Date: Wed, 8 Apr 2020 01:20:04 +0000 From: Rick Macklem <rmacklem@uoguelph.ca> To: Luoqi Chen <luoqi.chen@gmail.com> Cc: Peter Eriksson <pen@lysator.liu.se>, freebsd-fs <freebsd-fs@freebsd.org> Subject: Re: Linux could write to read only files on FreeBSD NFS server Message-ID: <YTBPR01MB366462B1755461663FFA1838DDC00@YTBPR01MB3664.CANPRD01.PROD.OUTLOOK.COM> In-Reply-To: <CAHJqQju34pZAoqyJH0-Sbyw19k-Wq4GaTQtfBTX4qb073vLNXQ@mail.gmail.com> References: <CAHJqQjuEVpL4xV1dAf6scFqFfMNm1gY3jOaO64ZQJTCQi_qzcQ@mail.gmail.com> <707243CD-C67E-4DAD-AC5A-68EC11CFFDFD@lysator.liu.se> <6EC06026-DA28-4CAC-8D56-5C7856D4625E@lysator.liu.se> <YTBPR01MB3374713F573B548791A22F98DDEB0@YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM> <CAHJqQjsP-w9LAS4AV64Pu9Jmv0kVFodKdT_jLUcyop3sNVh_EA@mail.gmail.com> <202002281113.01SBDlsl017697@higson.cam.lispworks.com> <CAHJqQjt4M_j5=85wcb2hcMC7nepV0ktAtOxbinvj%2BVv2cFWG5g@mail.gmail.com> <YTBPR01MB337401285CAA695E1D7AA5BADDE70@YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM> <8247CFFC-C324-40BB-B0DD-B469A3B35851@lysator.liu.se> <YTBPR01MB33743D2BD467E943C9781AADDDE70@YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM>, <CAHJqQju34pZAoqyJH0-Sbyw19k-Wq4GaTQtfBTX4qb073vLNXQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Luoqi Chen wrote: >On Mon, Mar 2, 2020 at 2:48 PM Rick Macklem <rmacklem@uoguelph.ca<mailto:rmacklem@uoguelph.ca>> wrote: >>Anyhow, if others test the patch and like it, I can commit it controlled via a sysctl. >>I'd just have to decide whether it should be enabled by default or not. >> >>rick > >It has been more than a decade since I last developed for freebsd, I don't have >anything running -current, but I did try the fix under 12-RELEASE, and can confirm >it works. But my test is too ad hoc, it may need more thorough regression. I have just committed a patch to head as r359720 that I believe handles this. The difference between this patch and the one I posted some weeks ago is that it only performs the "does file owner have permission" check for the case where the NFSv4 Open is not creating the file. This appears to be what the Linux server does and allows both the Linux and FreeBSD clients to exhibit correct behaviour. Since having it enabled does not seem to affect the FreeBSD client's behaviour, I have it enabled by default, with a sysctl called vfs.nfsd.v4openaccess that can be set to 0 to revert the NFSv4 server to the old behaviour. This should be MFC'd to stable/12 and stable/11 in 2 weeks. Thanks for reporting this, rick ps: I finally was able to do interop. testing with Linux to see what was going on. -luoqi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?YTBPR01MB366462B1755461663FFA1838DDC00>