On Mon, May 11, 2009 at 07:11:00PM -0400, jim owens wrote:
> Joel Becker wrote:
>> Here's v4 of reflink(). If you have the privileges, you get the
>> full snapshot. If you don't, you must have read access, and then you
>> get the entire snapshot (data and extended attributes) except that the
>> security context is reinitialized. That's it. It fits with most of the
>> other ops, and it's a clean degradation.
>
> I really like this. It has a nice clean user operational definition
> and gives them all the snap/cowfile features. And if they had the
> privilege to do the reflink(), they can just chattr away :)
>
> jim
>
>> + /*
>> + * If the caller has the rights, reflink() will preserve the
>> + * security context of the source inode.
>> + */
>> + if ((current_fsuid() != inode->i_uid) && !capable(CAP_CHOWN))
>> + preserve_security = 0;
>> + if ((current_fsuid() != inode->i_uid) &&
>> + !in_group_p(inode->i_gid) && !capable(CAP_CHOWN))
>> + preserve_security = 0;
>
> I have not done a code review, but that appears to be an
> editing cut-and-past duplication.
Oh, good catch.
Joel
--
"In the long run...we'll all be dead."
-Unknown
Joel Becker
Principal Software Developer
Oracle
E-mail: joel.becker@xxxxxxxxxx
Phone: (650) 506-8127
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
