rpc: bring in root-squashing behavior in rpc

* requests coming in as root are converted to nfsnobody

* with open-behind some acl checks wont happen and nfsnobody
  can read the file "whose owner is root and other users do not
  have permission to read the file". This is becasue open-behind
  does not send the open to the brick and sends success to the
  application, thus the acl related tests on the file wont happen
  which would have prevented the file from being opened.

Change-Id: I12a3e6b2a12884d00bb81f2779074fed09b1b2e4
BUG: 887145
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-on: http://review.gluster.org/4619
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Jeff Darcy <jdarcy@redhat.com>

1 files changed, 22 insertions, 1 deletions

diff --git a/rpc/rpc-lib/src/rpcsvc.h b/rpc/rpc-lib/src/rpcsvc.h
index 7fdeaeb04..1323c8b7a 100644
--- a/rpc/rpc-lib/src/rpcsvc.h
+++ b/rpc/rpc-lib/src/rpcsvc.h
@@ -48,6 +48,10 @@
 #define RPCSVC_POOLCOUNT_MULT           64
 #define RPCSVC_CONN_READ        (128 * GF_UNIT_KB)
 #define RPCSVC_PAGE_SIZE        (128 * GF_UNIT_KB)
+#define RPC_ROOT_UID             0
+#define RPC_ROOT_GID             0
+#define RPC_NOBODY_UID           65534
+#define RPC_NOBODY_GID           65534
 
 /* RPC Record States */
 #define RPCSVC_READ_FRAGHDR     1
@@ -261,7 +265,22 @@ struct rpcsvc_request {
 #define rpcsvc_request_vecstate(req) ((req)->vecstate)
 #define rpcsvc_request_transport(req) ((req)->trans)
 #define rpcsvc_request_transport_ref(req) (rpc_transport_ref((req)->trans))
-
+#define RPC_AUTH_ROOT_SQUASH(req)                                       \
+        do {                                                            \
+                int gidcount = 0;                                       \
+                if (req->svc->root_squash) {                            \
+                        if (req->uid == RPC_ROOT_UID)                   \
+                                req->uid = RPC_NOBODY_UID;              \
+                        if (req->gid == RPC_ROOT_GID)                   \
+                                req->gid = RPC_NOBODY_GID;              \
+                        for (gidcount = 0; gidcount < req->auxgidcount; \
+                             ++gidcount) {                              \
+                                if (!req->auxgids[gidcount])            \
+                                        req->auxgids[gidcount] =        \
+                                                RPC_NOBODY_GID;         \
+                        }                                               \
+                }                                                       \
+        } while (0);
 
 #define RPCSVC_ACTOR_SUCCESS    0
 #define RPCSVC_ACTOR_ERROR      (-1)
@@ -546,6 +565,8 @@ rpcsvc_transport_unix_options_build (dict_t **options, char *filepath);
 int
 rpcsvc_set_allow_insecure (rpcsvc_t *svc, dict_t *options);
 int
+rpcsvc_set_root_squash (rpcsvc_t *svc, dict_t *options);
+int
 rpcsvc_auth_array (rpcsvc_t *svc, char *volname, int *autharr, int arrlen);
 char *
 rpcsvc_volume_allowed (dict_t *options, char *volname);