|
 |
e7a346 |
From 73b0dc833716484cba04b46fe0d645975dba44db Mon Sep 17 00:00:00 2001
|
|
|
e7a346 |
From: Mohammed Rafi KC <rkavunga@redhat.com>
|
|
|
e7a346 |
Date: Mon, 26 Mar 2018 20:27:34 +0530
|
|
|
e7a346 |
Subject: [PATCH 240/260] shared storage: Prevent mounting shared storage from
|
|
|
e7a346 |
non-trusted client
|
|
|
e7a346 |
|
|
|
e7a346 |
gluster shared storage is a volume used for internal storage for
|
|
|
e7a346 |
various features including ganesha, geo-rep, snapshot.
|
|
|
e7a346 |
|
|
|
e7a346 |
So this volume should not be exposed to the client, as it is
|
|
|
e7a346 |
a special volume for internal use.
|
|
|
e7a346 |
|
|
|
e7a346 |
This fix wont't generate non trusted volfile for shared storage volume.
|
|
|
e7a346 |
|
|
|
e7a346 |
backport of https://review.gluster.org/#/c/19920/
|
|
|
e7a346 |
|
|
|
e7a346 |
>Change-Id: I8ffe30ae99ec05196d75466210b84db311611a4c
|
|
|
e7a346 |
>updates: bz#1570432
|
|
|
e7a346 |
>Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
|
|
|
e7a346 |
|
|
|
e7a346 |
Change-Id: Ic540b983bcc53a783fda7ca7a283a9ab48d9eeb7
|
|
|
e7a346 |
BUG: 1568969
|
|
|
e7a346 |
Signed-off-by: Mohammed Rafi KC <rkavunga@redhat.com>
|
|
|
e7a346 |
Reviewed-on: https://code.engineering.redhat.com/gerrit/136708
|
|
|
e7a346 |
Tested-by: RHGS Build Bot <nigelb@redhat.com>
|
|
|
e7a346 |
Reviewed-by: Atin Mukherjee <amukherj@redhat.com>
|
|
|
e7a346 |
---
|
|
|
e7a346 |
xlators/mgmt/glusterd/src/glusterd-volgen.c | 21 +++++++++++++++++++++
|
|
|
e7a346 |
1 file changed, 21 insertions(+)
|
|
|
e7a346 |
|
|
|
e7a346 |
diff --git a/xlators/mgmt/glusterd/src/glusterd-volgen.c b/xlators/mgmt/glusterd/src/glusterd-volgen.c
|
|
|
e7a346 |
index 0e287b6..1c43f24 100644
|
|
|
e7a346 |
--- a/xlators/mgmt/glusterd/src/glusterd-volgen.c
|
|
|
e7a346 |
+++ b/xlators/mgmt/glusterd/src/glusterd-volgen.c
|
|
|
e7a346 |
@@ -5828,6 +5828,7 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
|
|
|
e7a346 |
int i = 0;
|
|
|
e7a346 |
int ret = -1;
|
|
|
e7a346 |
char filepath[PATH_MAX] = {0,};
|
|
|
e7a346 |
+ char *volname = NULL;
|
|
|
e7a346 |
char *types[] = {NULL, NULL, NULL};
|
|
|
e7a346 |
dict_t *dict = NULL;
|
|
|
e7a346 |
xlator_t *this = NULL;
|
|
|
e7a346 |
@@ -5835,6 +5836,26 @@ generate_client_volfiles (glusterd_volinfo_t *volinfo,
|
|
|
e7a346 |
|
|
|
e7a346 |
this = THIS;
|
|
|
e7a346 |
|
|
|
e7a346 |
+ volname = volinfo->is_snap_volume ?
|
|
|
e7a346 |
+ volinfo->parent_volname : volinfo->volname;
|
|
|
e7a346 |
+
|
|
|
e7a346 |
+
|
|
|
e7a346 |
+ if (volname && !strcmp (volname, GLUSTER_SHARED_STORAGE) &&
|
|
|
e7a346 |
+ client_type != GF_CLIENT_TRUSTED) {
|
|
|
e7a346 |
+ /*
|
|
|
e7a346 |
+ * shared storage volume cannot be mounted from non trusted
|
|
|
e7a346 |
+ * nodes. So we are not creating volfiles for non-trusted
|
|
|
e7a346 |
+ * clients for shared volumes as well as snapshot of shared
|
|
|
e7a346 |
+ * volumes.
|
|
|
e7a346 |
+ */
|
|
|
e7a346 |
+
|
|
|
e7a346 |
+ ret = 0;
|
|
|
e7a346 |
+ gf_msg_debug ("glusterd", 0, "Skipping the non-trusted volfile"
|
|
|
e7a346 |
+ "creation for shared storage volume. Volume %s",
|
|
|
e7a346 |
+ volname);
|
|
|
e7a346 |
+ goto out;
|
|
|
e7a346 |
+ }
|
|
|
e7a346 |
+
|
|
|
e7a346 |
enumerate_transport_reqs (volinfo->transport_type, types);
|
|
|
e7a346 |
dict = dict_new ();
|
|
|
e7a346 |
if (!dict)
|
|
|
e7a346 |
--
|
|
|
e7a346 |
1.8.3.1
|
|
|
e7a346 |
|