diff options
| author | Xie Changlong <xiechanglong@cmss.chinamobile.com> | 2018-12-03 19:02:32 +0800 |
|---|---|---|
| committer | Amar Tumballi <amarts@redhat.com> | 2018-12-05 21:45:49 +0000 |
| commit | ad446dabb88439ba83e2092021b09894351e8e71 (patch) | |
| tree | e6c9185465db7ea058d1f3fbc46fd16624edd81f /rpc/rpc-lib/src/rpcsvc-auth.c | |
| parent | 7f7716f8194e06754d0417f27bcc40638c9f9f83 (diff) | |
protocol/server: support server.all-squash
We still use gnfs on our side, so do a little work to support
server.all-squash. Just like server.root-squash, it's also a
volume wide option. Also see bz#1285126
$ gluster volume set <VOLNAME> server.all-squash on
Note: If you enable server.root-squash and server.all-squash
at the same time, only server.all-squash works. Please refer
to following table
+---------------+-----------------+---------------------------+
| |all_squash | no_all_squash |
+-------------------------------------------------------------+
| | |anonuid/anongid for root |
|root_squash |anonuid/anongid |useruid/usergid for no-root|
+-------------------------------------------------------------+
|no_root_squash |anonuid/anongid |useruid/usergid |
+-------------------------------------------------------------+
Updates bz#1285126
Signed-off-by: Xie Changlong <xiechanglong@cmss.chinamobile.com>
Signed-off-by: Xue Chuanyu <xuechuanyu@cmss.chinamobile.com>
Change-Id: Iea043318fe6e9a75fa92b396737985062a26b47e
Diffstat (limited to 'rpc/rpc-lib/src/rpcsvc-auth.c')
| -rw-r--r-- | rpc/rpc-lib/src/rpcsvc-auth.c | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/rpc/rpc-lib/src/rpcsvc-auth.c b/rpc/rpc-lib/src/rpcsvc-auth.c index da260ade0c0..7c45c9b2a97 100644 --- a/rpc/rpc-lib/src/rpcsvc-auth.c +++ b/rpc/rpc-lib/src/rpcsvc-auth.c @@ -274,6 +274,44 @@ rpcsvc_set_root_squash(rpcsvc_t *svc, dict_t *options) } int +rpcsvc_set_all_squash(rpcsvc_t *svc, dict_t *options) +{ + int ret = -1; + + uid_t anonuid = -1; + gid_t anongid = -1; + + GF_ASSERT(svc); + GF_ASSERT(options); + + ret = dict_get_str_boolean(options, "all-squash", 0); + if (ret != -1) + svc->all_squash = ret; + else + svc->all_squash = _gf_false; + + ret = dict_get_uint32(options, "anonuid", &anonuid); + if (!ret) + svc->anonuid = anonuid; + else + svc->anonuid = RPC_NOBODY_UID; + + ret = dict_get_uint32(options, "anongid", &anongid); + if (!ret) + svc->anongid = anongid; + else + svc->anongid = RPC_NOBODY_GID; + + if (svc->all_squash) + gf_log(GF_RPCSVC, GF_LOG_DEBUG, + "all squashing enabled " + "(uid=%d, gid=%d)", + svc->anonuid, svc->anongid); + + return 0; +} + +int rpcsvc_auth_init(rpcsvc_t *svc, dict_t *options) { int ret = -1; @@ -283,6 +321,7 @@ rpcsvc_auth_init(rpcsvc_t *svc, dict_t *options) (void)rpcsvc_set_allow_insecure(svc, options); (void)rpcsvc_set_root_squash(svc, options); + (void)rpcsvc_set_all_squash(svc, options); (void)rpcsvc_set_addr_namelookup(svc, options); ret = rpcsvc_auth_add_initers(svc); if (ret == -1) { @@ -316,6 +355,10 @@ rpcsvc_auth_reconf(rpcsvc_t *svc, dict_t *options) if (ret) return (-1); + ret = rpcsvc_set_all_squash(svc, options); + if (ret) + return (-1); + return rpcsvc_set_addr_namelookup(svc, options); } |