[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v3 2/2] virtiofsd: Enable posix_acls by default if xattrs are
Re: [PATCH v3 2/2] virtiofsd: Enable posix_acls by default if xattrs are enabled
Wed, 24 Feb 2021 15:02:48 +0000
On Tue, Feb 23, 2021 at 05:52:50PM -0500, Vivek Goyal wrote:
> Fuse protocl wants file server to opt in for FUSE_POSIX_ACL if posix
> acls are to be enabled. Right now virtiofsd does not enable it. This
> patch opts in for FUSE_POSIX_ACL if xattr support is enabled.
> When parent directory has default acl and a file is created in that
> directory, then umask is ignored and final file permissions are
> determined using default acl instead. (man 2 umask).
> Currently, fuse applies the umask and sends modified mode in create
> request accordingly. fuse server can set FUSE_DONT_MASK and tell
> fuse client to not apply umask and fuse server will take care of
> it as needed.
> With posix acls enabled, requirement will be that we want umask
> to determine final file mode if parent directory does not have
> default acl.
> So if posix acls are enabled, opt in for FUSE_DONT_MASK. virtiofsd
> will set umask of the thread doing file creation. And host kernel
> should use that umask if parent directory does not have default
> acls, otherwise umask does not take affect.
> Miklos mentioned that we already call unshare(CLONE_FS) for
> every thread. That means umask has now become property of per
> thread and it should be ok to manipulate it in file creation path.
> So this patch also opts in for FUSE_DONT_MASK if posix acls are enabled
> and changes umask to caller umask before file creation and restores
> original umask after file creation is done.
> This should fix fstest generic/099.
> Reported-by: Luis Henriques <email@example.com>
> Signed-off-by: Vivek Goyal <firstname.lastname@example.org>
> tools/virtiofsd/passthrough_ll.c | 29 +++++++++++++++++++++++------
> 1 file changed, 23 insertions(+), 6 deletions(-)
Reviewed-by: Stefan Hajnoczi <email@example.com>
Description: PGP signature