Linux could write to read only files on FreeBSD NFS server
jdelisle
jdelisle at gmail.com
Thu Feb 27 20:05:38 UTC 2020
Without the requested info running your script is a waste of time. This
already strikes me as a case of user-error/ RTFM, but I'm giving you the
benefit of the doubt and asking for info that's absolutely necessary to
even begin looking at this.
On Thu, Feb 27, 2020 at 1:19 PM Luoqi Chen <luoqi.chen at gmail.com> wrote:
> I gather you haven't tried the script -- I didn't bother to include more
> details because they didn't seem to matter, this is not some corner case
> scenario. My guess is this is something fundamental, like, linux expects
> the server side to enforce the access control while freebsd assumes that
> the client has already done the check.
>
> On Thu, Feb 27, 2020 at 10:40 AM jdelisle <jdelisle at gmail.com> wrote:
>
>> I feel like this is missing a lot of important information needed to
>> answer your question.
>>
>> What's your NFS mount command? What user are you running that script
>> as? What do the permissions look like on the NFS server side? What does
>> your NFS export look like? etc..
>>
>> On Thu, Feb 27, 2020 at 11:42 AM Luoqi Chen <luoqi.chen at gmail.com> wrote:
>>
>>> Hi,
>>>
>>> This was actually a pretty old problem, I noticed it a few years back and
>>> have been monitoring it when I upgrade the os on either the linux or the
>>> freebsd side -- it's still present between the latest centos and freebsd
>>> as
>>> of today. I meant to look into this issue myself, but had never found
>>> time
>>> for it, that's why I'm writing to this list, maybe it's a known problem
>>> or
>>> someone's willing to spend some time on it.
>>>
>>> And here you go, the problem,
>>>
>>> % cat ~/rotest.sh
>>> #!/bin/sh
>>> cp /dev/null x
>>> getfacl x
>>> chmod -w x
>>> getfacl x
>>> echo aaa >> x
>>> echo status $?
>>> cat x
>>> rm -f x
>>> % sh ~/rotest.sh
>>> # file: x
>>> # owner: luoqi
>>> # group: wheel
>>> user::rw-
>>> group::r--
>>> other::r--
>>>
>>> # file: x
>>> # owner: luoqi
>>> # group: wheel
>>> user::r--
>>> group::r--
>>> other::r--
>>>
>>> status 0
>>> aaa
>>>
>>> The script was run on a centos inside a directory nfs mounted from a
>>> freebsd. The append would fail for a centos/centos or a freebsd/freebsd
>>> combo. It's very easy to reproduce, it doesn't depend on any specific
>>> centos or freebsd version, nor on nfs version 3 or 4, nor on underlying
>>> file system ffs or zfs.
>>>
>>> -luoqi
>>> _______________________________________________
>>> freebsd-fs at freebsd.org mailing list
>>> https://lists.freebsd.org/mailman/listinfo/freebsd-fs
>>> To unsubscribe, send any mail to "freebsd-fs-unsubscribe at freebsd.org"
>>>
>>
More information about the freebsd-fs
mailing list