summaryrefslogtreecommitdiffstats
path: root/xlators
diff options
context:
space:
mode:
authorAnand Avati <avati@gluster.com>2011-08-10 23:11:36 +0530
committerAnand Avati <avati@gluster.com>2011-08-10 22:06:56 -0700
commit5ce1b5c357d490f68ae89bfd3ce31326a81a1183 (patch)
tree2705025ee5bdd3a33d14ab1d8fc13ff787b482eb /xlators
parentb58dc65f2ac305056a25a2177cee9a03cd1bdca2 (diff)
posix-acl: disable permission checks for fd based ops
If write calls are coming in through an fd with O_RDWR or O_WRONLY flag then a permission check is unnecessary. However writes from NFS ideally need a "stateless" check in each call and this results in a permission failure due to the read-only mode (disregarding the FD's writeability). For now it is acceptable to disable write checks as almost always the NFS client would already be doing such basic access control. Also because the previous access-control translator (prior to posix ACL introduction) too was permitting writes and reads unconditionally. In fact the Linux KNFS server too assumes the NFS client would have done the permission check. Change-Id: I33e5de8911a87881f9341b8b92574780c2dfbeba BUG: 3388 Reviewed-on: http://review.gluster.com/208 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@gluster.com>
Diffstat (limited to 'xlators')
-rw-r--r--xlators/system/posix-acl/src/posix-acl.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/xlators/system/posix-acl/src/posix-acl.c b/xlators/system/posix-acl/src/posix-acl.c
index 6526e6a64..8648485cf 100644
--- a/xlators/system/posix-acl/src/posix-acl.c
+++ b/xlators/system/posix-acl/src/posix-acl.c
@@ -1904,8 +1904,10 @@ fini (xlator_t *this)
struct xlator_fops fops = {
.lookup = posix_acl_lookup,
.open = posix_acl_open,
+#if FD_MODE_CHECK_IS_IMPLEMENTED
.readv = posix_acl_readv,
.writev = posix_acl_writev,
+#endif
.ftruncate = posix_acl_ftruncate,
.access = posix_acl_access,
.truncate = posix_acl_truncate,