From owner-freebsd-fs@freebsd.org Thu Feb 27 18:40:24 2020 Return-Path: Delivered-To: freebsd-fs@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 8C3B024A29B for ; Thu, 27 Feb 2020 18:40:24 +0000 (UTC) (envelope-from jdelisle@gmail.com) Received: from mail-il1-x133.google.com (mail-il1-x133.google.com [IPv6:2607:f8b0:4864:20::133]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48T1gp3z3Dz4Pc4 for ; Thu, 27 Feb 2020 18:40:22 +0000 (UTC) (envelope-from jdelisle@gmail.com) Received: by mail-il1-x133.google.com with SMTP id s18so508557iln.0 for ; Thu, 27 Feb 2020 10:40:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=JQadNLR+TXJhWRO0EgYjVHOgJDrhG8L13dWsumrJWpY=; b=kJC8G1eafEDHt8Hx2HRe6v3GN2ty98mRXISSR28uA36DupTSER3OJFyERoS7zSIdny b7L2EzuDYId0xSdG1tHVha8hPcwOD5ayWw1lziQq1v5iD4Eb0wansE8M4Iaix5TBfbkk mDkCDJj3qrQ1fUecHQYb/td1MhzOY3D6kyWK8rUse0VlGempkoUsZJ/zFNZ1ImCDeQBh mTyq99abpHVRogLkwejA1oom9b+rndlQ+vWSJ4Ro6ytt7KdcR4sHOo5uDu4bTl5KUIV1 IDZml08LORjVx2fWqfDg/yjXWtkPbsKXrLHa3CS3Jkfj2Z+/B3k9mxEGIKoOCFQ+9QcI bjeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=JQadNLR+TXJhWRO0EgYjVHOgJDrhG8L13dWsumrJWpY=; b=SlKhqFUn4x1q2XqC3S7061emYwOcJTPdId+2tJ6dWt/ff4QCRjKNVE4Fmo+ESFmOVB sRiNM4RNb1OyYQxee387kJSv+QSxDtaYhokTWIMQZViIIfnVwAczEYWQy7Pf5t5PbD5/ oSVVtER8gSprRqKppy2S2kom2c3oe8QuI7JnSSa1NJXss9CSuuum3iI/MBQdtxG3mJi6 xYdwUc1v1OhzPUuWt0YMcSr35RuTQ9RNPRFjoedR62mgdQxhfVKaA+F0OjPnKGanC+7A 6qaLZZPa5oSwTckjyuJw7CEix5bbX7DERwcjIijm6KfFNRT2PU0qhDvdJsOMWwsQ7VtF yhPw== X-Gm-Message-State: APjAAAXaxIMGRtYGAvvNg5xy2AncMP4yPE4j5J3divabuTTAUU3JsLyI sq2FK1mgZqyF5USM0lLdlB/s2gRbJyAhsII4BzQ= X-Google-Smtp-Source: APXvYqwpBXkdUjnGtLMhzj7477g6SptOVtOAy6HAM4KTT6IXBkgTrYjIDKv9d2dF5PQHvebQFxFVR2kBfUnPnXqKUnc= X-Received: by 2002:a92:8547:: with SMTP id f68mr726685ilh.26.1582828819689; Thu, 27 Feb 2020 10:40:19 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: jdelisle Date: Thu, 27 Feb 2020 12:40:08 -0600 Message-ID: Subject: Re: Linux could write to read only files on FreeBSD NFS server To: Luoqi Chen Cc: freebsd-fs X-Rspamd-Queue-Id: 48T1gp3z3Dz4Pc4 X-Spamd-Bar: - Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=kJC8G1ea; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of jdelisle@gmail.com designates 2607:f8b0:4864:20::133 as permitted sender) smtp.mailfrom=jdelisle@gmail.com X-Spamd-Result: default: False [-2.00 / 15.00]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; URI_COUNT_ODD(1.00)[3]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; FREEMAIL_TO(0.00)[gmail.com]; FROM_EQ_ENVFROM(0.00)[]; IP_SCORE(0.00)[ip: (-8.43), ipnet: 2607:f8b0::/32(-1.88), asn: 15169(-1.67), country: US(-0.05)]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; TAGGED_RCPT(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-fs@freebsd.org]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; IP_SCORE_FREEMAIL(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[3.3.1.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Feb 2020 18:40:24 -0000 I feel like this is missing a lot of important information needed to answer your question. What's your NFS mount command? What user are you running that script as? What do the permissions look like on the NFS server side? What does your NFS export look like? etc.. On Thu, Feb 27, 2020 at 11:42 AM Luoqi Chen wrote: > Hi, > > This was actually a pretty old problem, I noticed it a few years back and > have been monitoring it when I upgrade the os on either the linux or the > freebsd side -- it's still present between the latest centos and freebsd as > of today. I meant to look into this issue myself, but had never found time > for it, that's why I'm writing to this list, maybe it's a known problem or > someone's willing to spend some time on it. > > And here you go, the problem, > > % cat ~/rotest.sh > #!/bin/sh > cp /dev/null x > getfacl x > chmod -w x > getfacl x > echo aaa >> x > echo status $? > cat x > rm -f x > % sh ~/rotest.sh > # file: x > # owner: luoqi > # group: wheel > user::rw- > group::r-- > other::r-- > > # file: x > # owner: luoqi > # group: wheel > user::r-- > group::r-- > other::r-- > > status 0 > aaa > > The script was run on a centos inside a directory nfs mounted from a > freebsd. The append would fail for a centos/centos or a freebsd/freebsd > combo. It's very easy to reproduce, it doesn't depend on any specific > centos or freebsd version, nor on nfs version 3 or 4, nor on underlying > file system ffs or zfs. > > -luoqi > _______________________________________________ > freebsd-fs@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-fs > To unsubscribe, send any mail to "freebsd-fs-unsubscribe@freebsd.org" >