parent
1e3e001c12
commit
0c35cc337b
|
@ -5,6 +5,7 @@ linux (4.19.118-3) UNRELEASED; urgency=medium
|
||||||
* [rt] Add new signing key for Tom Zanussi
|
* [rt] Add new signing key for Tom Zanussi
|
||||||
* apparmor: don't try to replace stale label in ptraceme check
|
* apparmor: don't try to replace stale label in ptraceme check
|
||||||
(Closes: #963493)
|
(Closes: #963493)
|
||||||
|
* nfsd: apply umask on fs without ACL support (Closes: #962254)
|
||||||
|
|
||||||
-- Salvatore Bonaccorso <carnil@debian.org> Wed, 13 May 2020 17:44:43 +0200
|
-- Salvatore Bonaccorso <carnil@debian.org> Wed, 13 May 2020 17:44:43 +0200
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,56 @@
|
||||||
|
From: "J. Bruce Fields" <bfields@redhat.com>
|
||||||
|
Date: Tue, 16 Jun 2020 16:43:18 -0400
|
||||||
|
Subject: nfsd: apply umask on fs without ACL support
|
||||||
|
Origin: http://git.linux-nfs.org/?p=bfields/linux.git;a=commit;h=22cf8419f1319ff87ec759d0ebdff4cbafaee832
|
||||||
|
Bug-Debian: https://bugs.debian.org/962254
|
||||||
|
|
||||||
|
The server is failing to apply the umask when creating new objects on
|
||||||
|
filesystems without ACL support.
|
||||||
|
|
||||||
|
To reproduce this, you need to use NFSv4.2 and a client and server
|
||||||
|
recent enough to support umask, and you need to export a filesystem that
|
||||||
|
lacks ACL support (for example, ext4 with the "noacl" mount option).
|
||||||
|
|
||||||
|
Filesystems with ACL support are expected to take care of the umask
|
||||||
|
themselves (usually by calling posix_acl_create).
|
||||||
|
|
||||||
|
For filesystems without ACL support, this is up to the caller of
|
||||||
|
vfs_create(), vfs_mknod(), or vfs_mkdir().
|
||||||
|
|
||||||
|
Reported-by: Elliott Mitchell <ehem+debian@m5p.com>
|
||||||
|
Reported-by: Salvatore Bonaccorso <carnil@debian.org>
|
||||||
|
Tested-by: Salvatore Bonaccorso <carnil@debian.org>
|
||||||
|
Fixes: 47057abde515 ("nfsd: add support for the umask attribute")
|
||||||
|
Cc: stable@vger.kernel.org
|
||||||
|
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
|
||||||
|
---
|
||||||
|
fs/nfsd/vfs.c | 6 ++++++
|
||||||
|
1 file changed, 6 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
|
||||||
|
index c3fbab1753ec..d22a056da477 100644
|
||||||
|
--- a/fs/nfsd/vfs.c
|
||||||
|
+++ b/fs/nfsd/vfs.c
|
||||||
|
@@ -1226,6 +1226,9 @@ nfsd_create_locked(struct svc_rqst *rqstp, struct svc_fh *fhp,
|
||||||
|
iap->ia_mode = 0;
|
||||||
|
iap->ia_mode = (iap->ia_mode & S_IALLUGO) | type;
|
||||||
|
|
||||||
|
+ if (!IS_POSIXACL(dirp))
|
||||||
|
+ iap->ia_mode &= ~current_umask();
|
||||||
|
+
|
||||||
|
err = 0;
|
||||||
|
host_err = 0;
|
||||||
|
switch (type) {
|
||||||
|
@@ -1458,6 +1461,9 @@ do_nfsd_create(struct svc_rqst *rqstp, struct svc_fh *fhp,
|
||||||
|
goto out;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (!IS_POSIXACL(dirp))
|
||||||
|
+ iap->ia_mode &= ~current_umask();
|
||||||
|
+
|
||||||
|
host_err = vfs_create(dirp, dchild, iap->ia_mode, true);
|
||||||
|
if (host_err < 0) {
|
||||||
|
fh_drop_write(fhp);
|
||||||
|
--
|
||||||
|
2.27.0
|
||||||
|
|
|
@ -103,6 +103,7 @@ bugfix/all/rtc-s35390a-set-uie_unsupported.patch
|
||||||
bugfix/all/include-uapi-linux-swab.h-fix-userspace-breakage-use.patch
|
bugfix/all/include-uapi-linux-swab.h-fix-userspace-breakage-use.patch
|
||||||
bugfix/all/ALSA-pcm-oss-Place-the-plugin-buffer-overflow-checks.patch
|
bugfix/all/ALSA-pcm-oss-Place-the-plugin-buffer-overflow-checks.patch
|
||||||
bugfix/all/apparmor-don-t-try-to-replace-stale-label-in-ptracem.patch
|
bugfix/all/apparmor-don-t-try-to-replace-stale-label-in-ptracem.patch
|
||||||
|
bugfix/all/nfsd-apply-umask-on-fs-without-ACL-support.patch
|
||||||
|
|
||||||
# Miscellaneous features
|
# Miscellaneous features
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue