if (unlikely(nodemap == NULL))
goto out;
- if (id == 0) {
+ if (id_type != NODEMAP_PROJID && id == 0) {
+ /* root id is mapped and offset just as the other ids. This
+ * means root cannot remain root as soon as offset is defined.
+ */
if (nodemap->nmf_allow_root_access)
- goto out;
+ goto offset;
goto map;
}
GOTO(out, found_id);
if (tree_type == NODEMAP_FS_TO_CLIENT) {
+ if (found_id < offset_start) {
+ /* If we are outside boundaries, try to squash before
+ * offsetting, and return unmapped otherwise.
+ */
+ if (!attempted_squash)
+ GOTO(squash, found_id);
+
+ CDEBUG(D_SEC,
+ "%s: squash_id for type %u is below nodemap start %u, use unmapped value %u\n",
+ nodemap->nm_name, id_type, offset_start,
+ found_id);
+ GOTO(out, found_id);
+ }
found_id -= offset_start;
} else {
- if (found_id >= offset_limit && !attempted_squash)
- GOTO(squash, found_id);
-
- if (attempted_squash) {
- CERROR("%s: squash_id for type %u is outside nodemap limit %u, use unmapped value %u\n",
+ if (found_id >= offset_limit) {
+ /* If we are outside boundaries, try to squash before
+ * offsetting, and return unmapped otherwise.
+ */
+ if (!attempted_squash)
+ GOTO(squash, found_id);
+
+ CDEBUG(D_SEC,
+ "%s: squash_id for type %u is outside nodemap limit %u, use unmapped value %u\n",
nodemap->nm_name, id_type, offset_limit,
found_id);
GOTO(out, found_id);
* Check if nodemap allows setting quota.
*
* If nodemap is not active, always allow.
- * For user and group quota, allow if the nodemap allows root access.
+ * For user and group quota, allow if the nodemap allows root access, unless
+ * root is mapped.
* For project quota, allow if project id is not squashed or deny_unknown
* is not set.
*
!(nodemap->nmf_rbac & NODEMAP_RBAC_QUOTA_OPS))
return false;
+ if (nodemap_map_id(nodemap, NODEMAP_UID, NODEMAP_CLIENT_TO_FS, 0) != 0)
+ return false;
+
if (qc_type == PRJQUOTA) {
id = nodemap_map_id(nodemap, NODEMAP_PROJID,
NODEMAP_CLIENT_TO_FS, id);
if (is_default_nodemap(nodemap))
GOTO(out_putref, rc = -EINVAL);
+ if (!allow_op_on_nm(nodemap))
+ GOTO(out_putref, rc = -EPERM);
if (nodemap->nm_offset_start_uid) {
/* nodemap has already offset */
if (is_default_nodemap(nodemap))
GOTO(out_putref, rc = -EINVAL);
+ if (!allow_op_on_nm(nodemap))
+ GOTO(out_putref, rc = -EPERM);
rc = nodemap_del_offset_helper(nodemap);
if (rc == 0)
run_test 27aa "test nodemap idmap range"
test_27ab() { #LU-18109
- local idmap
+ local offset_start=100000
+ local offset_limit=200000
+ local nid=1.1.1.1@tcp777
+ local activedefault
+ local nm1=Test18109
+ local nm2=OffsetTest
+ local squash=65534
+ local id_start=500
+ local expected
local id=500
+ local idmap
local offset
(( MDS1_VERSION > $(version_code 2.16.50.170) )) ||
skip "need MDS > 2.16.50.170 for nodemap range offset"
- do_facet mgs $LCTL nodemap_add Test18109 ||
- error "unable to add Test18109 as nodemap"
- stack_trap "do_facet mgs $LCTL nodemap_del Test18109 || true"
+ do_facet mgs $LCTL nodemap_add $nm1 ||
+ error "unable to add $nm1 as nodemap"
+ stack_trap "do_facet mgs $LCTL nodemap_del $nm1 || true"
- do_facet mgs $LCTL nodemap_add OffsetTest ||
- error "unable to add OffsetTest as nodemap"
- stack_trap "do_facet mgs $LCTL nodemap_del OffsetTest || true"
+ do_facet mgs $LCTL nodemap_add $nm2 ||
+ error "unable to add $nm2 as nodemap"
+ stack_trap "do_facet mgs $LCTL nodemap_del $nm2 || true"
- do_facet mgs $LCTL nodemap_add_offset --name Test18109 \
- --offset 100000 --limit 200000 ||
- error "cannot set offset 100000-299999 for Test18109"
+ do_facet mgs $LCTL nodemap_add_offset --name $nm1 \
+ --offset $offset_start --limit $offset_limit ||
+ error "cannot set offset $offset_start-$((offset_start+offset_limit-1)) for $nm1"
#expected error, invalid offset range supplied
- do_facet mgs $LCTL nodemap_add_offset --name OffsetTest \
- --offset 150000 --limit 100000 &&
- error "cannot set offset 150000-249999 for OffsetTest"
+ do_facet mgs $LCTL nodemap_add_offset --name $nm2 \
+ --offset $((offset_start+50000)) --limit 100000 &&
+ error "setting offset $((offset_start+50000))-249999 on $nm2 should fail"
- do_facet mgs $LCTL nodemap_add_idmap --name Test18109 \
+ do_facet mgs $LCTL nodemap_add_idmap --name $nm1 \
--idtype uid --idmap 500-509:0-9 ||
error "unable to add idmap range 500-509:0-9"
- idmap=$(do_facet mgs $LCTL get_param nodemap.Test18109.idmap |
+ idmap=$(do_facet mgs $LCTL get_param nodemap.$nm1.idmap |
grep idtype)
while IFS= read -r idmap; do
if (( $id <= 509 )); then
((id++))
done < <(echo "$idmap")
- do_facet mgs $LCTL nodemap_del_idmap --name Test18109 \
+ do_facet mgs $LCTL nodemap_add_range --name $nm1 --range $nid ||
+ error "Add range $nid to $nm1 failed"
+ do_facet mgs $LCTL nodemap_modify --name $nm1 \
+ --property admin --value 1 ||
+ error "Setting admin=1 on $nm1 failed"
+ do_facet mgs $LCTL nodemap_modify --name $nm1 \
+ --property trusted --value 1 ||
+ error "Setting trusted=1 on $nm1 failed"
+ do_facet mgs $LCTL nodemap_modify --name $nm1 \
+ --property squash_uid --value $squash ||
+ error "Setting squash_uid=$squash on $nm1 failed"
+ do_facet mgs $LCTL nodemap_modify --name $nm1 \
+ --property squash_gid --value $squash ||
+ error "Setting squash_gid=$squash on $nm1 failed"
+
+ activedefault=$(do_facet mgs $LCTL get_param -n nodemap.active)
+ if ((activedefault != 1)); then
+ do_facet mgs $LCTL nodemap_activate 1
+ wait_nm_sync active
+ stack_trap cleanup_active EXIT
+ fi
+
+ if (( MDS1_VERSION >= $(version_code 2.16.51.45) )); then
+ # with admin=1, we expect root to be offset
+ id=0
+ expected=$offset_start
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype uid --id $id)
+ ((idmap == expected)) ||
+ error "uid $id should be mapped to $expected"
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype gid --id $id)
+ ((idmap == expected)) ||
+ error "gid $id should be mapped to $expected"
+ # with trusted=1, we expect ids to be offset
+ id=$((id_start+1))
+ expected=$((offset_start+id_start+1))
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype uid --id $id)
+ ((idmap == expected)) ||
+ error "uid $id should be mapped to $expected"
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype gid --id $id)
+ ((idmap == expected)) ||
+ error "gid $id should be mapped to $expected"
+
+ do_facet mgs $LCTL nodemap_modify --name $nm1 \
+ --property trusted --value 0 ||
+ error "Setting trusted=0 on $nm1 failed"
+
+ # with trusted=0, we expect uid to be mapped+offset,
+ # gid to be squashed+offset
+ expected=$((offset_start+1))
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype uid --id $id)
+ ((idmap == expected)) ||
+ error "uid $id should be mapped to $expected"
+ expected=$((offset_start+squash))
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype gid --id $id)
+ ((idmap == expected)) ||
+ error "gid $id should be mapped to $expected"
+
+ do_facet mgs $LCTL nodemap_modify --name $nm1 \
+ --property admin --value 0 ||
+ error "Setting admin=0 on $nm1 failed"
+
+ # with admin=0, we expect root to be squashed+offset
+ id=0
+ expected=$((offset_start+squash))
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype uid --id $id)
+ ((idmap == expected)) ||
+ error "uid $id should be mapped to $expected"
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype gid --id $id)
+ ((idmap == expected)) ||
+ error "gid $id should be mapped to $expected"
+
+ do_facet mgs $LCTL nodemap_modify --name $nm1 \
+ --property admin --value 1 ||
+ error "Setting admin=1 on $nm1 failed"
+ do_facet mgs $LCTL nodemap_modify --name $nm1 \
+ --property trusted --value 1 ||
+ error "Setting trusted=1 on $nm1 failed"
+ fi
+
+ do_facet mgs $LCTL nodemap_del_idmap --name $nm1 \
--idtype uid --idmap 500-509:0 ||
error "cannot delete idmap range 500-509:0"
#expected error, invalid secondary range supplied
- do_facet mgs $LCTL nodemap_add --name Test18109 \
+ do_facet mgs $LCTL nodemap_add --name $nm1 \
--idtype uid --idmap 500-509:200000-200010 &&
error "Invalid range 200000-200010 was supplied"
- (( $(do_facet mgs $LCTL get_param nodemap.Test18109.idmap |
+ (( $(do_facet mgs $LCTL get_param nodemap.$nm1.idmap |
grep -c idtype) == 0 )) ||
error "invalid range 200000-200010 supplied and passed"
- offset=$(do_facet mgs $LCTL get_param nodemap.Test18109.offset |
+ offset=$(do_facet mgs $LCTL get_param nodemap.$nm1.offset |
grep start_uid)
- [[ "$offset" == *"start_uid: 100000"* ]] ||
- error "expected start_uid of 100000 not found before remounting"
+ [[ "$offset" == *"start_uid: $offset_start"* ]] ||
+ error "expected start_uid of $offset_start not found before remounting"
- offset=$(do_facet mgs $LCTL get_param nodemap.Test18109.offset |
+ offset=$(do_facet mgs $LCTL get_param nodemap.$nm1.offset |
grep limit_uid)
- [[ "$offset" == *"limit_uid: 200000"* ]] ||
- error "expected limit_uid of 200000 not found before remounting"
+ [[ "$offset" == *"limit_uid: $offset_limit"* ]] ||
+ error "expected limit_uid of $offset_limit not found before remounting"
+
+ if (( MDS1_VERSION >= $(version_code 2.16.51.45) )); then
+ # with admin=1, we expect root to be offset
+ id=0
+ expected=$offset_start
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype uid --id $id)
+ ((idmap == expected)) ||
+ error "uid $id should be mapped to $expected"
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype gid --id $id)
+ ((idmap == expected)) ||
+ error "gid $id should be mapped to $expected"
+ # with trusted=1, we expect ids to be offset
+ id=$((id_start+1))
+ expected=$((offset_start+id_start+1))
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype uid --id $id)
+ ((idmap == expected)) ||
+ error "uid $id should be mapped to $expected"
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype gid --id $id)
+ ((idmap == expected)) ||
+ error "gid $id should be mapped to $expected"
+
+ do_facet mgs $LCTL nodemap_modify --name $nm1 \
+ --property trusted --value 0 ||
+ error "Setting trusted=0 on $nm1 failed"
+
+ # with trusted=0, we expect uid to be squashed+offset
+ expected=$((offset_start+squash))
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype uid --id $id)
+ ((idmap == expected)) ||
+ error "uid $id should be mapped to $expected"
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype gid --id $id)
+ ((idmap == expected)) ||
+ error "gid $id should be mapped to $expected"
+
+ do_facet mgs $LCTL nodemap_modify --name $nm1 \
+ --property admin --value 0 ||
+ error "Setting admin=0 on $nm1 failed"
+
+ # with admin=0, we expect root to be squashed+offset
+ id=0
+ expected=$((offset_start+squash))
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype uid --id $id)
+ ((idmap == expected)) ||
+ error "uid $id should be mapped to $expected"
+ idmap=$(do_facet mgs $LCTL nodemap_test_id --nid $nid \
+ --idtype gid --id $id)
+ ((idmap == expected)) ||
+ error "gid $id should be mapped to $expected"
+ fi
stopall || error "failed to unmount servers"
setupall || error "failed to remount servers"
- offset=$(do_facet mgs $LCTL get_param nodemap.Test18109.offset |
+ offset=$(do_facet mgs $LCTL get_param nodemap.$nm1.offset |
grep start_uid)
- [[ "$offset" == *"start_uid: 100000"* ]] ||
- error "expected start_uid of 100000 not found after remounting"
+ [[ "$offset" == *"start_uid: $offset_start"* ]] ||
+ error "expected start_uid of $offset_start not found after remounting"
- offset=$(do_facet mgs $LCTL get_param nodemap.Test18109.offset |
+ offset=$(do_facet mgs $LCTL get_param nodemap.$nm1.offset |
grep limit_uid)
- [[ "$offset" == *"limit_uid: 200000"* ]] ||
- error "expected limit_uid of 200000 not found after remounting"
+ [[ "$offset" == *"limit_uid: $offset_limit"* ]] ||
+ error "expected limit_uid of $offset_limit not found after remounting"
- do_facet mgs $LCTL nodemap_del_offset --name Test18109 ||
- error "cannot del offset from Test18109"
+ do_facet mgs $LCTL nodemap_del_offset --name $nm1 ||
+ error "cannot del offset from $nm1"
- offset=$(do_facet mgs $LCTL get_param nodemap.Test18109.offset |
+ offset=$(do_facet mgs $LCTL get_param nodemap.$nm1.offset |
grep start_uid)
[[ "$offset" == *"start_uid: 0"* ]] ||
error "expected start_uid 0, found $offset"
- offset=$(do_facet mgs $LCTL get_param nodemap.Test18109.offset |
+ offset=$(do_facet mgs $LCTL get_param nodemap.$nm1.offset |
grep limit_uid)
[[ "$offset" == *"limit_uid: 0"* ]] ||
error "expected limit_uid 0, found $offset"
stopall || error "failed to unmount servers"
setupall || error "failed to remount servers"
- offset=$(do_facet mgs $LCTL get_param nodemap.Test18109.offset |
+ offset=$(do_facet mgs $LCTL get_param nodemap.$nm1.offset |
grep start_uid)
[[ "$offset" == *"start_uid: 0"* ]] ||
error "expected start_uid 0, found $offset after remounting"
- offset=$(do_facet mgs $LCTL get_param nodemap.Test18109.offset |
+ offset=$(do_facet mgs $LCTL get_param nodemap.$nm1.offset |
grep limit_uid)
[[ "$offset" == *"limit_uid: 0"* ]] ||
error "expected limit_uid 0, found $offset after remounting"
- do_facet mgs $LCTL nodemap_del Test18109 ||
- error "failed to remove nodemap Test18109"
+ do_facet mgs $LCTL nodemap_del $nm1 ||
+ error "failed to remove nodemap $nm1"
- do_facet mgs $LCTL nodemap_del OffsetTest ||
- error "failed to remove nodemap OffsetTest"
+ do_facet mgs $LCTL nodemap_del $nm2 ||
+ error "failed to remove nodemap $nm2"
}
run_test 27ab "test nodemap idmap offset"
git://git.whamcloud.com / fs / lustre-release.git / commitdiff