[Bugs] [Bug 1246397] New: POSIX ACLs as used by a FUSE mount can not use more than 32 groups

bugzilla at redhat.com bugzilla at redhat.com
Fri Jul 24 08:28:16 UTC 2015 

https://bugzilla.redhat.com/show_bug.cgi?id=1246397

            Bug ID: 1246397
           Summary: POSIX ACLs as used by a FUSE mount can not use more
                    than 32 groups
           Product: GlusterFS
           Version: 3.7.3
         Component: fuse
          Keywords: Triaged
          Severity: medium
          Priority: medium
          Assignee: ndevos at redhat.com
          Reporter: ndevos at redhat.com
                CC: bugs at gluster.org, gluster-bugs at redhat.com
        Depends On: 1246275



+++ This bug was initially created as a clone of Bug #1246275 +++

Description of problem:
When enabling support for POSIX ACLs on a FUSE mount with the "-o acl" mount
option, permission checks only use the first 32 groups of a user. If
permissions of a directory/file are permitted by groups further in the
group-list, the permissions are not applied. The group-list of the user is
truncated to the fist 32 groups.

Version-Release number of selected component (if applicable):
mainline

How reproducible:
100%

Steps to Reproduce:
1. mount a volume with "-o acl"
2. create a lot of groups (33 or more)
3. create a user that belongs to a lot of groups
4. create a directory on the volume
5. add a POSIX ACL to the new directory, allow writes for the directory to the 
   last group the user belongs to (setfacl -m g:123456:rwx /path/new/dir)
6. create a new file in the director as the user

Actual results:
"Permission denied"

Expected results:
The user should be allowed to create the file, the user is member of the group
with write access.

Additional info:
If the number of groups the user belongs to is higher than ~93, the volume
option server.manage-gids needs to be enabled too.


Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=1246275
[Bug 1246275] POSIX ACLs as used by a FUSE mount can not use more than 32
groups
-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=UVX3unlNrJ&a=cc_unsubscribe

More information about the Bugs mailing list