Ricardo Correia wrote:
> Hi,
>
> I'm having a problem with a simple sanity check performed by 'iozone -a'.
>
> Basically, iozone create a file with a permission value of 0 and then it
> tries
> to truncate it:
>
> 1) fd = open("file", O_WRONLY|O_CREAT, 0)
> 2) ftruncate(fd, 0)
>
> In zfs-fuse, the ftruncate() call ends up calling zfs_setattr() with AT_SIZE
> set in the attribute mask.
>
> The problem is that one of the first things zfs_setattr() does is validate
> the
> permissions (by calling zfs_zaccess()), which fails since the file owner
> doesn't have write permission.
>
> What am I doing wrong here? iozone seems to work in Solaris.
ftruncate/truncate on Solaris are implemented via the F_FREESP command
in fcntl(2). This ultimately calls VOP_SPACE() which doesn't need to do
any access checks since the file was already opened with the necessary
"write" permission.
http://src.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/uts/common/syscall/fcntl.c#546
Do any ACL check in this situation is not going to work, unless the user
has appropriate privileges to override the permissions on the ACL.
-Mark
