[pve-devel] [PATCH] implement chown and chmod for user root group www-data and perm 0640

Dietmar Maurer dietmar at proxmox.com
Thu Mar 9 17:35:31 CET 2017 

To clarify things: this does not allow to change anything? It just allows
chown class which would result in no change at all?

> On March 9, 2017 at 5:26 PM Stefan Priebe <s.priebe at profihost.ag> wrote:
> 
> 
> This allows us to use management software for files inside of /etc/pve.
> f.e. saltstack which rely on being able to set uid,gid and chmod
> 
> Signed-off-by: Stefan Priebe <s.priebe at profihost.ag>
> ---
>  data/src/pmxcfs.c | 41 ++++++++++++++++++++++++++++++++++++++++-
>  1 file changed, 40 insertions(+), 1 deletion(-)
> 
> diff --git a/data/src/pmxcfs.c b/data/src/pmxcfs.c
> index 1b6cbcc..aa81808 100644
> --- a/data/src/pmxcfs.c
> +++ b/data/src/pmxcfs.c
> @@ -186,6 +186,43 @@ ret:
>  	return ret;
>  }
>  
> +static int cfs_fuse_chmod(const char *path, mode_t mode)
> +{
> +  const mode_t pve_mode = S_IRUSR | S_IWUSR | S_IRGRP;
> +  int mode_i = mode & (S_IRWXU | S_IRWXG | S_IRWXO);
> +  int pve_mode_i = pve_mode & (S_IRWXU | S_IRWXG | S_IRWXO);
> +
> +  cfs_debug("enter cfs_fuse_mode %s", path);
> +  int ret = -ENOSYS;
> +
> +  if (pve_mode_i == mode_i) {
> +    ret = 0;
> +    goto ret;
> +  }
> +
> +  ret:
> +    cfs_debug("leave cfs_fuse_mode %s (%d) mode: %o pve_mode: %o", path, ret,
> mode_i, pve_mode_i);
> +
> +	return ret;
> +}
> +
> +static int cfs_fuse_chown(const char *path, uid_t user, gid_t group)
> +{
> +	cfs_debug("enter cfs_fuse_chown %s", path);
> +
> +	int ret = -ENOSYS;
> +
> +    if (user == 0 && group == cfs.gid) {
> +      ret = 0;
> +      goto ret;
> +    }
> +
> +    ret:
> +      cfs_debug("leave cfs_fuse_chown %s (%d)", path, ret);
> +
> +    return ret;
> +}
> +
>  static int cfs_fuse_mkdir(const char *path, mode_t mode)
>  {
>  	cfs_debug("enter cfs_fuse_mkdir %s", path);
> @@ -488,7 +525,9 @@ static struct fuse_operations fuse_ops = {
>  	.readlink = cfs_fuse_readlink,
>  	.utimens = cfs_fuse_utimens,
>  	.statfs = cfs_fuse_statfs,
> -	.init = cfs_fuse_init
> +	.init = cfs_fuse_init,
> +  .chown = cfs_fuse_chown,
> +  .chmod = cfs_fuse_chmod
>  };
>  
>  static char *
> -- 
> 2.1.4
> 
> _______________________________________________
> pve-devel mailing list
> pve-devel at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel

More information about the pve-devel mailing list