From 214630b15bab255dd3047e2c4046d0bcb2428fa7 Mon Sep 17 00:00:00 2001
From: Wido den Hollander <wido@42on.com>
Date: Fri, 8 Aug 2014 12:03:56 +0200
Subject: [PATCH] mds: Also check min/max uid on snap removal

Not only check if the uid is correct when creating a snapshot, but also
verify if the UID is correct when trying to remove a snapshot.

Fixes: #9029
---
 src/common/config_opts.h | 4 ++--
 src/mds/Server.cc        | 9 ++++++++-
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/common/config_opts.h b/src/common/config_opts.h
index ee4353f2af93..57089d99bffe 100644
--- a/src/common/config_opts.h
+++ b/src/common/config_opts.h
@@ -383,8 +383,8 @@ OPTION(mds_op_history_size, OPT_U32, 20)    // Max number of completed ops to tr
 OPTION(mds_op_history_duration, OPT_U32, 600) // Oldest completed op to track
 OPTION(mds_op_complaint_time, OPT_FLOAT, 30) // how many seconds old makes an op complaint-worthy
 OPTION(mds_op_log_threshold, OPT_INT, 5) // how many op log messages to show in one go
-OPTION(mds_snap_min_uid, OPT_U32, 0) // The minimum UID required to create a snapshot
-OPTION(mds_snap_max_uid, OPT_U32, 65536) // The maximum UID allowed to create a snapshot
+OPTION(mds_mksnap_min_uid, OPT_U32, 0) // The minimum UID required to create a snapshot
+OPTION(mds_mksnap_max_uid, OPT_U32, 65536) // The maximum UID allowed to create a snapshot
 
 // If true, compact leveldb store on mount
 OPTION(osd_compact_leveldb_on_mount, OPT_BOOL, false)
diff --git a/src/mds/Server.cc b/src/mds/Server.cc
index dbf0f07da33e..b9704f41088b 100644
--- a/src/mds/Server.cc
+++ b/src/mds/Server.cc
@@ -7373,7 +7373,7 @@ void Server::handle_client_mksnap(MDRequestRef& mdr)
   
   const string &snapname = req->get_filepath().last_dentry();
 
-  if (mdr->client_request->get_caller_uid() < g_conf->mds_snap_min_uid || mdr->client_request->get_caller_uid() > g_conf->mds_snap_max_uid) {
+  if (mdr->client_request->get_caller_uid() < g_conf->mds_mksnap_min_uid || mdr->client_request->get_caller_uid() > g_conf->mds_mksnap_max_uid) {
     dout(20) << "mksnap " << snapname << " on " << *diri << " denied to uid " << mdr->client_request->get_caller_uid() << dendl;
     reply_request(mdr, -EPERM);
     return;
@@ -7511,6 +7511,13 @@ void Server::handle_client_rmsnap(MDRequestRef& mdr)
   }
 
   const string &snapname = req->get_filepath().last_dentry();
+
+  if (mdr->client_request->get_caller_uid() < g_conf->mds_mksnap_min_uid || mdr->client_request->get_caller_uid() > g_conf->mds_mksnap_max_uid) {
+    dout(20) << "rmsnap " << snapname << " on " << *diri << " denied to uid " << mdr->client_request->get_caller_uid() << dendl;
+    reply_request(mdr, -EPERM);
+    return;
+  }
+
   dout(10) << "rmsnap " << snapname << " on " << *diri << dendl;
 
   // does snap exist?
-- 
2.47.3