[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-nfsv4
Subject: Re: [PATCH 11/16] nfsd4: return nfserr_wrongsec
From: Benny Halevy <bhalevy () panasas ! com>
Date: 2007-05-21 12:59:21
Message-ID: 465197A9.10707 () panasas ! com
[Download RAW message or body]
Trond Myklebust wrote:
> On Mon, 2007-05-21 at 11:18 +0300, Benny Halevy wrote:
>> J. Bruce Fields wrote:
>>> On Fri, May 18, 2007 at 06:33:23PM -0400, Trond Myklebust wrote:
>>>> On Fri, 2007-05-18 at 18:28 -0400, J. Bruce Fields wrote:
>>>>>> On Fri, 2007-05-18 at 17:28 -0400, J. Bruce Fields wrote:
>>>>>>> --- a/fs/nfsd/nfssvc.c
>>>>>>> +++ b/fs/nfsd/nfssvc.c
>>>>>>> @@ -492,6 +492,15 @@ out:
>>>>>>> module_put_and_exit(0);
>>>>>>> }
>>>>>>>
>>>>>>> +static __be32 map_new_errors(u32 vers, __be32 nfserr)
>>>>>>> +{
>>>>>>> + if (nfserr == nfserr_jukebox && vers == 2)
>>>>>>> + return nfserr_dropit;
>>>>>>> + if (nfserr == nfserr_wrongsec && vers < 4)
>>>>>>> + return nfserr_perm;
>>>>>>> + return nfserr;
>>>>>>> +}
>>>>> Does that look sane?
>>>> OK, but shouldn't it be mapped into EACCES? EPERM means that an
>>>> operation failed because the caller is "either not a privileged user
>>>> (root) or the owner of the target of the operation".
>>> Yup, fixed. I always have trouble getting those two straight.
>>>
>> Some operations, e.g. SETATTR, are allowed to the owner of the file and to
>> the super user. If the caller isn't one of them EPERM should be returned.
>> EACCES is returned when the caller does not have a permission to do the
>> operation based on mode bits and or other cases which do not fall in the
>> EPERM category.
>
> If you are getting a WRONGSEC error, then you are basically not being
> identified. You cannot be the owner of the file.
>
I agree. nfserr_acces seems appropriate to return in all cases
(including SETATTR)
_______________________________________________
NFSv4 mailing list
NFSv4@linux-nfs.org
http://linux-nfs.org/cgi-bin/mailman/listinfo/nfsv4
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic