Date: Thu, 27 Feb 2020 14:05:24 -0600 From: jdelisle <jdelisle@gmail.com> To: Luoqi Chen <luoqi.chen@gmail.com> Cc: freebsd-fs <freebsd-fs@freebsd.org> Subject: Re: Linux could write to read only files on FreeBSD NFS server Message-ID: <CAMdBLfQmJKTfLGVOQSxVcSADY-tAu3S=eGfCwP4CDqd=1-VidA@mail.gmail.com> In-Reply-To: <CAHJqQjs3LD0hO0GeS9D6EkxYDzYRHor72QLUOUQQmxM5WkQY3Q@mail.gmail.com> References: <CAHJqQjuEVpL4xV1dAf6scFqFfMNm1gY3jOaO64ZQJTCQi_qzcQ@mail.gmail.com> <CAMdBLfQ3%2BPSMu7brnbKcDkpQT09O=i7q7qrWmj3%2Bug7Wtap94w@mail.gmail.com> <CAHJqQjs3LD0hO0GeS9D6EkxYDzYRHor72QLUOUQQmxM5WkQY3Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Without the requested info running your script is a waste of time. This already strikes me as a case of user-error/ RTFM, but I'm giving you the benefit of the doubt and asking for info that's absolutely necessary to even begin looking at this. On Thu, Feb 27, 2020 at 1:19 PM Luoqi Chen <luoqi.chen@gmail.com> wrote: > I gather you haven't tried the script -- I didn't bother to include more > details because they didn't seem to matter, this is not some corner case > scenario. My guess is this is something fundamental, like, linux expects > the server side to enforce the access control while freebsd assumes that > the client has already done the check. > > On Thu, Feb 27, 2020 at 10:40 AM jdelisle <jdelisle@gmail.com> wrote: > >> I feel like this is missing a lot of important information needed to >> answer your question. >> >> What's your NFS mount command? What user are you running that script >> as? What do the permissions look like on the NFS server side? What does >> your NFS export look like? etc.. >> >> On Thu, Feb 27, 2020 at 11:42 AM Luoqi Chen <luoqi.chen@gmail.com> wrote: >> >>> Hi, >>> >>> This was actually a pretty old problem, I noticed it a few years back and >>> have been monitoring it when I upgrade the os on either the linux or the >>> freebsd side -- it's still present between the latest centos and freebsd >>> as >>> of today. I meant to look into this issue myself, but had never found >>> time >>> for it, that's why I'm writing to this list, maybe it's a known problem >>> or >>> someone's willing to spend some time on it. >>> >>> And here you go, the problem, >>> >>> % cat ~/rotest.sh >>> #!/bin/sh >>> cp /dev/null x >>> getfacl x >>> chmod -w x >>> getfacl x >>> echo aaa >> x >>> echo status $? >>> cat x >>> rm -f x >>> % sh ~/rotest.sh >>> # file: x >>> # owner: luoqi >>> # group: wheel >>> user::rw- >>> group::r-- >>> other::r-- >>> >>> # file: x >>> # owner: luoqi >>> # group: wheel >>> user::r-- >>> group::r-- >>> other::r-- >>> >>> status 0 >>> aaa >>> >>> The script was run on a centos inside a directory nfs mounted from a >>> freebsd. The append would fail for a centos/centos or a freebsd/freebsd >>> combo. It's very easy to reproduce, it doesn't depend on any specific >>> centos or freebsd version, nor on nfs version 3 or 4, nor on underlying >>> file system ffs or zfs. >>> >>> -luoqi >>> _______________________________________________ >>> freebsd-fs@freebsd.org mailing list >>> https://lists.freebsd.org/mailman/listinfo/freebsd-fs >>> To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org" >>> >>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAMdBLfQmJKTfLGVOQSxVcSADY-tAu3S=eGfCwP4CDqd=1-VidA>