dht: Operate internal fops with negative pid
With root-squash on, all root credentials are converted to a random uid, gid(65535). And ideally this does not carry the necessary permission bits to carry out the operation. But posix-acl will allow operations from this inode as long as its ctx has the ngroup information and ngroup has the owner group information. The problem we ran into recently was somehow posix-acl xlator did not cache the ngroup info and some of the dht internal fops(layout setxattr) failed with root-squash enabled. DHT internal fops now use a negative pid to pretend that the operation is from an internal client so posix-acl allows them to pass Change-Id: I5bb8d068389bf4c94629d668a16015a95ccb53ab fixes: bz#1624796 Signed-off-by: Susant Palai <spalai@redhat.com>
This commit is contained in:
Susant Palai
N Balachandran
parent
5e8fd8b465
commit
b139bc58eb
@ -232,8 +232,10 @@ STACK_RESET(call_stack_t *stack)
|
||||
local_type *__local = (frm)->local; \
|
||||
__local->uid = frm->root->uid; \
|
||||
__local->gid = frm->root->gid; \
|
||||
__local->pid = frm->root->pid; \
|
||||
frm->root->uid = 0; \
|
||||
frm->root->gid = 0; \
|
||||
frm->root->pid = GF_CLIENT_PID_NO_ROOT_SQUASH; \
|
||||
} while (0);
|
||||
|
||||
#define FRAME_SU_UNDO(frm, local_type) \
|
||||
@ -241,6 +243,7 @@ STACK_RESET(call_stack_t *stack)
|
||||
local_type *__local = (frm)->local; \
|
||||
frm->root->uid = __local->uid; \
|
||||
frm->root->gid = __local->gid; \
|
||||
frm->root->pid = __local->pid; \
|
||||
} while (0);
|
||||
|
||||
/* NOTE: make sure to keep this as an macro, mainly because, we need 'fn'
|
||||
|
||||
@ -323,6 +323,7 @@ struct dht_local {
|
||||
|
||||
uint32_t uid;
|
||||
uint32_t gid;
|
||||
pid_t pid;
|
||||
|
||||
/* needed by nufa */
|
||||
int32_t flags;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user