11:44 a.m.
Is there some documentation on how this works on other servers you can point
us to? I wasn't aware this was allowed outside the context of ACLs, though
obviously if you can allow the action with ACLs, there might be a case for
allowing it otherwise, though ACLs allow it on a per-file basis (and Windows
only allows an administrator to set "take ownership" flag on a file so the
user can take ownership of a file as opposed to the administrator changing
the ownership).
Frank
From: Deepthi Shivaramu [mailto:des@vmware.com]
Sent: Wednesday, March 11, 2020 8:08 AM
To: Frank Filz <ffilzlnx(a)mindspring.com>; devel(a)lists.nfs-ganesha.org
Subject: [NFS-Ganesha-Devel] Re: chown on a file with 777 permission does
not work for any non-root user, not even the owner of the file
Frank,
Thanks for the reply. I got your point.
Most of the enterprise NFS servers provide a hook to allow chown by non root
users. Can we implement a hook which when set allow NFSv3 setattr by non
root to change owner of the file when file has write permission. ACLs are
anyway a solution with NFSv4.
regards,
Deepthi
On 11 Mar 2020 19:55, Frank Filz <ffilzlnx(a)mindspring.com
<mailto:ffilzlnx@mindspring.com> > wrote:
I have NFSv3 mount on linux client and trying to change the owner of
the
file:
[root@sc-rdops-vm07-dhcp-212-202 mnt]# ls -la new.txt -rwxrwxrwx. 1 testu2
testg2 7 Mar 11 04:00 new.txt
[root@sc-rdops-vm07-dhcp-212-202 mnt]# su testu2
[testu2@sc-rdops-vm07-dhcp-212-202 mnt]$ id
uid=2222(testu2) gid=8888(testg2) groups=8888(testg2)
[testu2@sc-rdops-vm07-dhcp-212-202 mnt]$
[testu2@sc-rdops-vm07-dhcp-212-202 mnt]$ chown testu1 new.txt
chown: changing ownership of 'new.txt': Operation not permitted
[testu2@sc-rdops-vm07-dhcp-212-202 mnt]$
[root@sc-rdops-vm07-dhcp-212-202 mnt]# su testu1
[testu1@sc-rdops-vm07-dhcp-212-202 mnt]$ id
uid=1111(testu1) gid=8888(testg2) groups=8888(testg2)
[testu1@sc-rdops-vm07-dhcp-212-202 mnt]$
[testu1@sc-rdops-vm07-dhcp-212-202 mnt]$ chown testu1 new.txt
chown: changing ownership of 'new.txt': Operation not permitted
[testu1@sc-rdops-vm07-dhcp-212-202 mnt]$
The file belongs to testu2 and when I try to change the owner to testu1
logged
in as testu2, it hits this error :
2020-03-11T11:12:08Z : epoch 5e5f8af3 : vdfsops0aa0d27c.vsanfs-sh.prv :
ganesha.nfsd-50332[::ffff:10.160.212.202] [svc_46] 354
:fsal_check_setattr_perms :FSAL :Access check returned Forbidden action
(new
OWNER was not user)
if (FSAL_TEST_MASK(attr->valid_mask, ATTR_OWNER)) {
/* non-root is only allowed to "take ownership of file" */
. <--- It says
owner of file cannot change the ownership to someone else. Someone
else
needs to take ownership.
if (attr->owner != creds->caller_uid) {
status = fsalstat(ERR_FSAL_PERM, 0);
note = " (new OWNER was not user)";
goto out;
}
So I login as non-owner, testu1 and try chown, it proceeds from this check
but
fails here:
2020-03-11T11:11:01Z : epoch 5e5f8af3 : vdfsops0aa0d27c.vsanfs-sh.prv :
ganesha.nfsd-50332[::ffff:10.160.212.202] [svc_41] 354
:fsal_check_setattr_perms :FSAL :Access check returned Forbidden action
(no
ACL to check)
if (current->acl) {
status = obj->obj_ops->test_access(obj, access_check,
NULL,
NULL, false);
note = " (checked ACL)";
goto out;
}
if (access_check != FSAL_ACE4_MASK_SET(FSAL_ACE_PERM_WRITE_DATA))
{
/* Without an ACL, this user is not allowed some operation
*/
status = fsalstat(ERR_FSAL_PERM, 0);
note = " (no ACL to check)";
goto out;
}
access_check variable starts with 0 and we put in only
FSAL_ACE_PERM_WRITE_OWNER in first block for chown case. So obviously it
does not contain FSAL_ACE_PERM_WRITE_DATA which we are checking here.
So how do we expect this to proceed? We do not support ACLs yet and anyway
this is NFSv3 case, I believe we should not have any dependency on ACL
support
for this usecase.
In POSIX systems, only root can change ownership of files (and owner of a
file may change the group owner of the file to one of that user's groups).
Of course in Linux a non-root user MIGHT be given a CAP to allow it to
change ownership, but NFS is not really set up to deal with CAPs.
Only with NFSv4 ACLs or RichACLs are non-root users allowed to change
ownership of files.
Frank