When the admin property is set to 0 on a nodemap, the root user must
be squashed, even if the map_mode property specifies to not map uids
or gids.
Enhance sanity-sec test_17 to exercise this use case.
Lustre-change: https://review.whamcloud.com/49561
Lustre-commit:
1335eb1d599ceb6423de6800e0995614cdb37bd8
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: I1b41caa1ccc6e544ce9fac45b47d0c4c129221f7
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Etienne AUJAMES <eaujames@ddn.com>
Reviewed-on: https://review.whamcloud.com/c/ex/lustre-release/+/49797
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
if (unlikely(nodemap == NULL))
goto out;
+ if (id == 0) {
+ if (nodemap->nmf_allow_root_access)
+ goto out;
+ goto squash;
+ }
+
if (id_type == NODEMAP_UID &&
!(nodemap->nmf_map_mode & NODEMAP_MAP_UID))
goto out;
!(nodemap->nmf_map_mode & NODEMAP_MAP_PROJID))
goto out;
- if (id == 0) {
- if (nodemap->nmf_allow_root_access)
- goto out;
- else
- goto squash;
- }
-
if (nodemap->nmf_trust_client_ids)
goto out;
[ "$MDS1_VERSION" -lt $(version_code 2.11.55) ]; then
skip "Need MDS >= 2.11.55"
fi
+ local check_proj=true
+
+ (( $MDS1_VERSION >= $(version_code 2.14.0.74) )) || check_proj=false
nodemap_version_check || return 0
nodemap_test_setup
trap nodemap_test_cleanup EXIT
nodemap_clients_admin_trusted 0 1
test_fops trusted_noadmin 1
+ if $check_proj; then
+ do_facet mgs $LCTL nodemap_modify --name c0 \
+ --property map_mode --value projid
+ wait_nm_sync c0 map_mode
+ fi
+ test_fops trusted_noadmin 1
nodemap_test_cleanup
}
run_test 17 "test nodemap trusted_noadmin fileops"
git://git.whamcloud.com / fs / lustre-release.git / commitdiff