From: Kotresh HR <khiremat@redhat.com>
Date: Thu, 28 Apr 2022 10:31:48 +0000 (+0530)
Subject: client/fuse: Fix directory DACs overriding for root
X-Git-Tag: v16.2.11~504^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=refs%2Fpull%2F46596%2Fhead;p=ceph.git

client/fuse: Fix directory DACs overriding for root

DACs are overridable for directories. For files,
Read/write DACs are always overridable but executable
DACs are overridable when there is at least one exec bit
set.

The files and directory DACS overriding were handled the
same way for root which is incorrect. This patch fixes
DACs overriding as described above for the root.

Fixes: https://tracker.ceph.com/issues/55313
Signed-off-by: Kotresh HR <khiremat@redhat.com>
(cherry picked from commit 2e1f43c99b1818c2ffde64f5b01083c1907a9f87)
---

diff --git a/qa/suites/fs/permission/tasks/cfuse_workunit_misc.yaml b/qa/suites/fs/permission/tasks/cfuse_workunit_misc.yaml
index 6ff6195bfb47..ca026c45ff1e 100644
--- a/qa/suites/fs/permission/tasks/cfuse_workunit_misc.yaml
+++ b/qa/suites/fs/permission/tasks/cfuse_workunit_misc.yaml
@@ -9,3 +9,4 @@ tasks:
       all:
         - fs/misc/acl.sh
         - fs/misc/chmod.sh
+        - fs/misc/dac_override.sh
diff --git a/qa/workunits/fs/misc/dac_override.sh b/qa/workunits/fs/misc/dac_override.sh
new file mode 100755
index 000000000000..dfb1a909128d
--- /dev/null
+++ b/qa/workunits/fs/misc/dac_override.sh
@@ -0,0 +1,19 @@
+#!/bin/sh -x
+
+expect_failure() {
+	if "$@"; then return 1; else return 0; fi
+}
+
+set -e
+
+mkdir -p testdir
+file=test_chmod.$$
+
+echo "foo" > testdir/${file}
+sudo chmod 600 testdir
+
+# only root can read
+expect_failure cat testdir/${file}
+
+# directory read/write DAC override for root should allow read
+sudo cat testdir/${file}
diff --git a/src/client/Client.cc b/src/client/Client.cc
index 1250249b65c0..86b1bb7fe881 100644
--- a/src/client/Client.cc
+++ b/src/client/Client.cc
@@ -5615,8 +5615,10 @@ void Client::handle_cap_grant(MetaSession *session, Inode *in, Cap *cap, const M
 int Client::inode_permission(Inode *in, const UserPerm& perms, unsigned want)
 {
   if (perms.uid() == 0) {
-    // Executable are overridable when there is at least one exec bit set
-    if((want & MAY_EXEC) && !(in->mode & S_IXUGO))
+    // For directories, DACs are overridable.
+    // For files, Read/write DACs are always overridable but executable DACs are
+    // overridable when there is at least one exec bit set
+    if(!S_ISDIR(in->mode) && (want & MAY_EXEC) && !(in->mode & S_IXUGO))
       return -CEPHFS_EACCES;
     return 0;
   }