[lustre-discuss] Nodemap and setreuid/setregid
Hans Henrik Happe
happe at nbi.dk
Thu Feb 6 05:14:16 PST 2020
Hi,
Has anyone had success with gocryptfs 1.7.x on top of a Lustre nodemap?
I've tested with Lustre 2.12.3.
I found that gocryptfs 1.6 worked. However, with 1.7.x I got a lot of
"Permission denied". I tried all permutations of trusted and admin on
the nodemap.
By stracing a bit, I've created a small peace of code provoking the issue:
---
#include <unistd.h>
#include <sys/types.h>
#include <fcntl.h>
#include <stdio.h>
int main() {
int r;
setregid(-1, 501);
setreuid(-1, 501);
r = open("foo", O_CREAT, S_IRWXU);
if (r < 0) {
perror("open");
}
return 0;
}
---
When run as root in a directory owned by uid=501 and gid=501 in a
nodemap based Lustre fs it returns:
open: Permission denied
Works when I deactivate nodemap (lctl nodemap_activate 0) or just use a
plain local fs.
I don't think this is intended behavior for nodemaps, but I might be wrong.
Cheers,
Hans Henrik
More information about the lustre-discuss
mailing list