apport information ** Attachment added: "ProcModules.txt" https://bugs.launchpad.net/bugs/1824050/+attachment/5254593/+files/ProcModules.txt
-- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1824050 Title: access.W_OK yields -1 EACCES (permission denied) on NFS mountpoints Status in linux package in Ubuntu: Confirmed Bug description: When upgrading from xenial kernel (4.4.0-145) to linux-image-generic- hwe-16.04 (4.15.0-47) I am no longer able to run an application that checks it's data directory for write access/path traversal when that directory is an NFS share. This works on 4.4 and 3.13 kernels that I tested with but fails on 4.15. I'm using NFSv3 and have seen the behavior with both a synology NAS as the nfs-server as well as my xenial desktop as the nfs-server. To reproduce: 0.) Boot test machine with kernel 4.15.0-47 1.) set up a NFS export on another machine (nfs-server) /etc/exports: /srv/nfstest 192.168.100.100(rw,sync,no_subtree_check) 2.) mount the NFS share on the test machine and give a non-root user ownership of the mount, in my case I have a user: aptly, with home=/var/lib/aptly, and I mounted the NFS at /var/lib/aptly/test. aptly:aptly owns /var/lib/aptly/test. /etc/fstab: 192.168.100.101:/srv/nfstest /var/lib/aptly/test nfs rw,mountvers=3 3.) attempt to call access.W_OK on the mount as the non-root user `strace ./testaccess.py` stderr: ... access("/var/lib/aptly/test", W_OK) = -1 EACCES (Permission denied) ... stdout: ('Writeable:', False) ('user r,e,s', (5062, 5062, 5062)) ('group r,e,s', (5062, 5062, 5062)) posix.stat_result(st_mode=16895, st_ino=101188113, st_dev=48, st_nlink=3, st_uid=5062, st_gid=5062, st_size=4096, st_atime=1554858490, st_mtime=1554858633, st_ctime=1554858633) testaccess.py: #!/usr/bin/python import os import sys from pprint import pprint directory = '/var/lib/aptly/test' if __name__ == "__main__": writeable = os.access(directory, os.W_OK) print("Writeable:", writeable) print("user r,e,s", os.getresuid()) print("group r,e,s", os.getresgid()) pprint(os.stat(directory)) --- AlsaDevices: total 0 crw-rw---- 1 root audio 116, 1 Apr 9 18:53 seq crw-rw---- 1 root audio 116, 33 Apr 9 18:53 timer AplayDevices: Error: [Errno 2] No such file or directory ApportVersion: 2.20.1-0ubuntu2.18 Architecture: amd64 ArecordDevices: Error: [Errno 2] No such file or directory AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: DistroRelease: Ubuntu 16.04 HibernationDevice: RESUME=/dev/mapper/pao03--aptly01--vg-swap_1 InstallationDate: Installed on 2019-04-09 (1 days ago) InstallationMedia: Ubuntu-Server 16.04.5 LTS "Xenial Xerus" - Release amd64 (20180731) IwConfig: Error: [Errno 2] No such file or directory Lsusb: Error: command ['lsusb'] failed with exit code 1: MachineType: VMware, Inc. VMware Virtual Platform Package: linux (not installed) PciMultimedia: ProcFB: 0 svgadrmfb ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-47-generic root=/dev/mapper/pao03--aptly01--vg-root ro ProcVersionSignature: Ubuntu 4.15.0-47.50~16.04.1-generic 4.15.18 RelatedPackageVersions: linux-restricted-modules-4.15.0-47-generic N/A linux-backports-modules-4.15.0-47-generic N/A linux-firmware 1.157.21 RfKill: Error: [Errno 2] No such file or directory Tags: xenial xenial Uname: Linux 4.15.0-47-generic x86_64 UnreportableReason: The report belongs to a package that is not installed. UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: _MarkForUpload: False dmi.bios.date: 07/28/2017 dmi.bios.vendor: Phoenix Technologies LTD dmi.bios.version: 6.00 dmi.board.name: 440BX Desktop Reference Platform dmi.board.vendor: Intel Corporation dmi.board.version: None dmi.chassis.asset.tag: No Asset Tag dmi.chassis.type: 1 dmi.chassis.vendor: No Enclosure dmi.chassis.version: N/A dmi.modalias: dmi:bvnPhoenixTechnologiesLTD:bvr6.00:bd07/28/2017:svnVMware,Inc.:pnVMwareVirtualPlatform:pvrNone:rvnIntelCorporation:rn440BXDesktopReferencePlatform:rvrNone:cvnNoEnclosure:ct1:cvrN/A: dmi.product.name: VMware Virtual Platform dmi.product.version: None dmi.sys.vendor: VMware, Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1824050/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp
