Suresh Jayaraman wrote:
wengang wang wrote:
Suresh Jayaraman wrote:
wengang wang wrote:
sometimes HPUX nfs client sends a create request to linux nfs
server(v2/v3).
the dump of the request is like:
obj_attributes
mode: value follows
set_it: value follows (1)
mode: 00
uid: no value
set_it: no value (0)
gid: value follows
set_it: value follows (1)
gid: 8030
size: value follows
set_it: value follows (1)
size: 0
atime: don't change
set_it: don't change (0)
mtime: don't change
set_it: don't change (0)
note that mode is 00(havs no rwx privilege even for the owner) and it
requires
to set size to 0.
What's the Create Mode in this case? EXCLUSIVE or UNCHECKED?
it's UNCHECKED.
What's the error the server is returning without this patch -
ERR_NOTSUPP?
permission deny, that is NFS3ERR_ACCES.
I tested this on 2.6.27.7 with a small program which does this:
fd = open("file", O_CREAT, 0000);
The file creation succeeded with file size set to 0 and the subsequent
chmod too.
tcpdump available for your test?
just after the creation, is the file mode 0000?
Here are the relevant packets (both server and client are running 2.6.27.7)
<snip>
Network File System, CREATE Call DH:0x83dc449c/myfile Mode:UNCHECKED
[Program Version: 3]
[V3 Procedure: CREATE (8)]
where
dir
Name: myfile
Create Mode: UNCHECKED (0)
obj_attributes
mode: value follows
set_it: value follows (1)
mode: 00
0... .... .... = not SUID
.0.. .... .... = not SGID
..0. .... .... = not save swapped text
...0 .... .... = no Read permission for owner
.... 0... .... = no Write permission for owner
.... .0.. .... = no Execute permission for owner
.... ..0. .... = no Read permission for group
.... ...0 .... = no Write permission for group
.... .... 0... = no Execute permission for group
.... .... .0.. = no Read permission for others
.... .... ..0. = no Write permission for others
.... .... ...0 = no Execute permission for others
uid: no value
gid: no value
size: no value
Here is the difference, hpux request to set size to 0.
size: value follows
set_it: value follows (1)
size: 0
changing size(no matter the new size is equal to old size or not) needs
WRITE privilege.
For specific file systems that does permission check, such as gfs, they
fails at permission
check (in the gfs case, generic_permission()). the patch I posted is
based on "setting size
to it's original size is unnecessary".
Actually, I think the nfsd_create() should an "atomic" operation like
create_with_attr(),
in which, we don't do permission check, instead of create() and then
setattr().
but seems this needs lots of work. so I would like to take the above
trick before the
create_with_attr() is out.
thanks,
wengang.
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
