diff options
| author | Raghavendra Bhat <raghavendra@redhat.com> | 2013-04-19 12:27:03 +0530 | 
|---|---|---|
| committer | Vijay Bellur <vbellur@redhat.com> | 2014-02-10 23:32:05 -0800 | 
| commit | 28209283a67f13802cc0c1d3df07c676926810a2 (patch) | |
| tree | 5cf62085fa1a4bbc6d76eb1763f343c6116ea195 /tests/bugs | |
| parent | 97ce783de326b51fcba65737f07db2c314d1e218 (diff) | |
protocol/server: do not do root-squashing for trusted clients
* As of now clients mounting within the storage pool using that machine's
  ip/hostname are trusted clients (i.e clients local to the glusterd).
* Be careful when the request itself comes in as nfsnobody (ex: posix tests).
  So move the squashing part to protocol/server when it creates a new frame
  for the request, instead of auth part of rpc layer.
* For nfs servers do root-squashing without checking if it is trusted client,
  as all the nfs servers would be running within the storage pool, hence will
  be trusted clients for the bricks.
* Provide one more option for mounting which actually says root-squash
  should/should not happen. This value is given priority only for the trusted
  clients. For non trusted clients, the volume option takes the priority. But
  for trusted clients if root-squash should not happen, then they have to be
  mounted with root-squash=no option. (This is done because by default
  blocking root-squashing for the trusted clients will cause problems for smb
  and UFO clients for which the requests have to be squashed if the option is
  enabled).
* For geo-replication and defrag clients do not do root-squashing.
* Introduce a new option in open-behind for doing read after successful open.
Change-Id: I8a8359840313dffc34824f3ea80a9c48375067f0
BUG: 954057
Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com>
Reviewed-on: http://review.gluster.org/4863
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Diffstat (limited to 'tests/bugs')
| -rwxr-xr-x | tests/bugs/bug-954057.t | 44 | 
1 files changed, 44 insertions, 0 deletions
| diff --git a/tests/bugs/bug-954057.t b/tests/bugs/bug-954057.t new file mode 100755 index 00000000000..30bc1d77e6c --- /dev/null +++ b/tests/bugs/bug-954057.t @@ -0,0 +1,44 @@ +#!/bin/bash + +. $(dirname $0)/../include.rc +. $(dirname $0)/../volume.rc + +#This script checks if use-readdirp option works as accepted in mount options + + +TEST glusterd +TEST pidof glusterd +TEST $CLI volume create $V0 $H0:$B0/${V0} +TEST $CLI volume start $V0 + +TEST glusterfs --volfile-id=/$V0 --volfile-server=$H0 $M0 + +TEST mkdir $M0/dir +TEST mkdir $M0/nobody +TEST chown nfsnobody:nfsnobody $M0/nobody +TEST `echo "file" >> $M0/file` +TEST cp $M0/file $M0/new +TEST chmod 700 $M0/new +TEST cat $M0/new + +TEST $CLI volume set $V0 server.root-squash enable +TEST `echo 3 > /proc/sys/vm/drop_caches` +TEST ! mkdir $M0/other +TEST mkdir $M0/nobody/other +TEST cat $M0/file +TEST ! cat $M0/new +TEST `echo "nobody" >> $M0/nobody/file` + +#mount the client without root-squashing +TEST glusterfs --volfile-id=/$V0 --volfile-server=$H0 --no-root-squash=yes $M1 +TEST mkdir $M1/m1_dir +TEST `echo "file" >> $M1/m1_file` +TEST cp $M0/file $M1/new +TEST chmod 700 $M1/new +TEST cat $M1/new + +TEST $CLI volume set $V0 server.root-squash disable +TEST mkdir $M0/other +TEST cat $M0/new + +cleanup | 
