[LU-1549] open-unlinked files are accessible through the PENDING directory Created: 21/Jun/12  Updated: 29/Apr/14  Resolved: 03/Sep/12

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: Lustre 2.3.0, Lustre 2.1.2
Fix Version/s: None

Type: Bug Priority: Minor
Reporter: John Hammond Assignee: Keith Mannthey (Inactive)
Resolution: Duplicate Votes: 0
Labels: fid
Environment:
  1. cat /proc/fs/lustre/version
    lustre: 2.2.55
    kernel: patchless_client
    build: 2.2.55-gef32640-CHANGED-2.6.32-220.13.1.el6.l22.x86_64

Issue Links:
Duplicate
duplicates LU-1532 only allow FID_SEQ_NORMAL from clients Resolved
Related
is related to LU-1518 Missing/bad operations in mdd_{obf,do... Resolved
Severity: 3
Rank (Obsolete): 6105

 Description   

Open-unlinked files can be read (depending on inode/process permissions) through the PENDING directory.

root]# w# cat /proc/fs/lustre/version
lustre: 2.2.55
kernel: patchless_client
build:  2.2.55-gef32640-CHANGED-2.6.32-220.13.1.el6.l22.x86_64
hoami
root
[root]# cd /mnt/lustre
[root]# lsof /mnt/lustre
COMMAND   PID   USER   FD   TYPE      DEVICE SIZE/OFF  NODE NAME
lsof     4392   root  cwd    DIR 1273,181606   376832 25003 /mnt/lustre
lsof     4393   root  cwd    DIR 1273,181606   376832 25003 /mnt/lustre
bash    20096   root  cwd    DIR 1273,181606   376832 25003 /mnt/lustre
bash    21418 sanity  cwd    DIR 1273,181606   376832 25003 /mnt/lustre
[root]# echo SEACREST > PASSWORD
[root]# exec 3<PASSWORD
[root]# rm -f PASSWORD
[root]# lsof /mnt/lustre
COMMAND   PID   USER   FD   TYPE      DEVICE SIZE/OFF               NODE NAME
lsof     4575   root  cwd    DIR 1273,181606   376832              25003 /mnt/lustre
lsof     4576   root  cwd    DIR 1273,181606   376832              25003 /mnt/lustre
bash    20096   root  cwd    DIR 1273,181606   376832              25003 /mnt/lustre
bash    20096   root    3r   REG 1273,181606        9 144115206094586102 /mnt/lustre/PASSWORD (dele\
ted)
bash    21418 sanity  cwd    DIR 1273,181606   376832              25003 /mnt/lustre

sys_getdents is equivalent to `ls -ia' but prints d_type as well.

[sanity]$ whoami
sanity
[sanity]$ cd /mnt/lustre
[sanity]$ sys_getdents -x .
d  200000001000006 `.'
d  20000000100000d `..'
d             61ac `.lustre'
[sanity]$ sys_getdents -x .lustre/fid/[0x200000001:0xd:0x0] | grep ^d
d                c `CONFIGS'
d          b000000 `lost+found'
d          2000000 `.'
d             61ab `ROOT'
d          2000000 `..'
d             61a9 `OBJECTS'
d             61aa `PENDING'
d                e `NIDTBL_VERSIONS'
[sanity]$ cd .lustre/fid/[0x200000001:0xd:0x0]/PENDING
[sanity]$ sys_getdents -x . ## PENDING dirpages not cache coherent.
d  200000001000007 `.'
r  2000004320000a2 `0000000200000432:000000a2:00000000: 0'
d  20000000100000d `..'
[sanity]$ cat '0000000200000432:000000a2:00000000: 0'
cat: 0000000200000432:000000a2:00000000: 0: No such file or directory
[sanity]$ stat '0000000200000432:000000a2:00000000: 0'
stat: cannot stat `0000000200000432:000000a2:00000000: 0': No such file or directory
$ touch SANITY ## Force PENDING dirpages to be reread.
touch: cannot touch `SANITY': Permission denied
$ sys_getdents -x .
r  2000004320000f6 `0000000200000432:000000f6:00000000: 0'
d  200000001000007 `.'
d  20000000100000d `..'

We can't open these files unless we stat() (or accesss()) them first.

$ cat '0000000200000432:000000f6:00000000: 0'
cat: 0000000200000432:000000f6:00000000: 0: No such file or directory
$ stat '0000000200000432:000000f6:00000000: 0'
  File: `0000000200000432:000000f6:00000000: 0'
  Size: 9                                    Blocks: 8          IO Block: 2097152 regular file
Device: 2c54f966h/743766374d                 Inode: 144115206094586102  Links: 1
Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2012-06-20 16:24:14.000000000 -0500
Modify: 2012-06-20 16:24:14.000000000 -0500
Change: 2012-06-20 16:24:21.000000000 -0500
$ cat '0000000200000432:000000f6:00000000: 0'
SEACREST

In 2.1.2, I'm not sure how to access the ldiskfs root, but the FID of
the PENDING directory can be guessed from that of the ROOT (maybe it's
always the same anyway).

[sanity]$ lfs path2fid .
[0x61ab:0x46d01c7d:0x0]
$ sys_getdents -x .lustre/fid/[0x61aa:0x46d01c7c:0x0]
r  200000400000001 `0000000200000400:00000001:00000000: 0'
d             61aa `.'
d          2000000 `..'
[sanity]$ cat '.lustre/fid/[0x61aa:0x46d01c7c:0x0]/0000000200000400:00000001:00000000: 0'
SEACREST


 Comments   
Comment by Oleg Drokin [ 05/Jul/12 ]

I kind of think this is not all that important.

If I am the user and one of my processes deleted some file while holding it open, and there is a way to access the file anyway - I can always attach to the process holding the file open and get access that way.

Comment by Andreas Dilger [ 05/Jul/12 ]

These bugs are symptoms that internal files and directories should not be accessible through .lustre.

Comment by Andreas Dilger [ 05/Jul/12 ]

This is related to the LU-1518 bug Keith is already working on.

Comment by Andreas Dilger [ 03/Sep/12 ]

This is really a duplicate of LU-1532 - clients should be allowed to access files that are not in FID_SEQ_NORMAL (with a few exceptions).

Comment by Andreas Dilger [ 03/Sep/12 ]

This will also be handled in LU-1532.

Generated at Sat Feb 10 01:17:37 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.