[pve-devel] [PATCH] implement chown and chmod for user root group www-data and perm 0640

Stefan Priebe - Profihost AG s.priebe at profihost.ag
Thu Mar 9 17:37:22 CET 2017 

Am 09.03.2017 um 17:35 schrieb Dietmar Maurer:
> To clarify things: this does not allow to change anything? It just allows
> chown class which would result in no change at all?

Sorry yes. But this returns success if a programm wants to chown or
chmod to the values pve-cluster already has / supports.

At least saltstack always sets chmod and chown values and fails it it
can't. Now it believes that it was successful while providing salt with
the correct values:
user: root
group: www-date
chmod 0640

Greets,
Stefan

> 
>> On March 9, 2017 at 5:26 PM Stefan Priebe <s.priebe at profihost.ag> wrote:
>>
>>
>> This allows us to use management software for files inside of /etc/pve.
>> f.e. saltstack which rely on being able to set uid,gid and chmod
>>
>> Signed-off-by: Stefan Priebe <s.priebe at profihost.ag>
>> ---
>>  data/src/pmxcfs.c | 41 ++++++++++++++++++++++++++++++++++++++++-
>>  1 file changed, 40 insertions(+), 1 deletion(-)
>>
>> diff --git a/data/src/pmxcfs.c b/data/src/pmxcfs.c
>> index 1b6cbcc..aa81808 100644
>> --- a/data/src/pmxcfs.c
>> +++ b/data/src/pmxcfs.c
>> @@ -186,6 +186,43 @@ ret:
>>  	return ret;
>>  }
>>  
>> +static int cfs_fuse_chmod(const char *path, mode_t mode)
>> +{
>> +  const mode_t pve_mode = S_IRUSR | S_IWUSR | S_IRGRP;
>> +  int mode_i = mode & (S_IRWXU | S_IRWXG | S_IRWXO);
>> +  int pve_mode_i = pve_mode & (S_IRWXU | S_IRWXG | S_IRWXO);
>> +
>> +  cfs_debug("enter cfs_fuse_mode %s", path);
>> +  int ret = -ENOSYS;
>> +
>> +  if (pve_mode_i == mode_i) {
>> +    ret = 0;
>> +    goto ret;
>> +  }
>> +
>> +  ret:
>> +    cfs_debug("leave cfs_fuse_mode %s (%d) mode: %o pve_mode: %o", path, ret,
>> mode_i, pve_mode_i);
>> +
>> +	return ret;
>> +}
>> +
>> +static int cfs_fuse_chown(const char *path, uid_t user, gid_t group)
>> +{
>> +	cfs_debug("enter cfs_fuse_chown %s", path);
>> +
>> +	int ret = -ENOSYS;
>> +
>> +    if (user == 0 && group == cfs.gid) {
>> +      ret = 0;
>> +      goto ret;
>> +    }
>> +
>> +    ret:
>> +      cfs_debug("leave cfs_fuse_chown %s (%d)", path, ret);
>> +
>> +    return ret;
>> +}
>> +
>>  static int cfs_fuse_mkdir(const char *path, mode_t mode)
>>  {
>>  	cfs_debug("enter cfs_fuse_mkdir %s", path);
>> @@ -488,7 +525,9 @@ static struct fuse_operations fuse_ops = {
>>  	.readlink = cfs_fuse_readlink,
>>  	.utimens = cfs_fuse_utimens,
>>  	.statfs = cfs_fuse_statfs,
>> -	.init = cfs_fuse_init
>> +	.init = cfs_fuse_init,
>> +  .chown = cfs_fuse_chown,
>> +  .chmod = cfs_fuse_chmod
>>  };
>>  
>>  static char *
>> -- 
>> 2.1.4
>>
>> _______________________________________________
>> pve-devel mailing list
>> pve-devel at pve.proxmox.com
>> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
>

More information about the pve-devel mailing list