[LU-5434] Invalid system.posix_acl_access breaks permissions enforcement

Related — Thu, 18 Sep 2014 00:28:53 +0000

With a ZFS MDT it is possible to create files and directories with invalid "empty" ACLs. We have observed that this can lead to permission denied errors when access should be granted based on group membership. More specifically, if a directory has an invalid system.posix_acl_access xattr, a user may be unexpectedly denied access to it. If the root user populates the local cache by listing the directory, the non-root user is no longer denied access, at least until caches are dropped.

The console session below demonstrates the behavior. First we create an invalid default ACL using setfattr. Then we create a subdirectory which inherits the invalid ACL in system.posix_acl_access. A user then gets permission denied for the new subdirectory until root lists it.

# hype356 /p/lcratery/bass6 > chown bass6:fstest .
# hype356 /p/lcratery/bass6 > chmod 750 .
# hype356 /p/lcratery/bass6 > setfattr -n system.posix_acl_default -v '\002\000\000\000' .
# hype356 /p/lcratery/bass6 > mkdir t
# hype356 /p/lcratery/bass6 > getfattr -m. -d t > /dev/null
t: system.posix_acl_access: No such attribute
# hype356 /p/lcratery/bass6 > chown bass6:fstest t
# hype356 /p/lcratery/bass6 > chmod 750 t
# hype356 /p/lcratery/bass6 > touch t/f
 
# hype356 /p/lcratery/bass6 >
# hype356 /p/lcratery/bass6 > cd t
# hype356 /p/lcratery/bass6/t > su behlendo -c "/bin/ls -l `pwd`"
/bin/ls: cannot open directory /p/lcratery/bass6/t: Permission denied
# hype356 /p/lcratery/bass6/t > ls -al
total 12
drwxr-x--- 2 bass6 fstest 5632 Jul 30 19:28 .
drwxr-x--- 3 bass6 fstest 5632 Jul 30 19:28 ..
-rw-rw-rw- 1 root  root      0 Jul 30 19:29 f
# hype356 /p/lcratery/bass6/t > su behlendo -c "/bin/ls -l `pwd`"
total 1
-rw-rw-rw- 1 root root 0 Jul 30 19:29 f
# hype356 /p/lcratery/bass6 > groups behlendo
behlendo : behlendo bgldev fstest lcstaff linuxdev

Whamcloud Community JIRA

[LU-5434] Invalid system.posix_acl_access breaks permissions enforcement