mirror of
https://github.com/ceph/ceph
synced 2025-01-23 19:46:56 +00:00
2e1f43c99b
DACs are overridable for directories. For files, Read/write DACs are always overridable but executable DACs are overridable when there is at least one exec bit set. The files and directory DACS overriding were handled the same way for root which is incorrect. This patch fixes DACs overriding as described above for the root. Fixes: https://tracker.ceph.com/issues/55313 Signed-off-by: Kotresh HR <khiremat@redhat.com>
20 lines
322 B
Bash
Executable File
20 lines
322 B
Bash
Executable File
#!/bin/sh -x
|
|
|
|
expect_failure() {
|
|
if "$@"; then return 1; else return 0; fi
|
|
}
|
|
|
|
set -e
|
|
|
|
mkdir -p testdir
|
|
file=test_chmod.$$
|
|
|
|
echo "foo" > testdir/${file}
|
|
sudo chmod 600 testdir
|
|
|
|
# only root can read
|
|
expect_failure cat testdir/${file}
|
|
|
|
# directory read/write DAC override for root should allow read
|
|
sudo cat testdir/${file}
|