diff options
author | Raghavendra Bhat <raghavendra@redhat.com> | 2013-05-02 12:56:46 +0530 |
---|---|---|
committer | Anand Avati <avati@redhat.com> | 2013-09-09 17:21:24 -0700 |
commit | 975d0c003ac77a28be2847fb96a8a86251ee08b2 (patch) | |
tree | 121029d06b775baaa3050475d455e47c8aefd733 | |
parent | eb62d02f349a793b7b7a08825888f88681acbe55 (diff) |
system/posix-acl: check for the sticky bit of the parent directory
* While creating links, check if there is sticky bit set for the parent
directory and whether the sticky bit permits the user to create the link.
Change-Id: Ic0d09d9ed579c4eb47462c71602a3a60cc7d3bc1
BUG: 958691
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-on: http://review.gluster.org/4934
Reviewed-by: Amar Tumballi <amarts@redhat.com>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Anand Avati <avati@redhat.com>
Reviewed-on: http://review.gluster.org/5813
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
-rw-r--r-- | tests/bugs/bug-958691.t | 50 | ||||
-rw-r--r-- | xlators/system/posix-acl/src/posix-acl.c | 5 |
2 files changed, 55 insertions, 0 deletions
diff --git a/tests/bugs/bug-958691.t b/tests/bugs/bug-958691.t new file mode 100644 index 000000000..a5ac406c9 --- /dev/null +++ b/tests/bugs/bug-958691.t @@ -0,0 +1,50 @@ +#!/bin/bash +. $(dirname $0)/../include.rc +. $(dirname $0)/../volume.rc + +cleanup; + +TEST glusterd +TEST pidof glusterd +TEST $CLI volume create $V0 $H0:$B0/${V0}{0,1} +TEST $CLI volume start $V0; + +TEST glusterfs --volfile-server=$H0 --volfile-id=$V0 $M0; +sleep 1; +TEST mount -t nfs -o vers=3,nolock $H0:/$V0 $N0; + +sleep 2; + +# Tests for the fuse mount +TEST mkdir $M0/dir; +TEST chmod 1777 $M0/dir; +TEST touch $M0/dir/file{1,2}; + +TEST $CLI volume set $V0 server.root-squash enable; + +mv $M0/dir/file1 $M0/dir/file11 2>/dev/null; +TEST [ $? -ne 0 ]; + +TEST $CLI volume set $V0 server.root-squash disable; +TEST rm -rf $M0/dir; + +sleep 1; + +# tests for nfs mount +TEST mkdir $N0/dir; +TEST chmod 1777 $N0/dir; +TEST touch $N0/dir/file{1,2}; + +TEST $CLI volume set $V0 server.root-squash enable; + +mv $N0/dir/file1 $N0/dir/file11 2>/dev/null; +TEST [ $? -ne 0 ]; + +TEST $CLI volume set $V0 server.root-squash disable; +TEST rm -rf $N0/dir; +TEST umount $N0; + +TEST $CLI volume stop $V0; +TEST $CLI volume delete $V0; + +cleanup; diff --git a/xlators/system/posix-acl/src/posix-acl.c b/xlators/system/posix-acl/src/posix-acl.c index f6246d92c..3e2f7f212 100644 --- a/xlators/system/posix-acl/src/posix-acl.c +++ b/xlators/system/posix-acl/src/posix-acl.c @@ -1394,6 +1394,11 @@ posix_acl_link (call_frame_t *frame, xlator_t *this, loc_t *old, loc_t *new, dic goto red; } + if (!sticky_permits (frame, new->parent, new->inode)) { + op_errno = EACCES; + goto red; + } + STACK_WIND (frame, posix_acl_link_cbk, FIRST_CHILD(this), FIRST_CHILD(this)->fops->link, old, new, xdata); |