[pve-devel] [PATCH] implement chown and chmod for user root group www-data and perm 0640

Stefan Priebe s.priebe at profihost.ag
Thu Mar 9 20:17:56 CET 2017


This allows us to use management software for files inside of /etc/pve.
f.e. saltstack which rely on being able to set uid,gid and chmod

Signed-off-by: Stefan Priebe <s.priebe at profihost.ag>
---
 data/src/pmxcfs.c | 33 ++++++++++++++++++++++++++++++++-
 1 file changed, 32 insertions(+), 1 deletion(-)

diff --git a/data/src/pmxcfs.c b/data/src/pmxcfs.c
index 1b6cbcc..1204331 100644
--- a/data/src/pmxcfs.c
+++ b/data/src/pmxcfs.c
@@ -186,6 +186,35 @@ ret:
 	return ret;
 }
 
+static int cfs_fuse_chmod(const char *path, mode_t mode)
+{
+	int ret = -EACCES;
+
+	cfs_debug("enter cfs_fuse_chmod %s", path);
+
+	// asserts 0640, but allows setting UID and GID - some programs need that
+	if ((mode & ACCESSPERMS) == (S_IRUSR | S_IWUSR | S_IRGRP))
+		ret = 0;
+
+	cfs_debug("leave cfs_fuse_chmod %s (%d) mode: %o", path, ret, (int)mode);
+
+	return ret;
+}
+
+static int cfs_fuse_chown(const char *path, uid_t user, gid_t group)
+{
+	int ret = -EACCES;
+
+	cfs_debug("enter cfs_fuse_chown %s", path);
+
+	if (user == 0 && group == cfs.gid)
+		ret = 0;
+
+	cfs_debug("leave cfs_fuse_chown %s (%d)", path, ret);
+
+	return ret;
+}
+
 static int cfs_fuse_mkdir(const char *path, mode_t mode)
 {
 	cfs_debug("enter cfs_fuse_mkdir %s", path);
@@ -488,7 +517,9 @@ static struct fuse_operations fuse_ops = {
 	.readlink = cfs_fuse_readlink,
 	.utimens = cfs_fuse_utimens,
 	.statfs = cfs_fuse_statfs,
-	.init = cfs_fuse_init
+	.init = cfs_fuse_init,
+	.chown = cfs_fuse_chown,
+	.chmod = cfs_fuse_chmod
 };
 
 static char *
-- 
2.1.4




More information about the pve-devel mailing list