summaryrefslogtreecommitdiffstats
path: root/xlators/system/posix-acl
Commit message (Collapse)AuthorAgeFilesLines
* posix-acl: Whitelist virtual ACL xattrsSoumya Koduri2017-06-091-0/+4
| | | | | | | | | | | | | | | | Similar to system.posix_acl_* xattrs, all users should get permission to be able to read glusterfs.posix.acl* xattrs too. Change-Id: I1fc2b67c8a12113910e4ec57cd114e4baefe0d38 BUG: 1459971 Signed-off-by: Soumya Koduri <skoduri@redhat.com> Reviewed-on: https://review.gluster.org/17493 Smoke: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: Raghavendra Talur <rtalur@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com>
* Remove unused conditionnalMichael Scherer2017-02-261-15/+0
| | | | | | | | | | | | | | | The code is using a got to jump 1 line further, which is a no-op. Found by coverty scan Change-Id: Ic8698e2f86ebd9472b3104b09920ab7946c3b4fc BUG: 789278 Signed-off-by: Michael Scherer <misc@redhat.com> Reviewed-on: https://review.gluster.org/16714 Smoke: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: Shyamsundar Ranganathan <srangana@redhat.com> Tested-by: Michael Scherer <misc@fedoraproject.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
* access_control : address O_TRUNC and O_APPEND flag properly in posix_acl_openJiffin Tony Thottan2016-12-141-2/+3
| | | | | | | | | | | | | | | | | In posix_acl_open, in switch value passed is (flag & O_ACCMODE). The value for O_ACCMODE is 0003, so the result will always be less than or equal to 3. But value for O_TRUNC is 01000 and O_APPEND is 02000, so it is not right to check it in switch case Change-Id: Ia17db80a6a5f681c35e08e062d384f33ef7e0354 BUG: 1387241 Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com> Reviewed-on: http://review.gluster.org/15688 Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: Niels de Vos <ndevos@redhat.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
* system/posix-acl: Log reason for EACCESPranith Kumar K2016-11-173-15/+160
| | | | | | | | | | | | | | | | It is becoming increasingly difficult to debug the reason why posix-acl decides to fail a fop with EACCES. This patch prints a big log everytime such a condition occurs giving out the details that may help in finding why the fop is errored out. Change-Id: I2505baaafb5d77ef6c187554ff027df9b20468db BUG: 1394548 Signed-off-by: Pranith Kumar K <pkarampu@redhat.com> Reviewed-on: http://review.gluster.org/15837 Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: Raghavendra Talur <rtalur@redhat.com>
* posix-acl: check dictionary before using itRajesh Joseph2016-11-041-0/+3
| | | | | | | | | | | | | | | | | | | | | | | If extended attributes are not present in md-cache it returns NULL as xattr. posix acl xlator should check for NULL before using xattr. If normal and default ACLs are not set on file then md-cache will not contain system.posix_acl_access and system.posix_acl_default extended attributes in its cache. Therefore posix_acl_lookup_cbk should check xattr before using it, otherwise the logs will get filled with dictionary errors. Change-Id: Icebf73cf0b313bd3e82ca8cbda63786dd0fa47da BUG: 1391387 Signed-off-by: Rajesh Joseph <rjoseph@redhat.com> Reviewed-on: http://review.gluster.org/15769 Reviewed-by: Raghavendra Talur <rtalur@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Vijay Bellur <vbellur@redhat.com> CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
* build: out-of-tree builds generates files in the wrong directoryKaleb S KEITHLEY2016-09-181-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | And minor cleanup of a few of the Makefile.am files while we're at it. Rewrite the make rules to do what xdrgen does. Now we can get rid of xdrgen. Note 1. netbsd6's sed doesn't do -i. Why are we still running smoke tests on netbsd6 and not netbsd7? We barely support netbsd7 as it is. Note 2. Why is/was libgfxdr.so (.../rpc/xdr/src/...) linked with libglusterfs? A cut-and-paste mistake? It has no references to symbols in libglusterfs. Note3. "/#ifndef\|#define\|#endif/" (note the '\'s) is a _basic_ regex that matches the same lines as the _extended_ regex "/#(ifndef|define|endif)/". To match the extended regex sed needs to be run with -r on Linux; with -E on *BSD. However NetBSD's and FreeBSD's sed helpfully also provide -r for compatibility. Using a basic regex avoids having to use a kludge in order to run sed with the correct option on OS X. Note 4. Not copying the bit of xdrgen that inserts copyright/license boilerplate. AFAIK it's silly to pretend that machine generated files like these can be copyrighted or need license boilerplate. The XDR source files have their own copyright and license; and their copyrights are bound to be more up to date than old boilerplate inserted by a script. From what I've seen of other Open Source projects -- e.g. gcc and its C parser files generated by yacc and lex -- IIRC they don't bother to add copyright/license boilerplate to their generated files. It appears that it's a long-standing feature of make (SysV, BSD, gnu) for out-of-tree builds to helpfully pretend that the source files it can find in the VPATH "exist" as if they are in the $cwd. rpcgen doesn't work well in this situation and generates files with "bad" #include directives. E.g. if you `rpcgen ../../../../$srcdir/rpc/xdr/src/glusterfs3-xdr.x`, you get an #include directive in the generated .c file like this: ... #include "../../../../$srcdir/rpc/xdr/src/glusterfs3-xdr.h" ... which (obviously) results in compile errors on out-of-tree build because the (generated) header file doesn't exist at that location. Compared to `rpcgen ./glusterfs3-xdr.x` where you get: ... #include "glusterfs3-xdr.h" ... Which is what we need. We have to resort to some Stupid Make Tricks like the addition of various .PHONY targets to work around the VPATH "help". Warning: When doing an in-tree build, -I$(top_builddir)/rpc/xdr/... looks exactly like -I$(top_srcdir)/rpc/xdr/... Don't be fooled though. And don't delete the -I$(top_builddir)/rpc/xdr/... bits Change-Id: Iba6ab96b2d0a17c5a7e9f92233993b318858b62e BUG: 1330604 Signed-off-by: Kaleb S KEITHLEY <kkeithle@redhat.com> Reviewed-on: http://review.gluster.org/14085 Tested-by: Niels de Vos <ndevos@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: Niels de Vos <ndevos@redhat.com>
* system/posix-acl: Unwind with NULL xdata on errorPranith Kumar K2016-09-131-17/+19
| | | | | | | | | | | | | | | | | | | | | | In posix-acl when there are errors xdata that comes as part of input is used to unwind which can be used as response xdata which may lead to problems as the keys in the input will match with keys in the output but the values the response xdata may expect can be completely different. For example, we see that dht sends DHT_IATT_IN_XDATA_KEY in setxattr which will be unwound with the same key in the xdata-response which dht thinks is valid response and fills stbuf with invalid values leading to EIO BUG: 1374093 Change-Id: I6b77a1fa1ee99cb62e181e1db2e6fea73f6eaaa3 Signed-off-by: Pranith Kumar K <pkarampu@redhat.com> Reviewed-on: http://review.gluster.org/15421 Smoke: Gluster Build System <jenkins@build.gluster.org> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.org> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com>
* __inode_ctx_put: fix mem leak on failurePrasanna Kumar Kalever2016-06-011-0/+4
| | | | | | | | | | | | | | | | | | | up on failure case __inode_ctx_put need to free the allocated memory Indirect leak of 104 byte(s) in 1 object(s) allocated from: #0 0x496669 in __interceptor_calloc (/usr/local/sbin/glusterfsd+0x496669) #1 0x7f8a288522f9 in __gf_calloc libglusterfs/src/mem-pool.c:117 #2 0x7f8a17235962 in __posix_acl_ctx_get xlators/system/posix-acl/src/posix-acl.c:308 Change-Id: I0ce6da3967c55931a70f77d8551ccf52e4cdfda3 BUG: 1338733 Signed-off-by: Prasanna Kumar Kalever <prasanna.kalever@redhat.com> Reviewed-on: http://review.gluster.org/14505 Tested-by: Prasanna Kumar Kalever <pkalever@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
* posix_acl: create inode ctx for posix_acl_getvmallika2016-04-111-10/+26
| | | | | | | | | | | Change-Id: Ibe5b00cd4b5d896133adc61f65094d783c492ed4 BUG: 1325822 Signed-off-by: vmallika <vmallika@redhat.com> Reviewed-on: http://review.gluster.org/13961 Smoke: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
* posix_acl: skip acl_permits for special clientsvmallika2016-04-061-11/+28
| | | | | | | | | | | Change-Id: I3f478b7e4ecab517200f50eb09f65a634c029437 BUG: 1320818 Signed-off-by: vmallika <vmallika@redhat.com> Reviewed-on: http://review.gluster.org/13894 Smoke: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
* storage/posix: send proper iatt attributes for the root inodeRaghavendra Bhat2016-03-261-12/+46
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * changes in posix to send proper iatt attributes for the root directory when ancestry is built. Before posix was filling only the gfid and the inode type in the iatt structure keeping rest of the fields zeros. This was cached by posix-acl and used to send EACCES when some fops came on that object if the uid of the caller is same as the uid of the object on the disk. * getting and setting inode_ctx in function 'posix_acl_ctx_get' is not atomic and can lead to memory leak when there are multiple looups for an inode at same time. This patch fix this problem * Linking an inode in posix_build_ancestry, can cause a race in posix_acl. When parent inode is linked in posix_build_ancestry, and before it reaches posix_acl_readdirp_cbkc, reate/lookup can come on a leaf-inode, as parent-inode-ctx not yet updated in posix_acl_readdirp_cbk, create/lookup can fail with EACCESS. So do the inode linking in the quota xlator Change-Id: I3101eefb65551cc4162c4ff2963be1b73deacd6d BUG: 1320818 Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com> Reviewed-on: http://review.gluster.org/13730 Tested-by: Vijaikumar Mallikarjuna <vmallika@redhat.com> Smoke: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> CentOS-regression: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Raghavendra G <rgowdapp@redhat.com>
* access-control : remove spurious error message from the posix_setxattr_cbkJiffin Tony Thottan2016-02-091-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | A check for dictionary is required before calling handling_other_acl_related_xattr() in posix_setxattr_cbk(). Otherwise following message will be poped up on every settxattr call. [2016-01-31 17:38:48.027792] I [dict.c:473:dict_get] (-->/usr/lib/x86_64-linux-gnu/glusterfs/3.7.6/xlator/system/posix-acl.so (posix_acl_setxattr_cbk+0x26) [0x7f2334c5c166] --> /usr/lib/x86_64-linux-gnu/glusterfs/3.7.6/xlator/system/posix-acl.so (handling_other_acl_related_xattr+0xb0) [0x7f2334c5c0f0] -->/usr/lib/x86_64-linux-gnu/libglusterfs.so.0(dict_get+0x93) [0x7f233c04b0c3] ) 0-dict: !this || key=system.posix_acl_default [Invalid argument] Change-Id: I93f7e0f764c94dce38bdde95a68341f69a52122d BUG: 1303501 Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com> Reviewed-on: http://review.gluster.org/13325 Smoke: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> CentOS-regression: Gluster Build System <jenkins@build.gluster.com> NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Jeff Darcy <jdarcy@redhat.com>
* build: export minimum symbols from xlators for correct resolutionKaleb S KEITHLEY2015-12-221-1/+1
| | | | | | | | | | | | | | | | | | | | | | Revisiting http://review.gluster.org/#/c/11814/, which unintentionally introduced warnings from libtool about the xlator .so names. According to [1], the -module option must appear in the Makefile.am file(s); if -module is defined in a macro, e.g. in configure(.ac), then libtool will not recognize that this is a module and will emit a warning. [1] http://www.gnu.org/software/automake/manual/automake.html#Libtool-Modules Change-Id: Ifa5f9327d18d139597791c305aa10cc4410fb078 BUG: 1248669 Signed-off-by: Kaleb S KEITHLEY <kkeithle@redhat.com> Reviewed-on: http://review.gluster.org/13003 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: soumya k <skoduri@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com>
* build: export minimum symbols from xlators for correct resolutionKaleb S. KEITHLEY2015-09-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | We've been lucky that we haven't had any symbol collisions until now. Now we have a collision between the snapview-client's svc_lookup() and libntirpc's svc_lookup() with nfs-ganesha's FSAL_GLUSTER and libgfapi. As a short term solution all the snapview-client's FOP methods were changed to static scope. See http://review.gluster.org/11805. This works in snapview-client because all the FOP methods are defined in a single source file. This solution doesn't work for other xlators with FOP methods defined in multiple source files. To address this we link with libtool's '-export-symbols $symbol-file' (a wrapper around `ld --version-script ...` --- on linux anyway) and only export the minimum required symbols from the xlator sharedlib. N.B. the libtool man page says that the symbol file should be named foo.sym, thus the rename of *.exports to *.sym. While foo.exports worked, we will follow the documentation. Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com> BUG: 1248669 Change-Id: I1de68b3e3be58ae690d8bfb2168bfc019983627c Reviewed-on: http://review.gluster.org/11814 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: soumya k <skoduri@redhat.com> Reviewed-by: Niels de Vos <ndevos@redhat.com>
* dict: dict_set_bin() should never free the pointer on errorNiels de Vos2015-07-241-0/+2
| | | | | | | | | | | | | | | | | | | | | | dict_set_bin() is handling the pointer that it passed inconsistently. Depending on the errors that can occur, the pointer passed to the dict can be free'd, but there is no guarantee. It is cleaner to have the caller free the pointer that allocated it and dict_set_bin() returned an error. When dict_set_bin() returned success, the given pointer will be free'd when dict_unref() calls data_destroy(). Many callers of dict_set_bin() already take care of free'ing the pointer on error. The ones that did not, are corrected with this change too. Change-Id: I39a4f7ebc0cae6d403baba99307d7ce408f25966 BUG: 1242280 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/11638 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: jiffin tony Thottan <jthottan@redhat.com> Reviewed-by: Raghavendra G <rgowdapp@redhat.com> Tested-by: NetBSD Build System <jenkins@build.gluster.org>
* access_control : avoid double unrefing of acl variable in its context.Jiffin Tony Thottan2015-07-121-15/+16
| | | | | | | | | | | | | | | | | In handling_other_acl_related_xattr(), acl variable is unrefered twice after updating the context of access_control translator.So the acl variable stored in the inmemory context will become invalid one. When the variable accessed again , it will result in brick crash. This patch fixes the same. Change-Id: Ib95d2e3d67b0fb20d201244a206379d6261aeb23 BUG: 1242041 Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com> Reviewed-on: http://review.gluster.org/11632 Tested-by: NetBSD Build System <jenkins@build.gluster.org> Reviewed-by: Niels de Vos <ndevos@redhat.com> Reviewed-by: soumya k <skoduri@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
* access-control : validating context of access control translatorJiffin Tony Thottan2015-07-021-4/+117
| | | | | | | | | | | | | | | | | | | | | | By introduction of new acl conversion from http://review.gluster.org/#/c/9627/, an acl can be set using GF_POSIX_ACL_*_KEY xattrs without notifying the access-control translator. So evenif an acl is set correctly at the backend, it might not work properly because access-control holds wrong acl information in its context about that file. Note : This is a simple workaround. The actual solution consists of three steps: 1.) Use new acl api's for acl conversion. 2.) Move the acl conversion part from access-control translator 3.) Introduces standard acl structures and libaries in access-translator for caching, enforcing purposes. Change-Id: Iacb6b323810ebe82f7f171f20be16429463cbcf0 BUG: 1229860 Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com> Reviewed-on: http://review.gluster.org/11144 Reviewed-by: Niels de Vos <ndevos@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
* build: Remove files completely in make uninstall.Raghavendra Talur2015-01-011-0/+3
| | | | | | | | | | | | If we create symlinks are part of make install, should remove them as part of make uninstall. Change-Id: Ie6e641caed60104cd256de4f020c1c6743d4ae60 BUG: 1177767 Signed-off-by: Raghavendra Talur <rtalur@redhat.com> Reviewed-on: http://review.gluster.org/9367 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Niels de Vos <ndevos@redhat.com>
* gNFS: Allow reading ACLs even without read permissions on the file.Meghana Madhusudhan2014-11-131-0/+2
| | | | | | | | | | | | | | | | | | When root-squash is enabled or when no permissions are given to a file, NFS threw permission errors. According to the kernel-nfs behaviour, no permissions are required to read ACLs. When no ACLs are set, the system call sys_lgetxattr fails and returns a ENODATA error. This translates to ESERVERFAULT error in NFS. Fuse makes an exception to this error and returns a success case. Similar changes are made here to achieve the expected behaviour. Change-Id: I46b8f5911114eb087a3f8ca4e921b6b41e83f3b3 BUG: 1161092 Signed-off-by: Meghana Madhusudhan <mmadhusu@redhat.com> Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/9085 Tested-by: Gluster Build System <jenkins@build.gluster.com>
* gNFS: allow truncate() from SETATTR over NFS for ownerNiels de Vos2014-10-021-5/+16
| | | | | | | | | | | | | | | | | NFSv3 does not have a TRUNCATE procedure, instead it is part of the SETATTR (change the 'size' attribute). SETATTR with a new 'size' succeeds on other NFS-servers, even when the owner of the file does not have write permissions. Make Gluster/NFS behave the same way, by checking if the RPC/pid comes from the NFS-server, and allow truncate() when the file is owned by the user calling SETATTR. BUG: 955753 Change-Id: I4b7cb8efe5a2032c6cd2eef6af610032f76d8b39 Signed-off-by: Niels de Vos <ndevos@redhat.com> Reviewed-on: http://review.gluster.org/8889 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Reviewed-by: soumya k <skoduri@redhat.com>
* gNFS: Inconsistent behaviour of setfacl/getfaclSantosh Kumar Pradhan2013-12-031-3/+3
| | | | | | | | | | | | | | The permissions returned by NFS ACL are wrong, which are rejected by NFS client as "Invalid argument". Refactor the NFS ACL code to return the proper permissions which would match with the requested permissions. Change-Id: I409a6600538a90f2c5c2e8d84657c3b508468fe6 BUG: 1035218 Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com> Reviewed-on: http://review.gluster.org/6368 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* posix-acl: Fix crash resulting from GF_FREE() done on a CALLOC'd objectKrutika Dhananjay2013-11-283-8/+53
| | | | | | | | | | | | | The object in question was created in posix_acl_inherit () and was being GF_FREE'd as part of data_destroy(). Change-Id: Ibdb7c3b5c10ce447f061bde68452502e5170de92 BUG: 1035751 Signed-off-by: Krutika Dhananjay <kdhananj@redhat.com> Reviewed-on: http://review.gluster.org/6377 Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
* gNFS: Incorrect NFS ACL encoding for XFSSantosh Kumar Pradhan2013-09-293-66/+4
| | | | | | | | | | | | | | | | | | | | | | | | Problem: Incorrect NFS ACL encoding causes "system.posix_acl_default" setxattr failure on bricks on XFS file system. XFS (potentially others?) doesn't understand when the 0x10 prefix is added to the ACL type field for default ACLs (which the Linux NFS client adds) which causes setfacl()->setxattr() to fail silently. NFS client adds NFS_ACL_DEFAULT(0x1000) for default ACL. FIX: Mask the prefix (added by NFS client) OFF, so the setfacl is not rejected when it hits the FS. Original patch by: "Richard Wareing" Change-Id: I17ad27d84f030cdea8396eb667ee031f0d41b396 BUG: 1009210 Signed-off-by: Santosh Kumar Pradhan <spradhan@redhat.com> Reviewed-on: http://review.gluster.org/5980 Reviewed-by: Amar Tumballi <amarts@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* posix-acl: fixup extended ACL entries properlyAnand Avati2013-09-252-1/+46
| | | | | | | | | | | | | | | Typically when updating cached ACL from backend, we get both iatt and ACL xattrs (like lookup, readdirplus etc.) However in calls like setattr(), the mode would have updated but we receive only iatt and not the ACL xattrs. In such case we need to "spread" the effects of the changed mode properly into the cached ACL xattr ourselves. Change-Id: I23a7bc9c14722ff6848e175ed4bbe863a21ce2c9 BUG: 998967 Signed-off-by: Anand Avati <avati@redhat.com> Reviewed-on: http://review.gluster.org/5979 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amarts@redhat.com>
* system/posix-acl: check for the sticky bit of the parent directoryRaghavendra Bhat2013-06-031-0/+5
| | | | | | | | | | | | | * While creating links, check if there is sticky bit set for the parent directory and whether the sticky bit permits the user to create the link. Change-Id: Ic0d09d9ed579c4eb47462c71602a3a60cc7d3bc1 BUG: 958691 Signed-off-by: Raghavendra Bhat <raghavendra@redhat.com> Reviewed-on: http://review.gluster.org/4934 Reviewed-by: Amar Tumballi <amarts@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* posix-acl: fetch ACLs in readdirplusAnand Avati2013-05-021-0/+6
| | | | | | | | | | | | | Not fetching ACLs in readdirplus can potentially result in spurious wrong ACL decisions (which magically go away on a lookup() which populates the ACLs) Change-Id: Ided38b4d868fab482b477ce51b4878289ef9eed0 BUG: 953694 Signed-off-by: Anand Avati <avati@redhat.com> Reviewed-on: http://review.gluster.org/4926 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
* posix-acl: disable permission checks for fd based opsshishir gowda2013-03-141-4/+4
| | | | | | | | | Signed-off-by: shishir gowda <sgowda@redhat.com> Change-Id: I9d49537c2c7b51d5598b80627d61f060aaec8549 BUG: 921437 Reviewed-on: http://review.gluster.org/4671 Reviewed-by: Vijay Bellur <vbellur@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com>
* Use proper libtool option -avoid-version instead of bogus -avoidversionAnand Avati2013-02-071-1/+1
| | | | | | | | | | Change-Id: I1c9541058c7d07786539a3266ca125a6a15287d8 BUG: 859835 Signed-off-by: Anand Avati <avati@redhat.com> Original-author: Kacper Kowalik (Xarthisius) <xarthisius.kk@gmail.com> Signed-off-by: Kacper Kowalik (Xarthisius) <xarthisius.kk@gmail.com> Reviewed-on: http://review.gluster.org/3967 Tested-by: Gluster Build System <jenkins@build.gluster.com>
* core: fixes for gcc's '-pedantic' flag buildAvra Sengupta2013-01-212-2/+2
| | | | | | | | | | | | | * warnings on 'void *' arguments * warnings on empty initializations * warnings on empty array (array[0]) Change-Id: Iae440f54cbd59580eb69f3ecaed5a9926c0edf95 BUG: 875913 Signed-off-by: Avra Sengupta <asengupt@redhat.com> Reviewed-on: http://review.gluster.org/4219 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* system/posix-acl: prevent NULL pointer dereference of group_ceVarun Shastry2012-12-261-1/+1
| | | | | | | | | | | | Thanks Amar Tumballi. Change-Id: I3ac9b46d4c3fcd12d1eec779317a03c47d267556 BUG: 887098 Signed-off-by: Varun Shastry <vshastry@redhat.com> Reviewed-on: http://review.gluster.org/4351 Reviewed-by: Amar Tumballi <amarts@redhat.com> Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
* build: split CPPFLAGS from CFLAGSJeff Darcy2012-10-031-2/+3
| | | | | | | | | | | | | | | | | Automake provides a separate variable for preprocessor flags (*_CPPFLAGS). They are already uses in a few places, so make it consistent and use it everywhere. Note that cflags obtained from pkg-config often are cppflags, which is why LIBXML2_CFLAGS moves with into AM_CPPFLAGS, for example. Change-Id: I15feed1d18b2ca497371271c4b5876d5ec6289dd BUG: 862082 Original-author: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-on: http://review.gluster.org/4029 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* build: move -L arguments out of CFLAGSJeff Darcy2012-10-031-2/+3
| | | | | | | | | | | | | | "-L" is a linker flag, and as such should be in LDFLAGS, not CFLAGS, to have guaranteed effect. Change-Id: I014db3f48823d4923b45e0695b62b124eb1a1506 BUG: 862082 Original-author: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-on: http://review.gluster.org/4028 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* build: remove useless explicit -fPIC -shared fromJeff Darcy2012-10-031-2/+2
| | | | | | | | | | | | | | | | | | | | CFLAGS libtool will automatically add "-fPIC" to the compiler command line as needed, so there is no need to specify it separately. "-shared" is normally a linker flag and has an odd effect when used with libtool --mode=compile, namely that it inhibits production of static objects. For that however, using AC_DISABLE_STATIC is a lot simpler. Change-Id: Ic4cba0fad18ffd985cf07f8d6951a976ae59a48f BUG: 862082 Original-author: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-on: http://review.gluster.org/4027 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* build: remove -nostartfiles flagJeff Darcy2012-10-021-1/+1
| | | | | | | | | | | | | | | The "-nostartfiles" is a discouraged option and is documented to potentially result in undesired behavior. Since I see no reason why it should be in glusterfs, remove it. Change-Id: I56f2b08874516ebad91447b2583ca2fb776bb7ab BUG: 862082 Original-author: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-on: http://review.gluster.org/4018 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* build: consolidate common compilation flags into one variableJeff Darcy2012-10-011-1/+1
| | | | | | | | | | | | | | | Some -D flags are present in all files, so collect them. This adds -D${GF_HOST_OS} to some compiler command lines, but this should not be a problem. Change-Id: I1aeb346143d4984c9cc4f2750c465ce09af1e6ca BUG: 862082 Original-author: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Jan Engelhardt <jengelh@inai.de> Signed-off-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-on: http://review.gluster.org/4013 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* All: License message changeVarun Shastry2012-09-134-22/+19
| | | | | | | | | | | | License message changed for server-side, dual license GPLV2 and LGPLv3+. Change-Id: Ia9e53061b9d2df3b3ef3bc9778dceff77db46a09 BUG: 852318 Signed-off-by: Varun Shastry <vshastry@redhat.com> Reviewed-on: http://review.gluster.org/3940 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com> Reviewed-by: Anand Avati <avati@redhat.com>
* License change to 2 additional files.Varun Shastry2012-09-051-15/+5
| | | | | | | | | | Change-Id: I4689602cbea0e46498d10b8785bcde86d369e75d BUG: 852318 Signed-off-by: Varun Shastry <vshastry@redhat.com> Reviewed-on: http://review.gluster.org/3880 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amarts@redhat.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
* All: License message changeVarun Shastry2012-08-283-42/+15
| | | | | | | | | | | | | | | | | | The license message is changed to Copyright (c) 2008-2012 Red Hat, Inc. <http://www.redhat.com> This file is part of GlusterFS. This file is licensed to you under your choice of the GNU Lesser General Public License, version 3 or any later version (LGPLv3 or later), or the GNU General Public License, version 2 (GPLv2), in all cases as published by the Free Software Foundation. Change-Id: I07d2b63ed5fbbbd1884f1e74f2dd56013d15b0f4 BUG: 852318 Signed-off-by: Varun Shastry <vshastry@redhat.com> Reviewed-on: http://review.gluster.org/3858 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Vijay Bellur <vbellur@redhat.com>
* posix-acl: make use of 'umask' flag passed as argument in fopAmar Tumballi2012-08-231-8/+13
| | | | | | | | | | | | | | | | | | * currently "umask" is reffered only from xdata dictionary, instead we should utilize fop argument. * not taking of setting of "umask" in fuse for now, considering the backward compatibility with earlier releases. * dict_del() the "umask" and "mode" keys from xdata dict as the fop after reaching posix layer tries to set every entry in xdata as xattr on file/dir. Change-Id: I7199b05a5bde132df20e7812a99bc02ef7b988ce Signed-off-by: Amar Tumballi <amarts@redhat.com> BUG: 850873 Reviewed-on: http://review.gluster.org/3843 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Brian Foster <bfoster@redhat.com> Reviewed-by: Anand Avati <avati@redhat.com>
* acl: enable handling of FMODE_EXEC flagAmar Tumballi2012-07-271-0/+7
| | | | | | | | | | | | | | | | | | | | | | on linux systems, with open(), we can get below flag as per 'linux/fs.h'. /* File is opened for execution with sys_execve / sys_uselib */ Instead of adding '#include <linux/fs.h>, its better to copy this absolute number into other variable because then we have to deal with declaring fmode_t etc etc.. With the fix, we can handle the file with '0711' permissions in the same way as backend linux filesystems. Change-Id: Ib1097fc0d2502af89c92d561eb4123cba15713f5 Signed-off-by: Amar Tumballi <amarts@redhat.com> Reviewed-on: http://review.gluster.com/3739 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Niels de Vos <ndevos@redhat.com> Tested-by: Niels de Vos <ndevos@redhat.com> Reviewed-by: Anand Avati <avati@redhat.com>
* remove useless if-before-free (and free-like) functionsJim Meyering2012-07-131-4/+2
| | | | | | | | | | | | See comments in http://bugzilla.redhat.com/839925 for the code to perform this change. Signed-off-by: Jim Meyering <meyering@redhat.com> BUG: 839925 Change-Id: I10e4ecff16c3749fe17c2831c516737e08a3205a Reviewed-on: http://review.gluster.com/3661 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* cluster/dht : Acl fix for distribute directory selfhealKaushal M2012-03-261-4/+2
| | | | | | | | | | | | Send acl xattrs, if present in the xattrs returned during lookup, during directory self-heal. Change-Id: I5337bbd3f3963aeed500a8a552e5f6713089b53e BUG: 764787 Signed-off-by: Kaushal M <kaushal@redhat.com> Reviewed-on: http://review.gluster.com/737 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* core: adding extra data for fopsAmar Tumballi2012-03-221-121/+137
| | | | | | | | | | | | | with this change, the xlator APIs will have a dictionary as extra argument, which is passed between all the layers. This can be utilized for overloading in some of the operations. Change-Id: I58a8186b3ef647650280e63f3e5e9b9de7827b40 Signed-off-by: Amar Tumballi <amarts@redhat.com> BUG: 782265 Reviewed-on: http://review.gluster.com/2960 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* system/posix-acl: fix reference counting in posix_acl_readdirp_cbkBrian Foster2012-03-141-12/+21
| | | | | | | | | | | | unref. the acl pointers from posix_acl_get() Change-Id: I1247f64ceded17bfa204d1b899ec56a27bef0cdb Signed-off-by: Brian Foster <bfoster@redhat.com> BUG: 801183 Reviewed-on: http://review.gluster.com/2904 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-by: Amar Tumballi <amarts@redhat.com>
* system/posix-acl: fix acl inode assignment in posix_acl_readdirp_cbkBrian Foster2012-03-141-9/+7
| | | | | | | | | | | | | | | | If an entry includes no ACL returned via dictionary, it is possible to skip down to acl_set without updating acl_access and/or acl_default. If either are set from the previous iteration, the unrelated ACLs are set to the current entry. Use a single set of pointers to ensure that valid ACLs are always set. Change-Id: Ia94887ded91845bc39d4d5e95ef00d190681e517 BUG: 801183 Signed-off-by: Brian Foster <bfoster@redhat.com> Reviewed-on: http://review.gluster.com/2903 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Jeff Darcy <jdarcy@redhat.com> Reviewed-by: Amar Tumballi <amarts@redhat.com>
* core: add an extra flag to readv()/writev() APIAmar Tumballi2012-02-141-4/+4
| | | | | | | | | | | | needed to implement a proper handling of open flag alterations using fcntl() on fd. Change-Id: Ic280d5db6f1dc0418d5c439abb8db1d3ac21ced0 Signed-off-by: Amar Tumballi <amar@gluster.com> BUG: 782265 Reviewed-on: http://review.gluster.com/2723 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@redhat.com>
* core: get xattrs also as part of readdirpAmar Tumballi2012-01-251-3/+74
| | | | | | | | | | | | | readdirp_req() call sends a dict_t * as an argument, which contains all the xattr keys for which the entries got in readdirp_rsp() are having xattr value filled dictionary. Change-Id: I8b7e1290740ea3e884e67d19156ce849227167c0 Signed-off-by: Amar Tumballi <amar@gluster.com> BUG: 765785 Reviewed-on: http://review.gluster.com/771 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@gluster.com>
* posix-acl: properly process umask in case client sent itLubomir Rintel2012-01-121-1/+17
| | | | | | | | | | | | | | | | | | | | | | | | | FUSE used to interpret the umask itself. That was a bad idea, since there are cases where umask is not applied, such as when extended POSIX ACLs are present and default ACLs are set on parent directory. The FUSE bridge was changed to send original mode with umask (alongside masked mode, for compatibility). If that is the case, we decide whether to apply the umask or not in the posix-acl translator depending on whether a default umask is set, or not. The original, broken, behavior is preserved in following cases: * Unpatched client (not sending umask with original mode) * Unpatched server (not understanding umask with original mode) * Old FUSE on client side (FUSE < 7.12 or linux < 2.6.31) (can not find out the umask and original mode) Change-Id: I2e3bfc4c7c9611bc51119ca5c8e28f6582677516 Signed-off-by: Lubomir Rintel <lubo.rintel@gooddata.com> Tested-by: Lubomir Rintel <lubo.rintel@gooddata.com> BUG: 765508 Reviewed-on: http://review.gluster.com/668 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@gluster.com>
* features/posix-acl: handle fini for features/posix-aclshishir gowda2011-12-261-0/+24
| | | | | | | | | Signed-off-by: shishir gowda <shishirng@gluster.com> Change-Id: I6cd3a9c3a513cc2a998b82610613bbfa0622eec4 BUG: 767862 Reviewed-on: http://review.gluster.com/811 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Amar Tumballi <amar@gluster.com>
* build: warning suppression (round n)Amar Tumballi2011-10-201-7/+13
| | | | | | | | | | with this patch, there are no more warnings with gcc (GCC) 4.6.1 20110908 Change-Id: Ice0d52d304b9846395f8a4a191c98eb53125f792 BUG: 2550 Reviewed-on: http://review.gluster.com/607 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Anand Avati <avati@gluster.com>