Date: Thu, 27 Feb 2020 17:30:39 -0800 From: Luoqi Chen <luoqi.chen@gmail.com> To: Alan Batie <alan@peak.org> Cc: freebsd-fs <freebsd-fs@freebsd.org> Subject: Re: Linux could write to read only files on FreeBSD NFS server Message-ID: <CAHJqQjue6jWy4ceOqPUZn9sfEQ7=7bXyoxJ6O%2BE6NU-%2BshG4Bg@mail.gmail.com> In-Reply-To: <751dcbf4-9cd6-0d6f-a9d9-38615966cf9d@peak.org> References: <CAHJqQjuEVpL4xV1dAf6scFqFfMNm1gY3jOaO64ZQJTCQi_qzcQ@mail.gmail.com> <707243CD-C67E-4DAD-AC5A-68EC11CFFDFD@lysator.liu.se> <6EC06026-DA28-4CAC-8D56-5C7856D4625E@lysator.liu.se> <YTBPR01MB3374713F573B548791A22F98DDEB0@YTBPR01MB3374.CANPRD01.PROD.OUTLOOK.COM> <CAHJqQjsP-w9LAS4AV64Pu9Jmv0kVFodKdT_jLUcyop3sNVh_EA@mail.gmail.com> <d73aea39-c5c2-e8ce-3745-bfd49fd69664@peak.org> <CAHJqQjtLA9sFgczxC3xRZVXj6QzK-xLyz-R_L5y68vq8bw=xEg@mail.gmail.com> <751dcbf4-9cd6-0d6f-a9d9-38615966cf9d@peak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 27, 2020 at 3:40 PM Alan Batie <alan@peak.org> wrote: > On 2/27/20 3:31 PM, Luoqi Chen wrote: > > > Yes, except to leave the read bit(s) on. I can confirm that the write > would > > fail on centos 6/7/8 if all bits are cleared. > > > > That makes no difference: > > <zmail03-admin.peak.org> [117] $ sh -x ~/nfst > + cat /etc/redhat-release > CentOS release 6.10 (Final) > + df . > Filesystem 1K-blocks Used Available Use% Mounted on > zbackups02.peak.org:/zbackups/zmail03-admin > 5027215872 91682304 4935533568 2% /zbackups > + rm -f x > + touch x > + chmod 444 x > + ls -l x > -r--r--r--. 1 alan root 0 Feb 27 15:38 x > + echo foo > /home/alan/nfst: line 9: x: Permission denied > + cat x > <zmail03-admin.peak.org> [118] $ > > Sorry, my mistake, the read bit didn't matter, I mistook the error message from `cat x` as the echo failure, which I didn't get but you did, c1n7-154> sh -x rotest.sh + cat /etc/redhat-release CentOS release 6.5 (Final) + uname -a Linux c1n7 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux + mount ++ df . ++ cut '-d ' -f1 ++ tail -1 + grep c1n5:/data c1n5:/data on /net/c1n5/data type nfs (rw,nosuid,nodev,intr,sloppy,vers=4,addr=10.201.2.5,clientaddr=10.201.2.7) + rm -f x + touch x + ls -l x -rw-r--r--. 1 luoqi wheel 0 Feb 27 17:17 x + chmod 0444 x + ls -l x -r--r--r--. 1 luoqi wheel 0 Feb 27 17:17 x + echo aaa + cat x aaa + rm -f x + touch x + ls -l x -rw-r--r--. 1 luoqi wheel 0 Feb 27 17:17 x + chmod 0 x + ls -l x ----------. 1 luoqi wheel 0 Feb 27 17:17 x + echo bbb + cat x cat: x: Permission denied Another linux machine with the latest centos, same outcome, c1n14-314> sh -x rotest.sh + cat /etc/redhat-release CentOS Linux release 8.1.1911 (Core) + uname -a Linux c1n14 4.18.0-147.el8.x86_64 #1 SMP Wed Dec 4 21:51:45 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux + mount ++ df . ++ tail -1 ++ cut '-d ' -f1 + grep c1n5:/data c1n5:/data on /net/c1n5/data type nfs4 (rw,nosuid,nodev,relatime,vers=4.1,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=10.201.2.14,local_lock=none,addr=10.201.2.5) + rm -f x + touch x + ls -l x -rw-r--r--. 1 luoqi wheel 0 Feb 27 17:15 x + chmod 0444 x + ls -l x -r--r--r--. 1 luoqi wheel 0 Feb 27 17:15 x + echo aaa + cat x aaa + rm -f x + touch x + ls -l x -rw-r--r--. 1 luoqi wheel 0 Feb 27 17:15 x + chmod 0 x + ls -l x ----------. 1 luoqi wheel 0 Feb 27 17:15 x + echo bbb + cat x cat: x: Permission denied The freebsd server is running, c1n5-45> uname -a FreeBSD c1n5 12.1-RELEASE-p1 FreeBSD 12.1-RELEASE-p1 GENERIC amd64
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAHJqQjue6jWy4ceOqPUZn9sfEQ7=7bXyoxJ6O%2BE6NU-%2BshG4Bg>