On Tue, 9 Aug 2011 20:49:57 +0400 Pavel Shilovsky <[email protected]> wrote:
> 2011/8/4 Pavel Shilovsky <[email protected]>: > > 2011/8/4 Jeff Layton <[email protected]>: > >> Hi Pavel, > >> > >> We have a bit of a problem... > >> > >> https://bugzilla.redhat.com/show_bug.cgi?id=727834 > >> > >> The shared superblock patches seem to have broken the ability to mount > >> directories that live under other directories to which the mounting > >> user doesn't have permissions. > >> > >> IOW, suppose we have this shared out: > >> > >> /share/dir1/dir2 > >> > >> ...if the permissions on dir1 don't allow the mounting user to access > >> it, then cifs_get_root will fail. We'll need to come up with a new > >> scheme for handling this that doesn't require access to every component > >> of the prefixpath. > >> > >> I'm not sure what the right fix is here...we may need to come up with a > >> scheme more like NFS does. It will alter the tree when it discovers > >> that a root dir that it previously was working on is actually a subdir > >> of another mount. > >> > >> Thoughts? > >> -- > >> Jeff Layton <[email protected]> > >> > > > > Thanks for the report. I understand the problem, let me think how to > > fix it right. > > > > -- > > Best regards, > > Pavel Shilovsky. > > > > According to https://bugzilla.redhat.com/show_bug.cgi?id=727834, it > seems to me that the problem is fixed. If the situation changes, let > me know, please. > I suspect we still have a regression here. It seems possible that a user might not have access to parent or grandparent directories of the one that they want to mount. In that case, walking down the tree to the vfsmount root may be problematic. That said, I don't have a clear reproducer for this (nor the time or inclination to come up with one). -- Jeff Layton <[email protected]> -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
