[Kernel-packages] [Bug 1665921] [NEW] OverlayFS with readonly NFS lower layer. Operation not supported for non-root files.

kvaps Sat, 18 Feb 2017 11:36:08 -0800

Public bug reported:

Step to reproduse:


    - Crete dircetory with other directories and files.
    - Chown some files in this directory, set any non-root permissions.
    - Export nfs share with 'ro' permissions.
    - Mount nfs share.
    - Mount ovrelayfs with nfs as lowerdir
    - Try to read theese non-root files or directories:

Example for overlay mount:

    # ls -l /var/lib/libvirt
    total 16
    drwx--x--x 2 root         root 4096 Oct 10 07:33 boot
    drwx--x--x 2 root         root 4096 Oct 10 07:33 images
    drwxr-x--- 3 libvirt-qemu kvm  4096 Jan 11 21:49 qemu
    drwx------ 2 root         root 4096 Oct 10 07:33 sanlock

    # ls -l /var/lib/libvirt/qemu/
    ls: cannot open directory '/var/lib/libvirt/qemu/': Operation not supported

And for nfs mount:

    # ls -l /rofs/var/lib/libvirt
    total 16
    drwx--x--x 2 root         root 4096 Oct 10 07:33 boot
    drwx--x--x 2 root         root 4096 Oct 10 07:33 images
    drwxr-x--- 3 libvirt-qemu kvm  4096 Jan 11 21:49 qemu
    drwx------ 2 root         root 4096 Oct 10 07:33 sanlock

    # ls -l /rofs/var/lib/libvirt/qemu/
    total 4
    drwxr-xr-x 3 root root 4096 Jan 11 21:49 channel

If I reset permission, it helps:

    # chown libvirt-qemu:kvm /var/lib/libvirt/qemu
    # ls -l /var/lib/libvirt/qemu/
    total 4
    drwxr-xr-x 3 root root 4096 Jan 11 21:49 channel

My mounts (from /proc/mounts)

    192.168.101.61:/data/opt/ltsp/amd64 /rofs nfs 
ro,relatime,vers=3,rsize=1048576,wsize=1048576,namlen=255,hard,nolock,proto=tcp,port=2049,timeo=7,retrans=10,sec=sys,local_lock=all,addr=192.168.101.61
 0 0
    overlay / overlay 
rw,relatime,lowerdir=/rofs,upperdir=/cow/up,workdir=/cow/work 0 0

I tested it nfs3 and nfs4 mount, with this kenels:

    # uname -a
    Linux controller03 4.4.0-62-generic #83-Ubuntu SMP Wed Jan 18 14:10:15 UTC 
2017 x86_64 x86_64 x86_64 GNU/Linux
    
    # uname -a
    Linux m1c18n1 4.8.0-36-generic #36~16.04.1-Ubuntu SMP Sun Feb 5 09:39:57 
UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

** Affects: linux (Ubuntu)
     Importance: Undecided
         Status: Incomplete

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1665921

Title:
  OverlayFS with readonly NFS lower layer. Operation not supported for
  non-root files.

Status in linux package in Ubuntu:
  Incomplete

Bug description:
  Step to reproduse:

      - Crete dircetory with other directories and files.
      - Chown some files in this directory, set any non-root permissions.
      - Export nfs share with 'ro' permissions.
      - Mount nfs share.
      - Mount ovrelayfs with nfs as lowerdir
      - Try to read theese non-root files or directories:

  Example for overlay mount:

      # ls -l /var/lib/libvirt
      total 16
      drwx--x--x 2 root         root 4096 Oct 10 07:33 boot
      drwx--x--x 2 root         root 4096 Oct 10 07:33 images
      drwxr-x--- 3 libvirt-qemu kvm  4096 Jan 11 21:49 qemu
      drwx------ 2 root         root 4096 Oct 10 07:33 sanlock

      # ls -l /var/lib/libvirt/qemu/
      ls: cannot open directory '/var/lib/libvirt/qemu/': Operation not 
supported

  And for nfs mount:

      # ls -l /rofs/var/lib/libvirt
      total 16
      drwx--x--x 2 root         root 4096 Oct 10 07:33 boot
      drwx--x--x 2 root         root 4096 Oct 10 07:33 images
      drwxr-x--- 3 libvirt-qemu kvm  4096 Jan 11 21:49 qemu
      drwx------ 2 root         root 4096 Oct 10 07:33 sanlock

      # ls -l /rofs/var/lib/libvirt/qemu/
      total 4
      drwxr-xr-x 3 root root 4096 Jan 11 21:49 channel

  If I reset permission, it helps:

      # chown libvirt-qemu:kvm /var/lib/libvirt/qemu
      # ls -l /var/lib/libvirt/qemu/
      total 4
      drwxr-xr-x 3 root root 4096 Jan 11 21:49 channel

  My mounts (from /proc/mounts)

      192.168.101.61:/data/opt/ltsp/amd64 /rofs nfs 
ro,relatime,vers=3,rsize=1048576,wsize=1048576,namlen=255,hard,nolock,proto=tcp,port=2049,timeo=7,retrans=10,sec=sys,local_lock=all,addr=192.168.101.61
 0 0
      overlay / overlay 
rw,relatime,lowerdir=/rofs,upperdir=/cow/up,workdir=/cow/work 0 0

  I tested it nfs3 and nfs4 mount, with this kenels:

      # uname -a
      Linux controller03 4.4.0-62-generic #83-Ubuntu SMP Wed Jan 18 14:10:15 
UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
      
      # uname -a
      Linux m1c18n1 4.8.0-36-generic #36~16.04.1-Ubuntu SMP Sun Feb 5 09:39:57 
UTC 2017 x86_64 x86_64 x86_64 GNU/Linux

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1665921/+subscriptions

-- 
Mailing list: https://launchpad.net/~kernel-packages
Post to     : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help   : https://help.launchpad.net/ListHelp

[Kernel-packages] [Bug 1665921] [NEW] OverlayFS with readonly NFS lower layer. Operation not supported for non-root files.

Reply via email to