diff options
author | Andreas Gruenbacher <agruen@suse.de> | 2005-06-22 13:16:27 -0400 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2005-06-22 16:07:24 -0400 |
commit | 055ffbea0596942579b0dae71d5dab78de8135f6 (patch) | |
tree | 4799088989e9923c45089cab905f40247af52a45 /fs/nfs/nfs3proc.c | |
parent | b7fa0554cf1ba6d6895cd0a5b02989a26e0bc704 (diff) |
[PATCH] NFS: Fix handling of the umask when an NFSv3 default acl is present.
NFSv3 has no concept of a umask on the server side: The client applies
the umask locally, and sends the effective permissions to the server.
This behavior is wrong when files are created in a directory that has a
default ACL. In this case, the umask is supposed to be ignored, and
only the default ACL determines the file's effective permissions.
Usually its the server's task to conditionally apply the umask. But
since the server knows nothing about the umask, we have to do it on the
client side. This patch tries to fetch the parent directory's default
ACL before creating a new file, computes the appropriate create mode to
send to the server, and finally sets the new file's access and default
acl appropriately.
Many thanks to Buck Huppmann <buchk@pobox.com> for sending the initial
version of this patch, as well as for arguing why we need this change.
Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
Acked-by: Olaf Kirch <okir@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'fs/nfs/nfs3proc.c')
-rw-r--r-- | fs/nfs/nfs3proc.c | 36 |
1 files changed, 30 insertions, 6 deletions
diff --git a/fs/nfs/nfs3proc.c b/fs/nfs/nfs3proc.c index d03bac0cc42..a9ddc196224 100644 --- a/fs/nfs/nfs3proc.c +++ b/fs/nfs/nfs3proc.c | |||
@@ -314,7 +314,8 @@ nfs3_proc_create(struct inode *dir, struct dentry *dentry, struct iattr *sattr, | |||
314 | .fh = &fhandle, | 314 | .fh = &fhandle, |
315 | .fattr = &fattr | 315 | .fattr = &fattr |
316 | }; | 316 | }; |
317 | int status; | 317 | mode_t mode = sattr->ia_mode; |
318 | int status; | ||
318 | 319 | ||
319 | dprintk("NFS call create %s\n", dentry->d_name.name); | 320 | dprintk("NFS call create %s\n", dentry->d_name.name); |
320 | arg.createmode = NFS3_CREATE_UNCHECKED; | 321 | arg.createmode = NFS3_CREATE_UNCHECKED; |
@@ -324,6 +325,8 @@ nfs3_proc_create(struct inode *dir, struct dentry *dentry, struct iattr *sattr, | |||
324 | arg.verifier[1] = current->pid; | 325 | arg.verifier[1] = current->pid; |
325 | } | 326 | } |
326 | 327 | ||
328 | sattr->ia_mode &= ~current->fs->umask; | ||
329 | |||
327 | again: | 330 | again: |
328 | dir_attr.valid = 0; | 331 | dir_attr.valid = 0; |
329 | fattr.valid = 0; | 332 | fattr.valid = 0; |
@@ -370,6 +373,9 @@ again: | |||
370 | nfs_refresh_inode(dentry->d_inode, &fattr); | 373 | nfs_refresh_inode(dentry->d_inode, &fattr); |
371 | dprintk("NFS reply setattr (post-create): %d\n", status); | 374 | dprintk("NFS reply setattr (post-create): %d\n", status); |
372 | } | 375 | } |
376 | if (status != 0) | ||
377 | goto out; | ||
378 | status = nfs3_proc_set_default_acl(dir, dentry->d_inode, mode); | ||
373 | out: | 379 | out: |
374 | dprintk("NFS reply create: %d\n", status); | 380 | dprintk("NFS reply create: %d\n", status); |
375 | return status; | 381 | return status; |
@@ -539,15 +545,24 @@ nfs3_proc_mkdir(struct inode *dir, struct dentry *dentry, struct iattr *sattr) | |||
539 | .fh = &fhandle, | 545 | .fh = &fhandle, |
540 | .fattr = &fattr | 546 | .fattr = &fattr |
541 | }; | 547 | }; |
542 | int status; | 548 | int mode = sattr->ia_mode; |
549 | int status; | ||
543 | 550 | ||
544 | dprintk("NFS call mkdir %s\n", dentry->d_name.name); | 551 | dprintk("NFS call mkdir %s\n", dentry->d_name.name); |
545 | dir_attr.valid = 0; | 552 | dir_attr.valid = 0; |
546 | fattr.valid = 0; | 553 | fattr.valid = 0; |
554 | |||
555 | sattr->ia_mode &= ~current->fs->umask; | ||
556 | |||
547 | status = rpc_call(NFS_CLIENT(dir), NFS3PROC_MKDIR, &arg, &res, 0); | 557 | status = rpc_call(NFS_CLIENT(dir), NFS3PROC_MKDIR, &arg, &res, 0); |
548 | nfs_refresh_inode(dir, &dir_attr); | 558 | nfs_refresh_inode(dir, &dir_attr); |
549 | if (status == 0) | 559 | if (status != 0) |
550 | status = nfs_instantiate(dentry, &fhandle, &fattr); | 560 | goto out; |
561 | status = nfs_instantiate(dentry, &fhandle, &fattr); | ||
562 | if (status != 0) | ||
563 | goto out; | ||
564 | status = nfs3_proc_set_default_acl(dir, dentry->d_inode, mode); | ||
565 | out: | ||
551 | dprintk("NFS reply mkdir: %d\n", status); | 566 | dprintk("NFS reply mkdir: %d\n", status); |
552 | return status; | 567 | return status; |
553 | } | 568 | } |
@@ -642,6 +657,7 @@ nfs3_proc_mknod(struct inode *dir, struct dentry *dentry, struct iattr *sattr, | |||
642 | .fh = &fh, | 657 | .fh = &fh, |
643 | .fattr = &fattr | 658 | .fattr = &fattr |
644 | }; | 659 | }; |
660 | mode_t mode = sattr->ia_mode; | ||
645 | int status; | 661 | int status; |
646 | 662 | ||
647 | switch (sattr->ia_mode & S_IFMT) { | 663 | switch (sattr->ia_mode & S_IFMT) { |
@@ -654,12 +670,20 @@ nfs3_proc_mknod(struct inode *dir, struct dentry *dentry, struct iattr *sattr, | |||
654 | 670 | ||
655 | dprintk("NFS call mknod %s %u:%u\n", dentry->d_name.name, | 671 | dprintk("NFS call mknod %s %u:%u\n", dentry->d_name.name, |
656 | MAJOR(rdev), MINOR(rdev)); | 672 | MAJOR(rdev), MINOR(rdev)); |
673 | |||
674 | sattr->ia_mode &= ~current->fs->umask; | ||
675 | |||
657 | dir_attr.valid = 0; | 676 | dir_attr.valid = 0; |
658 | fattr.valid = 0; | 677 | fattr.valid = 0; |
659 | status = rpc_call(NFS_CLIENT(dir), NFS3PROC_MKNOD, &arg, &res, 0); | 678 | status = rpc_call(NFS_CLIENT(dir), NFS3PROC_MKNOD, &arg, &res, 0); |
660 | nfs_refresh_inode(dir, &dir_attr); | 679 | nfs_refresh_inode(dir, &dir_attr); |
661 | if (status == 0) | 680 | if (status != 0) |
662 | status = nfs_instantiate(dentry, &fh, &fattr); | 681 | goto out; |
682 | status = nfs_instantiate(dentry, &fh, &fattr); | ||
683 | if (status != 0) | ||
684 | goto out; | ||
685 | status = nfs3_proc_set_default_acl(dir, dentry->d_inode, mode); | ||
686 | out: | ||
663 | dprintk("NFS reply mknod: %d\n", status); | 687 | dprintk("NFS reply mknod: %d\n", status); |
664 | return status; | 688 | return status; |
665 | } | 689 | } |