[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAJ4mKGZKUO5DYrn7-PaD=rqERx1rywGmiTyyAaSd=f9dBumzBA@mail.gmail.com>
Date: Mon, 18 Mar 2019 16:49:40 +0530
From: Gregory Farnum <gfarnum@...hat.com>
To: Luis Henriques <lhenriques@...e.com>
Cc: "Yan, Zheng" <ukernel@...il.com>, "Yan, Zheng" <zyan@...hat.com>,
Sage Weil <sage@...hat.com>, Ilya Dryomov <idryomov@...il.com>,
ceph-devel <ceph-devel@...r.kernel.org>,
Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Hendrik Peyerl <hpeyerl@...sline.net>
Subject: Re: [PATCH v2 2/2] ceph: quota: fix quota subdir mounts
On Mon, Mar 18, 2019 at 4:25 PM Luis Henriques <lhenriques@...e.com> wrote:
>
> "Yan, Zheng" <ukernel@...il.com> writes:
>
> > On Mon, Mar 18, 2019 at 5:06 PM Gregory Farnum <gfarnum@...hat.com> wrote:
> >>
> >> On Mon, Mar 18, 2019 at 2:32 PM Yan, Zheng <ukernel@...il.com> wrote:
> >> > After reading the code carefully. I feel a little uncomfortable with
> >> > the "lookup_ino" in get_quota_realm. how about populating directories
> >> > above the 'mount subdir' during mounting (similar to cifs_get_root ).
>
> Wouldn't it be a problem if the directory layout (or, in this case, the
> snaprealm layout) change during the mount lifetime? In that case we
> would need to do this lookup anyway.
>
> >>
> >> Isn't that going to be a problem for any clients which have
> >>restricted filesystem access permissions? They may not be able to see
> >>all the directories above their mount point. -Greg
> >
> > using lookup_ino to get inode above the "mount subdir" has the same problem
> >
>
> In this case I believe we get an -EPERM from the MDS. And then the
> client simply falls back to the 'default' behaviour, which is to allow
> the user to create/write to files as if there were no quotas set.
Right, but a client is a lot more likely to have access to
/home/<username>/ than they are to also be able to look at /, and
/home.
So if they can do a lookup on /home/<username>/ they get their quota,
but if they have to look it up from the root it's lost even though the
client has permission to see all the things that contain their quota
state... :/
>
> Cheers,
> --
> Luis
Powered by blists - more mailing lists