Actions
Bug #62745
openquincy: Permissions of the .snap directory do not inherit ACLs
Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
issue #57874 is supposed to be resolved but I encountered the same problem with 17.2.6 (and another user reports this pb with 16.2.13 too).
Here is the complete steps to reproduce the pb with only one group, GIPSI, in the ACL:
# mkdir /mnt/ceph/test # chown root:nogroup /mnt/ceph/test # chmod 770 /mnt/ceph/test # setfacl --set="u::rwx,g::rwx,o::-,d:m::rwx,m::rwx,d:g:GIPSI:rwx,g:GIPSI:rwx" /mnt/ceph/test/ # getfacl /mnt/ceph/test # file: mnt/ceph/test # owner: root # group: nogroup user::rwx group::rwx group:GIPSI:rwx mask::rwx other::--- default:user::rwx default:group::rwx default:group:GIPSI:rwx default:mask::rwx default:other::--- # touch /mnt/ceph/test/foo # getfacl /mnt/ceph/test/foo # file: mnt/ceph/test/foo # owner: root # group: root user::rw- group::rwx #effective:rw- group:GIPSI:rwx #effective:rw- mask::rw- other::--- # mkdir /mnt/ceph/ec42/test/.snap/snaptest # getfacl /mnt/ceph/test/.snap # file: mnt/ceph/test/.snap # owner: root # group: nogroup user::rwx group::rwx other::---
As a result, no member of the GIPSI group is able to access the snaphots...
No data to display
Actions