This list has been deprecated. Please subscribe to the new devel list at lists.nfs-ganesha.org. On Fri, May 25, 2018 at 08:10:07PM +0530, Sagar M D wrote: > Hi, > > By looking at nfs-Ganesha code, permission check (ACL) happens > access_check.c. Our FSAL (not in tree FSAL), storing and serving the ACLs > to Ganesha. > > I see an issue with rename: > Even though i set deny ACE for "delete child" on folder1 for user1. user1 > is able to rename file belongs to user2.
What's the ACL on the child? The rule from Windows at least is that you only need DELETE or DELETE_CHILD, not both. > I see below RPC:- > ACCESS request folder1 > ACCESS denied (as expected.) (denied for DELETE_CHILD permission) > Rename request > Rename succeed > > I'm not sure why client is sending rename even after receiving ACCESS > Denied. > > Native nfs denies rename though. knfsd implements everything in terms of posix ACLs which never consider DELETE_CHILD part of write permissions, and never allow DELETE. --b. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Nfs-ganesha-devel mailing list Nfs-ganesha-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfs-ganesha-devel
