[Bug 1824050] [NEW] access.W_OK yields -1 EACCES (permission denied) on NFS mountpoints

Ryan Stark Tue, 09 Apr 2019 19:30:54 -0700

Public bug reported:

When upgrading from xenial kernel (4.4.0-145) to linux-image-generic-
hwe-16.04 (4.15.0-47) I am no longer able to run an application that
checks it's data directory for write access/path traversal when that
directory is an NFS share. This works on 4.4 and 3.13 kernels that I
tested with but fails on 4.15. I'm using NFSv3 and have seen the
behavior with both a synology NAS as the nfs-server as well as my xenial
desktop as the nfs-server.


To reproduce:
0.) Boot test machine with kernel 4.15.0-47
1.) set up a NFS export on another machine (nfs-server)
/etc/exports:
/srv/nfstest       192.168.100.100(rw,sync,no_subtree_check)

2.) mount the NFS share on the test machine and give a non-root user
ownership of the mount, in my case I have a user: aptly, with
home=/var/lib/aptly, and I mounted the NFS at /var/lib/aptly/test.
aptly:aptly owns /var/lib/aptly/test.

/etc/fstab:
192.168.100.101:/srv/nfstest    /var/lib/aptly/test  nfs rw,mountvers=3


3.) attempt to call access.W_OK on the mount as the non-root user `strace 
./testaccess.py`
stderr:
...
access("/var/lib/aptly/test", W_OK)     = -1 EACCES (Permission denied)
...
stdout:
('Writeable:', False)
('user r,e,s', (5062, 5062, 5062))
('group r,e,s', (5062, 5062, 5062))
posix.stat_result(st_mode=16895, st_ino=101188113, st_dev=48, st_nlink=3, 
st_uid=5062, st_gid=5062, st_size=4096, st_atime=1554858490, 
st_mtime=1554858633, st_ctime=1554858633)

testaccess.py:
#!/usr/bin/python

import os
import sys
from pprint import pprint
directory = '/var/lib/aptly/test'

if __name__ == "__main__":
  writeable = os.access(directory, os.W_OK)
  print("Writeable:", writeable)
  print("user r,e,s", os.getresuid())
  print("group r,e,s", os.getresgid())
  pprint(os.stat(directory))

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: Incomplete

** Attachment added: "apport.linux-image-4.15.0-47-generic.j9ut204h.apport"
   
https://bugs.launchpad.net/bugs/1824050/+attachment/5254575/+files/apport.linux-image-4.15.0-47-generic.j9ut204h.apport

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1824050

Title:
  access.W_OK yields -1 EACCES (permission denied) on NFS mountpoints

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1824050/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1824050] [NEW] access.W_OK yields -1 EACCES (permission denied) on NFS mountpoints

Reply via email to