RepoMirrors/ceph
1
0
Fork 0
mirror of https://github.com/ceph/ceph synced 2025-03-11 02:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
45,285 Commits 219 Branches 396 Tags 1.4 GiB
a341d977d4
Commit Graph

45285 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nishtha Rai
00d7480511 test_auth_caps: remove grp mount 
Signed-off-by: Nishtha Rai <nishtha3rai@gmail.com>
 2015-10-01 09:39:33 -04:00
Nishtha Rai
4f71b11379 MDSAuthCaps: validate create access 
Signed-off-by: Nishtha Rai <nishtha3rai@gmail.com>
 2015-10-01 09:39:33 -04:00
Jashan Kamboj
17c758b589 add stray_prior_path to store path before unlink 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:33 -04:00
Jashan Kamboj
e33cd74e41 add open check_access 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:33 -04:00
Jashan Kamboj
ea94bc4768 add link check_access 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:33 -04:00
Jashan Kamboj
8a29c4e939 add rename check_access 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:33 -04:00
Jashan Kamboj
991d340a0e add snaps(ls,mk,rm,rename) check_access 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:33 -04:00
Jashan Kamboj
fb9c37940e add setlayout, setdirlayout, setxattr check_access 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:32 -04:00
Jashan Kamboj
74b140ae94 add readdir check_access 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:32 -04:00
Sage Weil
9aa6128e34 mds/Server: clean up check_access a bit 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:32 -04:00
Nishtha Rai
5b318aa977 MDSAuthCaps: add logic for group bits check 
Signed-off-by: Nishtha Rai <nishtha3rai@gmail.com>
 2015-10-01 09:39:32 -04:00
Nishtha Rai
1aaee87d2b test_auth_caps: add test for user bits 
Signed-off-by: Nishtha Rai <nishtha3rai@gmail.com>
 2015-10-01 09:39:32 -04:00
Nishtha Rai
7293540115 mds/MDSAuthCaps: add permissions for user bits 
Signed-off-by: Nishtha Rai <nishtha3rai@gmail.com>
 2015-10-01 09:39:32 -04:00
Sage Weil
d5ebb02757 Makefile: include ceph-fuse in base target 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:32 -04:00
Sage Weil
807d36931f client: behave if we can't getattr parents of mount point 
If our cap locks us into a subdirectory (e.g., /foo), we will fail to
getattr on its parents (e.g., /).  This is expected.  Tolerate this case,
and warn that quotas may misbehave in that case (if they are set on one of
those parents).

Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:32 -04:00
Nishtha Rai
4ce4b58056 test_auth_caps: Move trap and cleanup to the top 2015-10-01 09:39:32 -04:00
Nishtha Rai
3c4eb6a3b2 test_auth_caps: Added test logic for world bits 2015-10-01 09:39:32 -04:00
Nishtha Rai
5f5cf95db4 MDSAuthCaps: add world bits check logic 
Signed-off-by: Nishtha Rai <nishtha3rai@gmail.com>
 2015-10-01 09:39:32 -04:00
Sage Weil
0bb821056b client: pass uid, gid to lookup 
The MDS cares about who is performing lookup, too!

Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:31 -04:00
Jashan Kamboj
9bc2a01507 add unlink, rmdir check_access test 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:31 -04:00
Jashan Kamboj
3b42d57695 add unlink, rmdir check_access 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:31 -04:00
Jashan Kamboj
3d2e604ec7 add symlink test 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:31 -04:00
Jashan Kamboj
7f35ae4c91 add symlink check_access 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:31 -04:00
Jashan Kamboj
5a1988673c Add mknod check_access 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:31 -04:00
Sage Weil
74b8f0c770 qa/workunits/fs/test_path_caps: tolerate existing directories 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:31 -04:00
Jashan Kamboj
eef20282f0 functional test of mds cap path restriction 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:31 -04:00
Jashan Kamboj
dc199f4d34 mds/Server.cc: drop leading / from path in is_capable check 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:31 -04:00
Sage Weil
b07e0155ec unittest_mds_authcap: test lists of allow grants 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:31 -04:00
Jashan Kamboj
3e781f2e6b mds: mkdir check_access 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:30 -04:00
Sage Weil
f5cb4e0029 mds/MDSAuthCaps: fix parse error message 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:30 -04:00
Sage Weil
6c0ebae658 mds: whitespace 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:30 -04:00
Sage Weil
425ff66953 mds: log to cluster log if mds cap parse fails 
It's an admin error; tell an admin.

Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:30 -04:00
Sage Weil
a3758346e2 mds/MDSAuthCaps: debug is_capable 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:30 -04:00
Sage Weil
7c1614ab3f mds/MDSAuthCap: fix debug prefix 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:30 -04:00
Sage Weil
622fe9f181 mds/MDSAuthCap: drop leading / in paths 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:30 -04:00
Sage Weil
0b557d56a2 mds/MDSAuthCaps: fix allow_all 
Empty path is '', not '/'.

Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:30 -04:00
Sage Weil
6f60c6d185 mds/MDSAuthCaps: add cct for debug context 
signed-off-by: Nishtha Rai <nishtha3rai@gmail.com>
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:30 -04:00
Jashan Kamboj
51f1028ac4 mds: calculate path in check_access() 
Signed-off-by: Jashan Kamboj <jashank42@gmail.com>
 2015-10-01 09:39:30 -04:00
Sage Weil
e24a9cbffd mds/MDSAuthCaps: normalize path, drop useless constant. 
Use an empty string for no path--this is more efficient.  This generalizes
to losing any leading '/' character.

Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:30 -04:00
Sage Weil
65eaf848c6 mds/MDSAuthCaps: pass down inode uid.gid and mode 
We will need this to evaluate the unix permissions.

Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:29 -04:00
Sage Weil
f8d4d80471 mds/Server: add a few access checks 
(incomplete coverage!)

Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:29 -04:00
Sage Weil
a3f7f5aad3 mds/Server: add check_access() hook 
For now, we are doing a very basic permission check.  No callers yet.

Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:29 -04:00
Sage Weil
c320bde1e6 mds/MDSAuthCap: fix uid and gid types 
int64_t for uid, so we can do a negative "none" value.
gid_t (uint32_t) for gid.

Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:29 -04:00
Sage Weil
68621e99d8 mds/MDSAuthCaps: cosmetic 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:29 -04:00
Sage Weil
d0e4fae992 mds/MDSAuthCaps: use bitmask for is_capable() 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:29 -04:00
Sage Weil
1b0a82ba95 mds/MDSAuthCap: fix path match 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:29 -04:00
Sage Weil
63c29adb6c mds/MDSAuthCaps: move allows() into MDSCapSpec 
Also, fix this so that 'any' implies that we can read or write.

Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:29 -04:00
Sage Weil
1d82ec469e mds/MDSAuthCaps: parse optional gid list 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:29 -04:00
Sage Weil
57a1860d2d mds/MDSAuthCaps: whitespace 
Signed-off-by: Sage Weil <sage@redhat.com>
 2015-10-01 09:39:29 -04:00
Sage Weil
4c0277f177 Merge branch 'wip-add-async-log' of git://github.com/yuyuyu101/ceph into infernalis 2015-10-01 08:34:31 -04:00