https://jira.whamcloud.com This file is an XML representation of an issue en-us 9.4.14 940014 05-12-2023 https://jira.whamcloud.com/browse/LU-1310 Lustre <p>The following code as root doesn't raise "EDQUOT" error on Lustre even if the user "ME" exceeded its data quota:</p> <p> #define SIZE 10240<br/> #define ME 500</p> <p> int main( int argc, char * argv[] )</p> { char * buff = NULL ; int fd =0 ; buff = malloc( SIZE ) ; setfsuid( ME ) ; fd = open( argv[1], O_CREAT|O_RDWR, 0644 ) ; printf( "buff=%p, errno=%u\n", buff, errno ) ; printf( "fd = %d\n", fd ) ; printf( "bytes written = %d, errno=%u\n", write( fd, buff, SIZE), errno ); printf( "fsync:%d errno=%u\n", fsync( fd ), errno ) ; printf( "close:%d errno=%u\n", close( fd ), errno ) ; } <p>Running it returns no error even if user 500 is out of data quota:<br/> buff=0xee8010, errno=0<br/> fd = 3<br/> bytes written = 10240, errno=0<br/> fsync:0 errno=0<br/> close:0 errno=0</p> <p>The issue is only for data quota. setfsuid() works fine for inode quota.</p> RedHat 6.0 LU-1310

setfsuid() and quotas

Bug Minor Resolved Won't Fix Niu Yawei Thomas LEIBOVICI - CEA Thu, 12 Apr 2012 10:08:24 +0000 Mon, 7 May 2012 05:25:58 +0000 Mon, 7 May 2012 05:25:58 +0000 Lustre 2.1.0 1 5 <p>Niu</p> <p>Could you please comment on this one?</p> <p>Thanks</p> <p>Peter</p> <p>reproducer</p> <p>Hi, Thomas</p> <p>Did you test it on any other fs? I ran it on my local ext4 fs, and got the same result.</p> <p>Lustre checks CAP_SYS_RESOURCE on client to determine if the process can over data quota on OST. This test program calls setfsuid only, but leave the CAP_SYS_RESOURCE capability preserved, so this process should still be able to over quota.</p> <p>To make the process not over-run quota, I think the application should both setfsuid and clear the corresponding superior capabilities, what's your opinion? Thanks.</p> <p>Thanks, I have to check this with the CEA developper who reported me this issue.</p> <p>Hi Niu,</p> <p>I do confirm that CAP_SYS_RESOURCE is ON for the process. I'll try to remove it by using prctl() or capset() or capng_update() (the one which will be the most portable and effective). Then, I'll update this thread. </p> <p> regards</p> <p> Philippe</p> <p>Hi,</p> <p>I have attached to this mail a new reproducer (reproducer_v2.c) which is the same as the former one, but does call to capget and capset.<br/> Those calls are use to remove the CAP_SYS_RESOURCE capability. The behavior does not change (write operation is allowed as errno=EDQUOT should be returned).</p> <p>Could you run 'lfs quota -v -u $USR $MNT' to see if the user is really alreay over quota first? If the user do run out of quota, could you run the reproducer 2 times to see if the second run will get EDQUOT? (for instance, ./reproducer_v2 /mnt/lustre/a; ./reproducer_v2 /mnt/lustre/b) The -EDQUOT on second run is expected behavior, otherwise, we have to collect more information to see what's wrong here.</p> <p>Let me explain why the first write will success even if the user is running out of quota:<br/> The write in reproducer is asynchronous, that first write will be written into cache, and the cache flush always ignore quota in lustre (otherwise, the cached data will be lost), when the cache flush return from server, client will know that the user is out of quota, and the second write will be turned into sync write internally in lustre, and fail for -EDQUOT at the end. </p> <p>Hi,</p> <p>lfs quota shows this (/gl is the mounted LUSTRE fs)</p> <p>lfs quota -v -u 3051 /gl<br/> Disk quotas for user 3051 (uid 3051):<br/> Filesystem kbytes quota limit grace files quota limit grace<br/> /gl 2876856* 1048576 2097152 - 78 100 150 -<br/> gl-MDT0000_UUID 4 - 1024 - 78 - 80 -<br/> gl-OST0000_UUID 698284* - 551936 - - - - -<br/> gl-OST0001_UUID 1033972* - 770048 - - - - -<br/> gl-OST0002_UUID 772192* - 699392 - - - - -<br/> gl-OST0003_UUID 372404* - 74752 - - - - -</p> <p>There are "*" after every OST information, I guess they all have "exceeded quotas". Do you confirm this ?</p> <p>I ran the reproducer (as root), with two different files as parameter. No -EDQUOT is returned and two new files of file 10240 are created. But the call will always increase the counter in lfs quota. Now lfs quota shows that :</p> <p>lfs quota -u deniel /gl<br/> Disk quotas for user deniel (uid 3051):<br/> Filesystem kbytes quota limit grace files quota limit grace<br/> /gl 2876880* 1048576 2097152 - 80 100 150 -</p> <p>The "used" space has increased from 2876856 to 2876880, much more than the 2097152 hard limit. </p> <p>What can I do to provide you with more information ?</p> <p> Regards</p> <p> Philippe </p> <blockquote> <p>There are "*" after every OST information, I guess they all have "exceeded quotas". Do you confirm this ?</p></blockquote> <p>Yes, all OSTs have exceeded quotas.</p> <p>Seems there is a defect in your reproducer:</p> <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent"> <pre class="code-java"> capdata.effective &amp;= ~CAP_SYS_RESOURCE; capdata.permitted &amp;= ~CAP_SYS_RESOURCE; </pre> </div></div> <p>should be changed to:</p> <div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent"> <pre class="code-java"> capdata.effective &amp;= ~CAP_TO_MASK(CAP_SYS_RESOURCE); capdata.permitted &amp;= ~CAP_TO_MASK(CAP_SYS_RESOURCE); </pre> </div></div> <p>And I'm not sure what's your default stripe count, if the stripe count is 1, you might need to repeat the reproducer 4 times. (there are 4 OSTs, you need to write each OST once to retrieve the out of quota informaiton to client for each of them)</p> <p>Hi Niu,</p> <p>you are perfectly right, CAP_TO_MASK is what was missing in my reproducer. Things look much better now and I finally could have the EDQUOT error that I expected. I will backport the logic inside the fixed reproducer to my program. <br/> Thanks a lot for your help.</p> <p> Regards</p> <p> Philippe </p> <p>Hi, Philippe/Thomas, can we close this ticket?</p> <p>Yes, you can <img class="emoticon" src="https://jira.whamcloud.com/images/icons/emoticons/smile.png" height="16" width="16" align="absmiddle" alt="" border="0"/></p> Development Rank 1|hzvh2v: Rank (Obsolete) 6416 Severity