From: Peter Staubach <staubach@redhat.com> Subject: [RHEL-5 PATCH] BZ 215011 acl permissions over nfs Date: Thu, 30 Nov 2006 16:54:36 -0500 Bugzilla: 215011 Message-Id: <456F531C.3020508@redhat.com> Changelog: nfs - set correct mode during create operation Hi. Attached is a patch to address BZ, 215011, "acl permissions over nfs". These are the RHEL-5 changes which mirror those made for BZ, 128616, a RHEL-3 BZ, and BZ, 214996, a RHEL-4 BZ. These changes modify the RHEL-5 NFS server to correctly set the mode during an exclusive create operation, even when a default ACL exists on the directory which contains the new file. These changes were tested as described in the posting for BZ, 128616. Thanx... ps --- linux-2.6.18.i686/fs/nfsd/vfs.c.org +++ linux-2.6.18.i686/fs/nfsd/vfs.c @@ -1218,7 +1218,6 @@ nfsd_create_v3(struct svc_rqst *rqstp, s struct inode *dirp; int err; __u32 v_mtime=0, v_atime=0; - int v_mode=0; err = nfserr_perm; if (!flen) @@ -1255,16 +1254,11 @@ nfsd_create_v3(struct svc_rqst *rqstp, s goto out; if (createmode == NFS3_CREATE_EXCLUSIVE) { - /* while the verifier would fit in mtime+atime, - * solaris7 gets confused (bugid 4218508) if these have - * the high bit set, so we use the mode as well + /* solaris7 gets confused (bugid 4218508) if these have + * the high bit set, so just clear the high bits. */ v_mtime = verifier[0]&0x7fffffff; v_atime = verifier[1]&0x7fffffff; - v_mode = S_IFREG - | ((verifier[0]&0x80000000) >> (32-7)) /* u+x */ - | ((verifier[1]&0x80000000) >> (32-9)) /* u+r */ - ; } if (dchild->d_inode) { @@ -1292,7 +1286,6 @@ nfsd_create_v3(struct svc_rqst *rqstp, s case NFS3_CREATE_EXCLUSIVE: if ( dchild->d_inode->i_mtime.tv_sec == v_mtime && dchild->d_inode->i_atime.tv_sec == v_atime - && dchild->d_inode->i_mode == v_mode && dchild->d_inode->i_size == 0 ) break; /* fallthru */ @@ -1312,26 +1305,22 @@ nfsd_create_v3(struct svc_rqst *rqstp, s } if (createmode == NFS3_CREATE_EXCLUSIVE) { - /* Cram the verifier into atime/mtime/mode */ + /* Cram the verifier into atime/mtime */ iap->ia_valid = ATTR_MTIME|ATTR_ATIME - | ATTR_MTIME_SET|ATTR_ATIME_SET - | ATTR_MODE; + | ATTR_MTIME_SET|ATTR_ATIME_SET; /* XXX someone who knows this better please fix it for nsec */ iap->ia_mtime.tv_sec = v_mtime; iap->ia_atime.tv_sec = v_atime; iap->ia_mtime.tv_nsec = 0; iap->ia_atime.tv_nsec = 0; - iap->ia_mode = v_mode; } /* Set file attributes. - * Mode has already been set but we might need to reset it - * for CREATE_EXCLUSIVE * Irix appears to send along the gid when it tries to * implement setgid directories via NFS. Clear out all that cruft. */ set_attr: - if ((iap->ia_valid &= ~(ATTR_UID|ATTR_GID)) != 0) { + if ((iap->ia_valid &= ~(ATTR_UID|ATTR_GID|ATTR_MODE)) != 0) { int err2 = nfsd_setattr(rqstp, resfhp, iap, 0, (time_t)0); if (err2) err = err2;