LU-2738 mdt: add proc entry to enable lfs mkdir for non-admin

Add enable_remote_dir_gid to enable lfs mkdir for non-admin user,
1. enable_remote_dir_gid = group, only users, whose gid == group
   can create remote dir.
2. enable_remote_dir_gid = -1, all users can create remote dir.

Signed-off-by: wang di <di.wang@intel.com>
Change-Id: I6605016aa89ef3e2763ca14f94a763685fc689b6
Reviewed-on: http://review.whamcloud.com/5442
Tested-by: Hudson
Reviewed-by: Andreas Dilger <andreas.dilger@intel.com>
Reviewed-by: John Hammond <johnlockwoodhammond@gmail.com>
Tested-by: Maloo <whamcloud.maloo@gmail.com>

diff --git a/lustre/mdt/mdt_handler.c b/lustre/mdt/mdt_handler.c
index 47fedcb..a27a9d3 100644 (file)
--- a/lustre/mdt/mdt_handler.c
+++ b/lustre/mdt/mdt_handler.c
@@ -4683,6 +4683,7 @@ static int mdt_init0(const struct lu_env *env, struct mdt_device *m,
        spin_lock_init(&m->mdt_osfs_lock);
        m->mdt_osfs_age = cfs_time_shift_64(-1000);
        m->mdt_enable_remote_dir = 0;
        spin_lock_init(&m->mdt_osfs_lock);
        m->mdt_osfs_age = cfs_time_shift_64(-1000);
        m->mdt_enable_remote_dir = 0;

+       m->mdt_enable_remote_dir_gid = 0;

 
         m->mdt_md_dev.md_lu_dev.ld_ops = &mdt_lu_ops;
         m->mdt_md_dev.md_lu_dev.ld_obd = obd;
 
         m->mdt_md_dev.md_lu_dev.ld_ops = &mdt_lu_ops;
         m->mdt_md_dev.md_lu_dev.ld_obd = obd;

diff --git a/lustre/mdt/mdt_internal.h b/lustre/mdt/mdt_internal.h
index a0c047f..d8f869d 100644 (file)
--- a/lustre/mdt/mdt_internal.h
+++ b/lustre/mdt/mdt_internal.h
@@ -161,8 +161,10 @@ struct mdt_device {
         struct lustre_capa_key     mdt_capa_keys[2];
        unsigned int               mdt_capa_conf:1,
                                   mdt_som_conf:1,
         struct lustre_capa_key     mdt_capa_keys[2];
        unsigned int               mdt_capa_conf:1,
                                   mdt_som_conf:1,

+                                  /* Enable remote dir on non-MDT0 */

                                   mdt_enable_remote_dir:1;
 
                                   mdt_enable_remote_dir:1;
 

+       gid_t                      mdt_enable_remote_dir_gid;

        /* statfs optimization: we cache a bit  */
        struct obd_statfs          mdt_osfs;
        __u64                      mdt_osfs_age;
        /* statfs optimization: we cache a bit  */
        struct obd_statfs          mdt_osfs;
        __u64                      mdt_osfs_age;

diff --git a/lustre/mdt/mdt_lproc.c b/lustre/mdt/mdt_lproc.c
index d922f6e..e9163cc 100644 (file)
--- a/lustre/mdt/mdt_lproc.c
+++ b/lustre/mdt/mdt_lproc.c
@@ -973,6 +973,33 @@ static int lprocfs_wr_enable_remote_dir(struct file *file, const char *buffer,
        return count;
 }
 
        return count;
 }
 

+static int lprocfs_rd_enable_remote_dir_gid(char *page, char **start, off_t off,
+                                           int count, int *eof, void *data)
+{
+       struct obd_device *obd = data;
+       struct mdt_device *mdt = mdt_dev(obd->obd_lu_dev);
+
+       return snprintf(page, count, "%d\n",
+                       (int)mdt->mdt_enable_remote_dir_gid);
+}
+
+static int lprocfs_wr_enable_remote_dir_gid(struct file *file,
+                                           const char *buffer,
+                                           unsigned long count, void *data)
+{
+       struct obd_device *obd = data;
+       struct mdt_device *mdt = mdt_dev(obd->obd_lu_dev);
+       __u32 val;
+       int rc;
+
+       rc = lprocfs_write_helper(buffer, count, &val);
+       if (rc)
+               return rc;
+
+       mdt->mdt_enable_remote_dir_gid = val;
+       return count;
+}
+

 static struct lprocfs_vars lprocfs_mdt_obd_vars[] = {
         { "uuid",                       lprocfs_rd_uuid,                 0, 0 },
         { "recovery_status",            lprocfs_obd_rd_recovery_status,  0, 0 },
 static struct lprocfs_vars lprocfs_mdt_obd_vars[] = {
         { "uuid",                       lprocfs_rd_uuid,                 0, 0 },
         { "recovery_status",            lprocfs_obd_rd_recovery_status,  0, 0 },


@@ -1012,7 +1039,9 @@ static struct lprocfs_vars lprocfs_mdt_obd_vars[] = {
                                        lprocfs_wr_job_interval, 0 },
        { "enable_remote_dir",          lprocfs_rd_enable_remote_dir,
                                        lprocfs_wr_enable_remote_dir,       0},
                                        lprocfs_wr_job_interval, 0 },
        { "enable_remote_dir",          lprocfs_rd_enable_remote_dir,
                                        lprocfs_wr_enable_remote_dir,       0},

-        { 0 }
+       { "enable_remote_dir_gid",      lprocfs_rd_enable_remote_dir_gid,
+                                       lprocfs_wr_enable_remote_dir_gid,   0},
+       { 0 }

 };
 
 static struct lprocfs_vars lprocfs_mdt_module_vars[] = {
 };
 
 static struct lprocfs_vars lprocfs_mdt_module_vars[] = {

diff --git a/lustre/mdt/mdt_reint.c b/lustre/mdt/mdt_reint.c
index 6bb72b1..bed481a 100644 (file)
--- a/lustre/mdt/mdt_reint.c
+++ b/lustre/mdt/mdt_reint.c
@@ -311,10 +311,17 @@ static int mdt_md_create(struct mdt_thread_info *info)
                        struct lu_ucred *uc  = mdt_ucred(info);
 
                        if (!md_capable(uc, CFS_CAP_SYS_ADMIN)) {
                        struct lu_ucred *uc  = mdt_ucred(info);
 
                        if (!md_capable(uc, CFS_CAP_SYS_ADMIN)) {

-                               CERROR("%s: Creating remote dir is only "
-                                      "permitted for administrator: rc = %d\n",
-                                       mdt2obd_dev(mdt)->obd_name, -EPERM);
-                               GOTO(out_put_child, rc = -EPERM);
+                               if (uc->uc_gid !=
+                                   mdt->mdt_enable_remote_dir_gid &&
+                                   mdt->mdt_enable_remote_dir_gid != -1) {
+                                       CERROR("%s: Creating remote dir is only"
+                                              " permitted for administrator or"
+                                              " set mdt_enable_remote_dir_gid:"
+                                              " rc = %d\n",
+                                               mdt2obd_dev(mdt)->obd_name,
+                                               -EPERM);
+                                       GOTO(out_put_child, rc = -EPERM);
+                               }

                        }
 
                        ss = mdt_seq_site(mdt);
                        }
 
                        ss = mdt_seq_site(mdt);

diff --git a/lustre/tests/sanity.sh b/lustre/tests/sanity.sh
index 21ba77b..6ab66ad 100644 (file)
--- a/lustre/tests/sanity.sh
+++ b/lustre/tests/sanity.sh
@@ -10757,7 +10757,20 @@ test_230b() {
        [ $rc -ne 0 ] &&
           error "create remote directory failed after set enable_remote_dir"
 
        [ $rc -ne 0 ] &&
           error "create remote directory failed after set enable_remote_dir"
 

-       rm -r $DIR/$tdir || error "unlink remote directory failed"
+       rm -rf $remote_dir || error "first unlink remote directory failed"
+
+       $RUNAS -G$RUNAS_GID $LFS mkdir -i $MDTIDX $DIR/$tfile &&
+                                                       error "chown worked"
+
+       do_facet mds$MDTIDX lctl set_param \
+                               mdt.*.enable_remote_dir_gid=$RUNAS_GID
+       $LFS mkdir -i $MDTIDX $remote_dir || rc=$?
+       do_facet mds$MDTIDX lctl set_param mdt.*.enable_remote_dir_gid=0
+
+       [ $rc -ne 0 ] &&
+          error "create remote dir failed after set enable_remote_dir_gid"
+
+       rm -r $DIR/$tdir || error "second unlink remote directory failed"

 }
 run_test 230b "nested remote directory should be failed"
 
 }
 run_test 230b "nested remote directory should be failed"