OpenSolaris

Printable Version Enter a New Search
Bug ID 6601830
Synopsis mismatch between zfs_mount() behavior and comment
State 10-Fix Delivered (Fix available in build)
Category:Subcategory kernel:zfs
Keywords
Responsible Engineer Mark Shellenbaum
Reported Against
Duplicate Of
Introduced In solaris_nevada
Commit to Fix snv_79
Fixed In snv_79
Release Fixed solaris_nevada(snv_79) , solaris_10u6(s10u6_01) (Bug ID:2160888)
Related Bugs
Submit Date 6-September-2007
Last Update Date 29-April-2008
Description 
From Pawel Jakub Dawidek

In zfs_mount() function, when we process a mount by a regular user
through the delegated administration, the comment states:

	/*
	 * Make sure user is the owner of the mount point
	 * or has sufficient privileges.
	 */

This makes sense, but the code doesn't match the comment. The code
ensures that user is the owner of the mount point _and_ can write to the
directory.
Or does "has sufficient privileges" means that he has PRIV_FILE_OWNER
privilege?

IMHO if either of those two (is the owner or can write) is true, we
should allow the mount. Am I right? If I am right, the patch below
implements my thinking.

--- uts/common/fs/zfs/zfs_vfsops.c
+++ uts/common/fs/zfs/zfs_vfsops.c
@@ -608,11 +608,9 @@
				goto out;
			}

-			if (error = secpolicy_vnode_owner(cr, vattr.va_uid)) {
-				goto out;
-			}
-
-			if (error = VOP_ACCESS(mvp, VWRITE, cr, td)) {
+			if (secpolicy_vnode_owner(cr, vattr.va_uid) != 0 &&
+			    VOP_ACCESS(mvp, VWRITE, cr, td) != 0) {
+				error = EPERM;
				goto out;
			}
Work Around 
N/A
Comments 
N/A