Commit 0f26bde6 authored by Rainer Toebbicke's avatar Rainer Toebbicke

FUSEX,MGM: EOS-2800 Relocate check for sys.eval.useracl from fuse client to the Fuseserver

parent 54bf7319
Pipeline #500418 passed with stages
in 28 minutes and 3 seconds
......@@ -2415,7 +2415,7 @@ EROFS pathname refers to a file on a read-only filesystem.
{
eos::common::Timing timing(__func__);
COMMONTIMING("_start_", &timing);
eos_static_debug("");
eos_static_debug(name);
ADD_FUSE_STAT(__func__, req);
EXEC_TIMING_BEGIN(__func__);
Track::Monitor mon(__func__, Instance().Tracker(), parent, true);
......@@ -2477,6 +2477,14 @@ EROFS pathname refers to a file on a read-only filesystem.
pmd->set_mtime_ns(ts.tv_nsec);
md->set_uid(pcap->uid());
md->set_gid(pcap->gid());
/* xattr inheritance */
auto attrMap = md->mutable_attr();
auto pattrMap = pmd->attr();
for (auto const it : pattrMap) {
eos_static_debug("adding xattr[%s]=%s", it.first.c_str(), it.second.c_str());
(*attrMap)[it.first] = it.second;
}
md->set_id(Instance().mds.insert(req, md, pcap->authid()));
md->set_nlink(2);
md->set_creator(true);
......
......@@ -2624,6 +2624,11 @@ FuseServer::HandleMD(const std::string& id,
return EEXIST;
}
eos::IContainerMD::XAttrMap xattrs = pcmd->getAttributes();
if ( (md.attr().find("user.acl") != md.attr().end()) && (xattrs.find("sys.eval.useracl") == xattrs.end()) ) {
return EPERM;
}
cmd = gOFS->eosDirectoryService->createContainer();
cmd->setName(md.name());
md_ino = cmd->getId();
......@@ -2638,7 +2643,6 @@ FuseServer::HandleMD(const std::string& id,
}
// parent attribute inheritance
eos::IContainerMD::XAttrMap xattrs = pcmd->getAttributes();
for (const auto& elem : xattrs) {
cmd->setAttribute(elem.first, elem.second);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment