summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVijaykumar M <vmallika@redhat.com>2013-12-12 11:40:36 +0530
committerVijay Bellur <vbellur@redhat.com>2013-12-16 06:54:26 -0800
commita9623ada6f7b39ac2d567f66a496072487d8e6ec (patch)
tree0231e694085a22c79c90ba407ec04baa8a33f4af
parent40e13bc5b44d0b0cdaf7833c848d4a52352e0a13 (diff)
pathinfo: Provide user namespace access.
Locality can be now queried by unprivileged users with key "glusterfs.pathinfo". Setting both "glusterfs.pathinfo" and "trusted.glusterfs.pathinfo" on disk is prevented with this patch. Original Author: Vijay Bellur <vbellur@redhat.com> Change-Id: I4f7a0db8ad59165c4aeda04b23173255157a8b79 Signed-off-by: Vijaykumar M <vmallika@redhat.com> Reviewed-on: http://review.gluster.org/5101 Reviewed-by: Krishnan Parthasarathi <kparthas@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
-rw-r--r--libglusterfs/src/glusterfs.h9
-rw-r--r--xlators/cluster/afr/src/afr-inode-read.c3
-rw-r--r--xlators/cluster/dht/src/dht-common.c4
-rw-r--r--xlators/cluster/stripe/src/stripe.c7
-rw-r--r--xlators/storage/posix/src/posix-helpers.c5
-rw-r--r--xlators/storage/posix/src/posix.c6
6 files changed, 18 insertions, 16 deletions
diff --git a/libglusterfs/src/glusterfs.h b/libglusterfs/src/glusterfs.h
index dfe443016fc..ed483d19cf9 100644
--- a/libglusterfs/src/glusterfs.h
+++ b/libglusterfs/src/glusterfs.h
@@ -84,15 +84,18 @@
#define GF_XATTR_NODE_UUID_KEY "trusted.glusterfs.node-uuid"
#define GF_XATTR_VOL_ID_KEY "trusted.glusterfs.volume-id"
#define GF_XATTR_LOCKINFO_KEY "trusted.glusterfs.lockinfo"
-#define GF_XATTR_GET_REAL_FILENAME_KEY "user.glusterfs.get_real_filename:"
+#define GF_XATTR_GET_REAL_FILENAME_KEY "glusterfs.get_real_filename:"
+#define GF_XATTR_USER_PATHINFO_KEY "glusterfs.pathinfo"
#define QUOTA_LIMIT_KEY "trusted.glusterfs.quota.limit-set"
#define GF_READDIR_SKIP_DIRS "readdir-filter-directories"
#define BD_XATTR_KEY "user.glusterfs"
-#define XATTR_IS_PATHINFO(x) (strncmp (x, GF_XATTR_PATHINFO_KEY, \
- strlen (GF_XATTR_PATHINFO_KEY)) == 0)
+#define XATTR_IS_PATHINFO(x) ((strncmp (x, GF_XATTR_PATHINFO_KEY, \
+ strlen (x)) == 0) || \
+ (strncmp (x, GF_XATTR_USER_PATHINFO_KEY, \
+ strlen (x)) == 0))
#define XATTR_IS_NODE_UUID(x) (strncmp (x, GF_XATTR_NODE_UUID_KEY, \
strlen (GF_XATTR_NODE_UUID_KEY)) == 0)
#define XATTR_IS_LOCKINFO(x) (strncmp (x, GF_XATTR_LOCKINFO_KEY, \
diff --git a/xlators/cluster/afr/src/afr-inode-read.c b/xlators/cluster/afr/src/afr-inode-read.c
index 3e80129f935..0cfebcb9d55 100644
--- a/xlators/cluster/afr/src/afr-inode-read.c
+++ b/xlators/cluster/afr/src/afr-inode-read.c
@@ -1410,7 +1410,8 @@ afr_is_special_xattr (const char *name, fop_getxattr_cbk_t *cbk,
goto out;
}
- if (!strcmp (name, GF_XATTR_PATHINFO_KEY)) {
+ if (!strcmp (name, GF_XATTR_PATHINFO_KEY) ||
+ !strcmp (name, GF_XATTR_USER_PATHINFO_KEY)) {
if (is_fgetxattr) {
*cbk = afr_fgetxattr_pathinfo_cbk;
} else {
diff --git a/xlators/cluster/dht/src/dht-common.c b/xlators/cluster/dht/src/dht-common.c
index ed4babd328c..f59bc96670c 100644
--- a/xlators/cluster/dht/src/dht-common.c
+++ b/xlators/cluster/dht/src/dht-common.c
@@ -2161,7 +2161,7 @@ dht_getxattr (call_frame_t *frame, xlator_t *this,
* (until inode_link() happens)
*/
if (key && DHT_IS_DIR(layout) &&
- ((strcmp (key, GF_XATTR_PATHINFO_KEY) == 0)
+ (XATTR_IS_PATHINFO (key)
|| (strcmp (key, GF_XATTR_NODE_UUID_KEY) == 0))) {
(void) strncpy (local->xsel, key, 256);
cnt = local->call_cnt = layout->cnt;
@@ -2176,7 +2176,7 @@ dht_getxattr (call_frame_t *frame, xlator_t *this,
/* node-uuid or pathinfo for files */
if (key && ((strcmp (key, GF_XATTR_NODE_UUID_KEY) == 0)
- || (strcmp (key, GF_XATTR_PATHINFO_KEY) == 0))) {
+ || XATTR_IS_PATHINFO (key))) {
cached_subvol = local->cached_subvol;
(void) strncpy (local->xsel, key, 256);
diff --git a/xlators/cluster/stripe/src/stripe.c b/xlators/cluster/stripe/src/stripe.c
index 8ac14cb3a87..c981262251f 100644
--- a/xlators/cluster/stripe/src/stripe.c
+++ b/xlators/cluster/stripe/src/stripe.c
@@ -5548,9 +5548,7 @@ stripe_getxattr (call_frame_t *frame, xlator_t *this,
return 0;
}
- if (name &&
- ((strncmp (name, GF_XATTR_PATHINFO_KEY,
- strlen (GF_XATTR_PATHINFO_KEY)) == 0))) {
+ if (name && (XATTR_IS_PATHINFO (name))) {
if (IA_ISREG (loc->inode->ia_type)) {
ret = inode_ctx_get (loc->inode, this,
(uint64_t *) &local->fctx);
@@ -5637,8 +5635,7 @@ stripe_is_special_xattr (const char *name)
if (!strncmp (name, GF_XATTR_LOCKINFO_KEY,
strlen (GF_XATTR_LOCKINFO_KEY))
- || !strncmp (name, GF_XATTR_PATHINFO_KEY,
- strlen (GF_XATTR_PATHINFO_KEY)))
+ || XATTR_IS_PATHINFO (name))
is_spl = _gf_true;
out:
return is_spl;
diff --git a/xlators/storage/posix/src/posix-helpers.c b/xlators/storage/posix/src/posix-helpers.c
index 0e187e0200d..86ce08cb300 100644
--- a/xlators/storage/posix/src/posix-helpers.c
+++ b/xlators/storage/posix/src/posix-helpers.c
@@ -781,7 +781,10 @@ posix_handle_pair (xlator_t *this, const char *real_path,
int sys_ret = -1;
int ret = 0;
- if (ZR_FILE_CONTENT_REQUEST(key)) {
+ if (XATTR_IS_PATHINFO (key)) {
+ ret = -EACCES;
+ goto out;
+ } else if (ZR_FILE_CONTENT_REQUEST(key)) {
ret = posix_set_file_contents (this, real_path, key, value,
flags);
} else {
diff --git a/xlators/storage/posix/src/posix.c b/xlators/storage/posix/src/posix.c
index 1ebf42150a7..7695289fae4 100644
--- a/xlators/storage/posix/src/posix.c
+++ b/xlators/storage/posix/src/posix.c
@@ -3430,8 +3430,7 @@ posix_getxattr (call_frame_t *frame, xlator_t *this,
}
goto done;
}
- if (loc->inode && name &&
- (strcmp (name, GF_XATTR_PATHINFO_KEY) == 0)) {
+ if (loc->inode && name && (XATTR_IS_PATHINFO (name))) {
if (LOC_HAS_ABSPATH (loc))
MAKE_REAL_PATH (rpath, this, loc->path);
else
@@ -3451,8 +3450,7 @@ posix_getxattr (call_frame_t *frame, xlator_t *this,
goto done;
}
size = strlen (dyn_rpath) + 1;
- ret = dict_set_dynstr (dict, GF_XATTR_PATHINFO_KEY,
- dyn_rpath);
+ ret = dict_set_dynstr (dict, (char *)name, dyn_rpath);
if (ret < 0) {
gf_log (this->name, GF_LOG_WARNING,
"could not set value (%s) in dictionary",