X-Git-Url: https://git.whamcloud.com/?a=blobdiff_plain;ds=sidebyside;f=lustre%2Fmdd%2Fmdd_object.c;h=1f49ce035ad53ca0fda44224099f09d7dbb95b6c;hb=665e36b780faa2144cecccd29a0d8a8196a76903;hp=74b628b21fd0b1503db0d18f8a17a9d034d1a9a0;hpb=86aeca3550c902b96b434ff51754d037282347cc;p=fs%2Flustre-release.git diff --git a/lustre/mdd/mdd_object.c b/lustre/mdd/mdd_object.c index 74b628b..1f49ce0 100644 --- a/lustre/mdd/mdd_object.c +++ b/lustre/mdd/mdd_object.c @@ -696,7 +696,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj, (LUSTRE_IMMUTABLE_FL | LUSTRE_APPEND_FL); if ((uc->mu_fsuid != tmp_la->la_uid) && - !mdd_capable(uc, CAP_FOWNER)) + !mdd_capable(uc, CFS_CAP_FOWNER)) RETURN(-EPERM); /* XXX: the IMMUTABLE and APPEND_ONLY flags can @@ -706,7 +706,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj, if (mdd_is_append(obj)) oldflags |= LUSTRE_APPEND_FL; if ((oldflags ^ newflags) && - !mdd_capable(uc, CAP_LINUX_IMMUTABLE)) + !mdd_capable(uc, CFS_CAP_LINUX_IMMUTABLE)) RETURN(-EPERM); if (!S_ISDIR(tmp_la->la_mode)) @@ -722,7 +722,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj, if ((la->la_valid & (LA_MTIME | LA_ATIME | LA_CTIME)) && !(la->la_valid & ~(LA_MTIME | LA_ATIME | LA_CTIME))) { if ((uc->mu_fsuid != tmp_la->la_uid) && - !mdd_capable(uc, CAP_FOWNER)) { + !mdd_capable(uc, CFS_CAP_FOWNER)) { rc = mdd_permission_internal_locked(env, obj, tmp_la, MAY_WRITE); if (rc) @@ -735,8 +735,9 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj, /* Bypass la_vaild == LA_MODE, * this is for changing file with SUID or SGID. */ if ((la->la_valid & ~LA_MODE) && + !(ma->ma_attr_flags & MDS_PERM_BYPASS) && (uc->mu_fsuid != tmp_la->la_uid) && - !mdd_capable(uc, CAP_FOWNER)) + !mdd_capable(uc, CFS_CAP_FOWNER)) RETURN(-EPERM); if (la->la_mode == (umode_t) -1) @@ -746,8 +747,9 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj, (tmp_la->la_mode & ~S_IALLUGO); /* Also check the setgid bit! */ - if (!lustre_in_group_p(uc, (la->la_valid & LA_GID) ? la->la_gid : - tmp_la->la_gid) && !mdd_capable(uc, CAP_FSETID)) + if (!lustre_in_group_p(uc, (la->la_valid & LA_GID) ? + la->la_gid : tmp_la->la_gid) && + !mdd_capable(uc, CFS_CAP_FSETID)) la->la_mode &= ~S_ISGID; } else { la->la_mode = tmp_la->la_mode; @@ -759,7 +761,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj, la->la_uid = tmp_la->la_uid; if (((uc->mu_fsuid != tmp_la->la_uid) || (la->la_uid != tmp_la->la_uid)) && - !mdd_capable(uc, CAP_CHOWN)) + !mdd_capable(uc, CFS_CAP_CHOWN)) RETURN(-EPERM); /* If the user or group of a non-directory has been @@ -785,7 +787,7 @@ static int mdd_fix_attr(const struct lu_env *env, struct mdd_object *obj, if (((uc->mu_fsuid != tmp_la->la_uid) || ((la->la_gid != tmp_la->la_gid) && !lustre_in_group_p(uc, la->la_gid))) && - !mdd_capable(uc, CAP_CHOWN)) + !mdd_capable(uc, CFS_CAP_CHOWN)) RETURN(-EPERM); /* Likewise, if the user or group of a non-directory @@ -960,7 +962,8 @@ static int mdd_xattr_sanity_check(const struct lu_env *env, if (rc) RETURN(rc); - if ((uc->mu_fsuid != tmp_la->la_uid) && !mdd_capable(uc, CAP_FOWNER)) + if ((uc->mu_fsuid != tmp_la->la_uid) && + !mdd_capable(uc, CFS_CAP_FOWNER)) RETURN(-EPERM); RETURN(rc); @@ -1298,7 +1301,7 @@ static int mdd_open_sanity_check(const struct lu_env *env, if (uc && ((uc->mu_valid == UCRED_OLD) || (uc->mu_valid == UCRED_NEW)) && (uc->mu_fsuid != tmp_la->la_uid) && - !mdd_capable(uc, CAP_FOWNER)) + !mdd_capable(uc, CFS_CAP_FOWNER)) RETURN(-EPERM); } #endif