From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com ([209.132.183.28]:43308 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932446AbdGSQRW (ORCPT ); Wed, 19 Jul 2017 12:17:22 -0400 Date: Wed, 19 Jul 2017 12:17:19 -0400 (EDT) From: Bob Peterson To: Jan Kara Cc: linux-fsdevel@vger.kernel.org, Andreas Gruenbacher , stable@vger.kernel.org, cluster-devel@redhat.com Message-ID: <977295480.32253218.1500481039266.JavaMail.zimbra@redhat.com> In-Reply-To: <20170718161833.GB27293@quack2.suse.cz> References: <20170622133115.16968-1-jack@suse.cz> <20170622133115.16968-5-jack@suse.cz> <20170718161833.GB27293@quack2.suse.cz> Subject: Re: [PATCH 04/11] gfs2: Don't clear SGID when inheriting ACLs MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Sender: linux-fsdevel-owner@vger.kernel.org List-ID: ----- Original Message ----- | On Thu 22-06-17 15:31:08, Jan Kara wrote: | > When new directory 'DIR1' is created in a directory 'DIR0' with SGID bit | > set, DIR1 is expected to have SGID bit set (and owning group equal to | > the owning group of 'DIR0'). However when 'DIR0' also has some default | > ACLs that 'DIR1' inherits, setting these ACLs will result in SGID bit on | > 'DIR1' to get cleared if user is not member of the owning group. | > | > Fix the problem by moving posix_acl_update_mode() out of | > __gfs2_set_acl() into gfs2_set_acl(). That way the function will not be | > called when inheriting ACLs which is what we want as it prevents SGID | > bit clearing and the mode has been properly set by posix_acl_create() | > anyway. | > | > Fixes: 073931017b49d9458aa351605b43a7e34598caef | > CC: stable@vger.kernel.org | > CC: cluster-devel@redhat.com | > CC: Bob Peterson | > Signed-off-by: Jan Kara | | Bob, can you please pick up this fix? Thanks! Hi Honza, Sorry this slipped my attention for so long. This is now applied to the for-next branch of the linux-gfs2 tree: https://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2.git/commit/fs/gfs2?h=for-next&id=914cea93dd89f00b41c1d8ff93f17be47356a36a Regards, Bob Peterson Red Hat File Systems From mboxrd@z Thu Jan 1 00:00:00 1970 From: Bob Peterson Date: Wed, 19 Jul 2017 12:17:19 -0400 (EDT) Subject: [Cluster-devel] [PATCH 04/11] gfs2: Don't clear SGID when inheriting ACLs In-Reply-To: <20170718161833.GB27293@quack2.suse.cz> References: <20170622133115.16968-1-jack@suse.cz> <20170622133115.16968-5-jack@suse.cz> <20170718161833.GB27293@quack2.suse.cz> Message-ID: <977295480.32253218.1500481039266.JavaMail.zimbra@redhat.com> List-Id: To: cluster-devel.redhat.com MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit ----- Original Message ----- | On Thu 22-06-17 15:31:08, Jan Kara wrote: | > When new directory 'DIR1' is created in a directory 'DIR0' with SGID bit | > set, DIR1 is expected to have SGID bit set (and owning group equal to | > the owning group of 'DIR0'). However when 'DIR0' also has some default | > ACLs that 'DIR1' inherits, setting these ACLs will result in SGID bit on | > 'DIR1' to get cleared if user is not member of the owning group. | > | > Fix the problem by moving posix_acl_update_mode() out of | > __gfs2_set_acl() into gfs2_set_acl(). That way the function will not be | > called when inheriting ACLs which is what we want as it prevents SGID | > bit clearing and the mode has been properly set by posix_acl_create() | > anyway. | > | > Fixes: 073931017b49d9458aa351605b43a7e34598caef | > CC: stable at vger.kernel.org | > CC: cluster-devel at redhat.com | > CC: Bob Peterson | > Signed-off-by: Jan Kara | | Bob, can you please pick up this fix? Thanks! Hi Honza, Sorry this slipped my attention for so long. This is now applied to the for-next branch of the linux-gfs2 tree: https://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2.git/commit/fs/gfs2?h=for-next&id=914cea93dd89f00b41c1d8ff93f17be47356a36a Regards, Bob Peterson Red Hat File Systems