[LU-9074] Read-only Bind Mount of Lustre Allows File Creation Created: 02/Feb/17  Updated: 27/Jun/17  Resolved: 19/Jun/17

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: None
Fix Version/s: Lustre 2.10.0

Type: Bug Priority: Major
Reporter: Noopur Maheshwari (Inactive) Assignee: WC Triage
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
Severity: 3
Rank (Obsolete): 9223372036854775807

 Description   

On attempting to set up some read-only bind mounts on nodes in order to provide pseudo isolation within the single namespace of a Lustre FS, the following issue is seen.

After the read-only bind mount is created on Lustre mount /work, files can still be created. Although the created file cannot be written to:

Set up the bind mount using /work:

 # mount --bind /work /tmp/bind_ro/

 # mount -o remount,ro /tmp/bind_ro/

 # mount | grep bind_ro
 /work on /tmp/bind_ro type none (ro,bind)

Touch a file that does not exist, which yields an error.

 # touch /tmp/bind_ro/gbrown
 touch: cannot touch `/tmp/bind_ro/gbrown': Read-only file system

It would be expected that the preceding 'touch' did not create a file.

However, a file was created:

 ls -l /tmp/bind_ro/gbrown
 -rw-r--r-- 1 root root 0 Sep  9 13:59 /tmp/bind_ro/gbrown

Though the file was created, it cannot be written to:

We can't write data to the file, the cat below returns no output.

 # echo foo > /tmp/bind_ro/gbrown
 -bash: /tmp/bind_ro/gbrown: Read-only file system
 
 # cat /tmp/bind_ro/gbrown

Comparatively, no file is created when the read-only bind mount is executed on NFS::

 # mount --bind /cm/shared/ /tmp/bind_ro/

 # mount -o remount,ro /tmp/bind_ro/
 
 # touch /tmp/bind_ro/gbrown
 touch: cannot touch `/tmp/bind_ro/gbrown': Read-only file system
 
 # ls -l /tmp/bind_ro/gbrown
 ls: cannot access /tmp/bind_ro/gbrown: No such file or directory 

The following are strace excerpts comparing the 'touch' process between Lustre and NFS:

Attempting to touch a file within a read-only bind mount of a Lustre FS.

 # strace -v -s 1024 touch foobar 2>&1 | tee /tmp/strace_lustre.out
 
 ...
 
 futex(0x7fffffff925c, FUTEX_WAKE_PRIVATE, 1) = 0
 futex(0x7fffffff925c, 0x189 /* FUTEX_??? */, 1, NULL, 2aaaab470700) = -1 EAGAIN (Resource temporarily unavailable)
 rt_sigaction(SIGRTMIN, {0x2aaaab2588f0, [], SA_RESTORER|SA_SIGINFO, 0x2aaaab262850}, NULL, 8) = 0
 rt_sigaction(SIGRT_1, {0x2aaaab258980, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x2aaaab262850}, NULL, 8) = 0
 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
 getrlimit(RLIMIT_STACK, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0
 brk(0)                                  = 0x60e000
 brk(0x62f000)                           = 0x62f000
 open("foobar", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = -1 EROFS (Read-only file system)
 utimensat(AT_FDCWD, "foobar", NULL, 0)  = -1 EROFS (Read-only file system)
 write(2, "touch: ", 7touch: )                  = 7
 write(2, "cannot touch `foobar'", 21cannot touch `foobar')   = 21
 write(2, ": Read-only file system", 23: Read-only file system) = 23
 write(2, "\n", 1
 )                       = 1
 close(1)                                = 0
 close(2)                                = 0
 exit_group(1)                           = ?

File is created.

 # stat foobar
 
   File: `foobar'
   Size: 0               Blocks: 0          IO Block: 4194304 regular empty file
 Device: 886a9b20h/2288687904d   Inode: 144116072587526409  Links: 1
 Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
 Access: 2016-09-21 07:51:29.000000000 +0000
 Modify: 2016-09-21 07:51:29.000000000 +0000
 Change: 2016-09-21 07:51:29.000000000 +0000
  Birth: -

Attempting to touch a file within a read-only bind mount of a NFS FS.

 # strace -v -s 1024 touch foobar 2>&1 | tee /tmp/strace_nfs.out
 
 ...
 
 futex(0x7fffffff925c, FUTEX_WAKE_PRIVATE, 1) = 0
 futex(0x7fffffff925c, 0x189 /* FUTEX_??? */, 1, NULL, 2aaaab470700) = -1 EAGAIN (Resource temporarily unavailable)
 rt_sigaction(SIGRTMIN, {0x2aaaab2588f0, [], SA_RESTORER|SA_SIGINFO, 0x2aaaab262850}, NULL, 8) = 0
 rt_sigaction(SIGRT_1, {0x2aaaab258980, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x2aaaab262850}, NULL, 8) = 0
 rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
 getrlimit(RLIMIT_STACK, {rlim_cur=RLIM_INFINITY, rlim_max=RLIM_INFINITY}) = 0
 brk(0)                                  = 0x60e000
 brk(0x62f000)                           = 0x62f000
 open("foobar", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = -1 EROFS (Read-only file system)
 utimensat(AT_FDCWD, "foobar", NULL, 0)  = -1 ENOENT (No such file or directory)
 write(2, "touch: ", 7touch: )                  = 7
 write(2, "cannot touch `foobar'", 21cannot touch `foobar')   = 21
 write(2, ": Read-only file system", 23: Read-only file system) = 23
 write(2, "\n", 1
 )                       = 1
 close(1)                                = 0
 close(2)                                = 0
 exit_group(1)                           = ?

File is not created.

 # stat foobar
 
 stat: cannot stat `foobar': No such file or directory

 

 



 Comments   
Comment by Gerrit Updater [ 02/Feb/17 ]

Noopur Maheshwari (noopur.maheshwari@seagate.com) uploaded a new patch: https://review.whamcloud.com/25204
Subject: LU-9074 tests: test file creation for ro bind mnt
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: e4f0facb3497bddb2e2129005990f169d722fa60

Comment by Gerrit Updater [ 02/Feb/17 ]

Noopur Maheshwari (noopur.maheshwari@seagate.com) uploaded a new patch: https://review.whamcloud.com/25205
Subject: LU-9074 llite: Stop file creation for ro bind mnt
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 67314ddc726a9aa528f3f827aed52f929331fbdf

Comment by Gerrit Updater [ 19/Jun/17 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch https://review.whamcloud.com/25204/
Subject: LU-9074 llite: Stop file creation for ro bind mnt
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 6da95b1d20ebd32eace18f28070b446155588eff

Comment by Peter Jones [ 19/Jun/17 ]

Landed for 2.10

Generated at Sat Feb 10 02:23:02 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.