[Bugs] [Bug 1460649] New: posix-acl: Whitelist virtual ACL xattrs

Mon Jun 12 10:35:32 UTC 2017

https://bugzilla.redhat.com/show_bug.cgi?id=1460649

            Bug ID: 1460649
           Summary: posix-acl: Whitelist virtual ACL xattrs
           Product: GlusterFS
           Version: 3.10
         Component: posix-acl
          Keywords: Triaged
          Severity: high
          Assignee: bugs at gluster.org
          Reporter: skoduri at redhat.com
                CC: bugs at gluster.org
        Depends On: 1459971
            Blocks: 1459972, 1460647

+++ This bug was initially created as a clone of Bug #1459971 +++

Description of problem:

Similar to system.posix_acl_* xattrs, all users should be able to read virtual
acl xattrs too (glusterfs.posix-acl-*). 

Otherwise it shall result in EACCESS error when any non-root user is trying to
ACL of any file created under gluster volume.

Version-Release number of selected component (if applicable):

How reproducible:
Always

Steps to Reproduce:
1. Start NFS-ganesha using a non-root user
2. Export a volume via NFS-Ganesha
3. Mount the volume using NFSv4
4. Try to read/get acl.

Actual results:
It results in "Permission denied" error.

Expected results:
All users should be able to read POSIX ACLs for any file.

Additional info:

--- Additional comment from Worker Ant on 2017-06-08 13:28:48 EDT ---

REVIEW: https://review.gluster.org/17493 (posix-acl: Whitelist virtual ACL
xattrs) posted (#1) for review on master by soumya k (skoduri at redhat.com)

--- Additional comment from Worker Ant on 2017-06-09 07:10:05 EDT ---

COMMIT: https://review.gluster.org/17493 committed in master by Niels de Vos
(ndevos at redhat.com) 
------
commit 68f2192df570b5ee615d440c2e0c88d49a75a34f
Author: Soumya Koduri <skoduri at redhat.com>
Date:   Thu Jun 8 22:19:17 2017 +0530

    posix-acl: Whitelist virtual ACL xattrs

    Similar to system.posix_acl_* xattrs, all users should get
    permission to be able to read glusterfs.posix.acl* xattrs too.

    Change-Id: I1fc2b67c8a12113910e4ec57cd114e4baefe0d38
    BUG: 1459971
    Signed-off-by: Soumya Koduri <skoduri at redhat.com>
    Reviewed-on: https://review.gluster.org/17493
    Smoke: Gluster Build System <jenkins at build.gluster.org>
    Reviewed-by: jiffin tony Thottan <jthottan at redhat.com>
    NetBSD-regression: NetBSD Build System <jenkins at build.gluster.org>
    CentOS-regression: Gluster Build System <jenkins at build.gluster.org>
    Reviewed-by: Raghavendra Talur <rtalur at redhat.com>
    Reviewed-by: Niels de Vos <ndevos at redhat.com>

Referenced Bugs:

https://bugzilla.redhat.com/show_bug.cgi?id=1459971
[Bug 1459971] posix-acl: Whitelist virtual ACL xattrs
https://bugzilla.redhat.com/show_bug.cgi?id=1459972
[Bug 1459972] posix-acl: Whitelist virtual ACL xattrs
https://bugzilla.redhat.com/show_bug.cgi?id=1460647
[Bug 1460647] posix-acl: Whitelist virtual ACL xattrs
-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.