From fcc230c99dd7318c2bee54beaa152b5a8c66f186 Mon Sep 17 00:00:00 2001 From: Jeff Darcy Date: Thu, 7 Feb 2013 13:57:42 -0500 Subject: features: add a directory-protection translator This is useful to find all calls that remove a file from the protected directory, including renames and internal calls. Such calls will cause a stack trace to be logged. There's a filter script to add the needed translators, and then the new functionality can be invoked with one of the following commands. setfattr -n trusted.glusterfs.protect -v log $dir setfattr -n trusted.glusterfs.protect -v reject $dir setfattr -n trusted.glusterfs.protect -v anything_else $dir The first logs calls, but still allows them. The second rejects them with EPERM. The third turns off protection for that directory. Change-Id: Iee4baaf8e837106be2b4099542cb7dcaae40428c BUG: 888072 Signed-off-by: Jeff Darcy Reviewed-on: http://review.gluster.org/4496 Tested-by: Gluster Build System Reviewed-by: Anand Avati --- xlators/features/protect/src/prot_server.c | 51 ++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 xlators/features/protect/src/prot_server.c (limited to 'xlators/features/protect/src/prot_server.c') diff --git a/xlators/features/protect/src/prot_server.c b/xlators/features/protect/src/prot_server.c new file mode 100644 index 00000000000..beaee0889b7 --- /dev/null +++ b/xlators/features/protect/src/prot_server.c @@ -0,0 +1,51 @@ +/* + Copyright (c) 2013 Red Hat, Inc. + This file is part of GlusterFS. + + This file is licensed to you under your choice of the GNU Lesser + General Public License, version 3 or any later version (LGPLv3 or + later), or the GNU General Public License, version 2 (GPLv2), in all + cases as published by the Free Software Foundation. +*/ +#ifndef _CONFIG_H +#define _CONFIG_H +#include "config.h" +#endif + +#include "xlator.h" +#include "defaults.h" + +int32_t +init (xlator_t *this) +{ + if (!this->children || this->children->next) { + gf_log (this->name, GF_LOG_ERROR, + "translator not configured with exactly one child"); + return -1; + } + + if (!this->parents) { + gf_log (this->name, GF_LOG_WARNING, + "dangling volume. check volfile "); + } + + return 0; +} + + +void +fini (xlator_t *this) +{ + return; +} + + +struct xlator_fops fops = { +}; + +struct xlator_cbks cbks = { +}; + +struct volume_options options[] = { + { .key = {NULL} }, +}; -- cgit