Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cmd/mount: add all-squash option to squash all users #4144

Closed
wants to merge 2 commits into from
Closed

cmd/mount: add all-squash option to squash all users #4144

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c2161e3
cmd/mount: add `all-squash` option to squash all users
SandyXSD Nov 7, 2023
749ddba
disable 'default_permissions' when all-squash enabled
SandyXSD Nov 7, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
23 changes: 19 additions & 4 deletions cmd/mount_unix.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,10 @@ func fuseFlags() []cli.Flag {
Name: "root-squash",
Usage: "mapping local root user (uid = 0) to another one specified as <uid>:<gid>",
},
&cli.StringFlag{
Copy link
Contributor

@Hexilee Hexilee Nov 7, 2023
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We should make flag non-default-permission visible or enable it by default when squash all users. Otherwise, the kernel may deny users to modify files they created.

$ touch hello
touch: setting times of 'hello': Permission denied

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We probably have to always disable default permission to make the all-squash work

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, there will be lots of access() and much slower.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

But all-squash can hardly work with default-permission.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When defaultPermission is disabled, we should make sure that the permission is checked in all the places, or access is called for them.

Name: "all-squash",
Usage: "mapping all local users to another one specified as <uid>:<gid>",
},
&cli.BoolFlag{
Name: "prefix-internal",
Usage: "add '.jfs' prefix to all internal files",
Expand Down Expand Up @@ -243,8 +247,16 @@ func mount_main(v *vfs.VFS, c *cli.Context) {
conf.EntryTimeout = time.Millisecond * time.Duration(c.Float64("entry-cache")*1000)
conf.DirEntryTimeout = time.Millisecond * time.Duration(c.Float64("dir-entry-cache")*1000)
conf.NonDefaultPermission = c.Bool("non-default-permission")
rootSquash := c.String("root-squash")
if rootSquash != "" {
squash := c.String("root-squash")
rootOnly := squash != ""
if allSquash := c.String("all-squash"); allSquash != "" {
if rootOnly {
rootOnly = false
logger.Warnf("'root-squash' is ignored since 'all-squash' is specified")
}
squash = allSquash
}
if squash != "" {
var uid, gid uint32 = 65534, 65534
if u, err := user.Lookup("nobody"); err == nil {
nobody, err := strconv.ParseUint(u.Uid, 10, 32)
Expand All @@ -261,7 +273,7 @@ func mount_main(v *vfs.VFS, c *cli.Context) {
gid = uint32(nogroup)
}

ss := strings.SplitN(strings.TrimSpace(rootSquash), ":", 2)
ss := strings.SplitN(strings.TrimSpace(squash), ":", 2)
if ss[0] != "" {
u, err := strconv.ParseUint(ss[0], 10, 32)
if err != nil {
Expand All @@ -276,7 +288,10 @@ func mount_main(v *vfs.VFS, c *cli.Context) {
}
gid = uint32(g)
}
conf.RootSquash = &vfs.RootSquash{Uid: uid, Gid: gid}
if !rootOnly && (uid == 0 || gid == 0) {
logger.Fatalf("cannot squash uid/gid to 0")
}
conf.UserSquash = &vfs.UserSquash{Uid: uid, Gid: gid, RootOnly: rootOnly}
}
logger.Infof("Mounting volume %s at %s ...", conf.Format.Name, conf.Meta.MountPoint)
err := fuse.Serve(v, c.String("o"), c.Bool("enable-xattr"), c.Bool("enable-ioctl"))
Expand Down
6 changes: 3 additions & 3 deletions pkg/fuse/context.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -63,10 +63,10 @@ func (fs *fileSystem) newContext(cancel <-chan struct{}, header *fuse.InHeader)
ctx.cancel = cancel
ctx.header = header
ctx.checkPermission = fs.conf.NonDefaultPermission && header.Uid != 0
if header.Uid == 0 && fs.conf.RootSquash != nil {
if fs.conf.UserSquash != nil && (header.Uid == 0 || !fs.conf.UserSquash.RootOnly) {
ctx.checkPermission = true
ctx.header.Uid = fs.conf.RootSquash.Uid
ctx.header.Gid = fs.conf.RootSquash.Gid
ctx.header.Uid = fs.conf.UserSquash.Uid
ctx.header.Gid = fs.conf.UserSquash.Gid
}
return ctx
}
Expand Down
9 changes: 5 additions & 4 deletions pkg/vfs/vfs.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,13 +62,14 @@ type Config struct {
AccessLog string `json:",omitempty"`
PrefixInternal bool
HideInternal bool
RootSquash *RootSquash `json:",omitempty"`
UserSquash *UserSquash `json:",omitempty"`
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will it break anything (loading a JSON)?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Usually it's dynamically loaded

NonDefaultPermission bool `json:",omitempty"`
}

type RootSquash struct {
Uid uint32
Gid uint32
type UserSquash struct {
Uid uint32
Gid uint32
RootOnly bool
}

var (
Expand Down