Re: access-denied problems with knfsd-981022

Steffen Rheinhold (srh@cc86.org)
Fri, 30 Oct 1998 14:11:40 +0100 (CET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Todd M. Roy: "minor problem with parport_share.c in 2.1.127-pre3"
Previous message: Victor Stanescu: "rz55 drives"
In reply to: Joel Jaeggli: "Re: dec rz55 drives."
Next in thread: H. Peter Anvin: "Re: dec rz55 drives."

Hello,

On Thu, 29 Oct 1998, G. Allen Morris III wrote:

> Could you look and see if there are any messages in the log file.
> They should have `fh_verify: .* permission failure' in them.

This is what the log file shows:

Oct 29 11:51:32 zeus kernel: fh_verify: //import permission failure,
acc=4, error=218103808
Oct 29 11:51:41 zeus kernel: fh_verify: //import permission failure,
acc=4, error=218103808
Oct 29 11:55:17 zeus kernel: fh_verify: //import permission failure,
acc=4, error=218103808

As I tested before, with 2.1.124 and knfsd-980930 the
group permissions were treated correctly. The problem appeared
between 124 and 126.

> > 2. With an Linux client I have a root-squash problem:
> >
> > Client is linux 2.0.35, same server (zeus).
> >
> > If I cd into a nfs-mounted directory which doesn't allow me to, I get a
> >
> > data@charon:/home/data > id
> > uid=501(data) gid=100(users) groups=100(users),111(isdn)
> >
> > data@charon:/mnt/zeus > ls -l
> > drwxr-xr-x 4 data isdn 1024 Aug 6 13:13 import
> > drwxr-s--- 22 root 108 1024 Jul 22 15:46 vwk
> >
> > data@charon:/mnt/zeus > cd vwk
> > bash: cd: vwk: Permission denied
> >
> > If I do the same as root@charon, I get
> >
> > charon:/root # cd /mnt/zeus/
> > charon:/mnt/zeus # pwd
> > /mnt/zeus
> > charon:/mnt/zeus # cd vwk
> > bash: pwd: getcwd: cannot access parent directories: Permission denied
> > charon: # pwd
> > /mnt/zeus/vwk
> > bash: pwd: getcwd: cannot access parent directories: Permission denied
> > charon: # cd ..
> > charon:/mnt/zeus # pwd
> > /mnt/zeus
> >
> > As one can see, the shell cd's to the directory nevertheless. I think
> > with root-squash the result of an unpermitted operation should be the same
> > for a root client and a non root client, or am I wrong? Why does the bash
> > cd into the denied directory?
>
> There is a patch to fix this problem.
>
> http://www.CSUA.Berkeley.EDU/~gam3/knfsd/nfsd-2.1.126-1.patch

I applied this to 2.1.126, no difference. An IRIX 5.3 client runs into
the same trouble (root/non-root). Worse, the IRIX sh loses orientation
after trapping into the forbidden dir, so "cd .." does not work, you need
an absolute path reference to get out. But this is obviously a matter of
fact, IMHO.

cu, Steffen

srh@cc86.org

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Todd M. Roy: "minor problem with parport_share.c in 2.1.127-pre3"
Previous message: Victor Stanescu: "rz55 drives"
In reply to: Joel Jaeggli: "Re: dec rz55 drives."
Next in thread: H. Peter Anvin: "Re: dec rz55 drives."