f78ed26134251504b038da7e94adacbcd
BUG: 2550
Reviewed-on: http://review.gluster.com/371
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If write calls are coming in through an fd with O_RDWR or O_WRONLY
flag then a permission check is unnecessary. However writes from
NFS ideally need a "stateless" check in each call and this results
in a permission failure due to the read-only mode (disregarding the
FD's writeability).
For now it is acceptable to disable write checks as almost always
the NFS client would already be doing such basic access control.
Also because the previous access-control translator (prior to
posix ACL introduction) too was permitting writes and reads
unconditionally.
In fact the Linux KNFS server too assumes the NFS client would have
done the permission check.
Change-Id: I33e5de8911a87881f9341b8b92574780c2dfbeba
BUG: 3388
Reviewed-on: http://review.gluster.com/208
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
| |
|
|
|
|
|
|
| |
Change-Id: I3914467611e573cccee0d22df93920cf1b2eb79f
BUG: 3348
Reviewed-on: http://review.gluster.com/182
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@gluster.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: Anand Avati <avati@gluster.com>
BUG: 2815 (Server-enforced ACLs)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2815
Signed-off-by: shishir gowda <shishirng@gluster.com>
Signed-off-by: Anand Avati <avati@gluster.com>
BUG: 2815 (Server-enforced ACLs)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=2815
|
| |
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: shishir gowda <shishirng@gluster.com>
Signed-off-by: Anand Avati <avati@gluster.com>
BUG: 3057 (acl permissions don't work on nfs mount)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3057
BUG: 3057 (acl permissions don't work on nfs mount)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3057
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The permission check is same as that of posix. We break the requests
into single checks, aggregate all the valid modes and return in reply.
Signed-off-by: shishir gowda <shishirng@gluster.com>
Signed-off-by: Vijay Bellur <vijay@gluster.com>
BUG: 3057 ()
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3057
Signed-off-by: Anand Avati <avati@gluster.com>
BUG: 3057 (acl permissions don't work on nfs mount)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3057
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The backend permissions returned in stat for group is already masked
value. Use the xattr value
Signed-off-by: shishir gowda <shishirng@gluster.com>
Signed-off-by: Vijay Bellur <vijay@gluster.com>
BUG: 3102 ()
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3102
Signed-off-by: Anand Avati <avati@gluster.com>
BUG: 3102 (Read calls go ahead even when the group has no permissions)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3102
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Signed-off-by: shishir gowda <shishirng@gluster.com>
Signed-off-by: Vijay Bellur <vijay@gluster.com>
BUG: 3057 ()
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3057
Signed-off-by: Anand Avati <avati@gluster.com>
BUG: 3057 (acl permissions don't work on nfs mount)
URL: http://bugs.gluster.com/cgi-bin/bugzilla3/show_bug.cgi?id=3057
|
