Date: Wed, 8 Apr 2020 01:20:04 +0000 From: Rick Macklem <rmacklem@uoguelph.ca> To: Luoqi Chen <luoqi.chen@gmail.com> Cc: Peter Eriksson <pen@lysator.liu.se>, freebsd-fs <freebsd-fs@freebsd.org> Subject: Re: Linux could write to read only files on FreeBSD NFS server Message-ID: <YTBPR01MB366462B1755461663FFA1838DDC00@YTBPR01MB3664.CANPRD01.PROD.OUTLOOK.COM> In-Reply-To: <CAHJqQju34pZAoqyJH0-Sbyw19k-Wq4GaTQtfBTX4qb073vLNXQ@mail.gmail.com> References: <CAHJqQjuEVpL4xV1dAf6scFqFfMNm1gY3jOaO64ZQJTCQi_qzcQ@mail.gmail.com> <707243CD-C67E-4DAD-AC5A-68EC11CFFDFD@lysator.liu.se> <6EC06026-DA28-4CAC-8D56-5C7856D4625E@lysator.liu.se> <YTBPR01MB3374713F573B548791A22F98DDEB0@YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM> <CAHJqQjsP-w9LAS4AV64Pu9Jmv0kVFodKdT_jLUcyop3sNVh_EA@mail.gmail.com> <202002281113.01SBDlsl017697@higson.cam.lispworks.com> <CAHJqQjt4M_j5=85wcb2hcMC7nepV0ktAtOxbinvj%2BVv2cFWG5g@mail.gmail.com> <YTBPR01MB337401285CAA695E1D7AA5BADDE70@YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM> <8247CFFC-C324-40BB-B0DD-B469A3B35851@lysator.liu.se> <YTBPR01MB33743D2BD467E943C9781AADDDE70@YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM>, <CAHJqQju34pZAoqyJH0-Sbyw19k-Wq4GaTQtfBTX4qb073vLNXQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Luoqi Chen wrote:=0A= >On Mon, Mar 2, 2020 at 2:48 PM Rick Macklem <rmacklem@uoguelph.ca<mailto:r= macklem@uoguelph.ca>> wrote:=0A= >>Anyhow, if others test the patch and like it, I can commit it controlled = via a sysctl.=0A= >>I'd just have to decide whether it should be enabled by default or not.= =0A= >>=0A= >>rick=0A= >=0A= >It has been more than a decade since I last developed for freebsd, I don't= have=0A= >anything running -current, but I did try the fix under 12-RELEASE, and can= confirm=0A= >it works. But my test is too ad hoc, it may need more thorough regression.= =0A= I have just committed a patch to head as r359720 that I believe handles thi= s.=0A= The difference between this patch and the one I posted some weeks ago is th= at=0A= it only performs the "does file owner have permission" check for the case= =0A= where the NFSv4 Open is not creating the file.=0A= This appears to be what the Linux server does and allows both the Linux and= =0A= FreeBSD clients to exhibit correct behaviour.=0A= =0A= Since having it enabled does not seem to affect the FreeBSD client's behavi= our,=0A= I have it enabled by default, with a sysctl called vfs.nfsd.v4openaccess th= at can=0A= be set to 0 to revert the NFSv4 server to the old behaviour.=0A= =0A= This should be MFC'd to stable/12 and stable/11 in 2 weeks.=0A= =0A= Thanks for reporting this, rick=0A= ps: I finally was able to do interop. testing with Linux to see what was go= ing on.=0A= =0A= -luoqi=0A=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YTBPR01MB366462B1755461663FFA1838DDC00>