From acf1337334faca2ef021294bf7a8367193072484 Mon Sep 17 00:00:00 2001 From: Nikhilkumar Shelke Date: Sun, 12 Jun 2022 21:58:40 +0530 Subject: [PATCH 1/2] mgr/volumes: subvolume ls command crashes if groupname as '_nogroup' If --group_name=_nogroup is provided in the command then throw error permission denied as it is internal group of ceph fs. Fixes: https://tracker.ceph.com/issues/55759 Signed-off-by: Nikhilkumar Shelke --- src/pybind/mgr/volumes/fs/operations/group.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/pybind/mgr/volumes/fs/operations/group.py b/src/pybind/mgr/volumes/fs/operations/group.py index 152383c51d4..777721d5e41 100644 --- a/src/pybind/mgr/volumes/fs/operations/group.py +++ b/src/pybind/mgr/volumes/fs/operations/group.py @@ -20,7 +20,8 @@ class Group(GroupTemplate): NO_GROUP_NAME = "_nogroup" def __init__(self, fs, vol_spec, groupname): - assert groupname != Group.NO_GROUP_NAME + if groupname == Group.NO_GROUP_NAME: + raise VolumeException(-errno.EPERM, "Operation not permitted for group '{0}' as it is an internal group.".format(groupname)) self.fs = fs self.user_id = None self.group_id = None From dc4b0ee40502c34e483320e7a69b7c0e288294ae Mon Sep 17 00:00:00 2001 From: Nikhilkumar Shelke Date: Sun, 12 Jun 2022 22:03:21 +0530 Subject: [PATCH 2/2] qa: subvolume ls command crashes if groupname as '_nogroup' If --group_name=_nogroup is provided in the command then throw error permission denied as it is internal group of ceph fs. Fixes: https://tracker.ceph.com/issues/55759 Signed-off-by: Nikhilkumar Shelke --- qa/tasks/cephfs/test_volumes.py | 35 +++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/qa/tasks/cephfs/test_volumes.py b/qa/tasks/cephfs/test_volumes.py index 2ae4674dbca..4705eaae6c7 100644 --- a/qa/tasks/cephfs/test_volumes.py +++ b/qa/tasks/cephfs/test_volumes.py @@ -1214,6 +1214,41 @@ class TestSubvolumes(TestVolumesHelper): # verify trash dir is clean self._wait_for_trash_empty() + def test_subvolume_create_and_ls_providing_group_as_nogroup(self): + """ + That a 'subvolume create' and 'subvolume ls' should throw + permission denied error if option --group=_nogroup is provided. + """ + + subvolname = self._generate_random_subvolume_name() + + # try to create subvolume providing --group_name=_nogroup option + try: + self._fs_cmd("subvolume", "create", self.volname, subvolname, "--group_name", "_nogroup") + except CommandFailedError as ce: + self.assertEqual(ce.exitstatus, errno.EPERM) + else: + self.fail("expected the 'fs subvolume create' command to fail") + + # create subvolume + self._fs_cmd("subvolume", "create", self.volname, subvolname) + + # try to list subvolumes providing --group_name=_nogroup option + try: + self._fs_cmd("subvolume", "ls", self.volname, "--group_name", "_nogroup") + except CommandFailedError as ce: + self.assertEqual(ce.exitstatus, errno.EPERM) + else: + self.fail("expected the 'fs subvolume ls' command to fail") + + # list subvolumes + self._fs_cmd("subvolume", "ls", self.volname) + + self._fs_cmd("subvolume", "rm", self.volname, subvolname) + + # verify trash dir is clean. + self._wait_for_trash_empty() + def test_subvolume_expand(self): """ That a subvolume can be expanded in size and its quota matches the expected size.