コピーされたファイルは、親ディレクトリのUNIX権限を継承します
環境
NFSv4
問題
- コピーされたファイルは、親ディレクトリのUNIX権限を継承します
- ボリュームのセキュリティ形式:UNIX
- UNIXモードビット:777
- この動作は、特定のNFSクライアントからのみ発生します
- この動作は、NFSv4をマウントに使用している場合にのみ発生します。
- 通常のコピー処理では、クライアントは 属性設定要求をストレージシステムに送信するときにも属性マスク:モードを伝送します
クライアントumask:
000[root@centos-6 home]# ls -l-rw-rw-rw-. 1 nobody nobody 0 May 1 17:29 ff1[root@centos-6 home]#[root@centos-6 home]# cp ff1 ff3[root@centos-6 home]#[root@centos-6 home]# ls -l-rw-rw-rw-. 1 nobody nobody 0 May 1 17:29 ff1-rw-rw-rw-. 1 nobody nobody 0 May 1 17:46 ff339 2023-05-01 17:46:00.956723 client_IP 727 storage_IP 2049 NFS V4 Call (Reply In 40) SETATTR FH: 0x934f8420Opcode: PUTFH (22)FileHandlelength: 32[hash (CRC-32): 0x934f8420][Name: ff3][Full Name: ff3]FileHandle: 010100000000000000000000a0050000103bc406e08f3a800000000000000000Opcode: SETATTR (34)StateID[StateID Hash: 0xafa9]StateID seqid: 0StateID Other: 000000000000000000000000[StateID Other hash: 0x7bd5c66f]Attr mask: 0x00410002 (Mode, Time_Access_Set, Time_Modify_Set)reco_attr: Mode (33)mode: 0666, Name: Unknown, Read permission for owner, Write permission for owner, Read permission for group, Write permission for group, Read permission for others, Write permission for others.... .... .... .... 000. .... .... .... = Name: Unknown (0).... .... .... .... .... 0... .... .... = Set user id on exec: No.... .... .... .... .... .0.. .... .... = Set group id on exec: No.... .... .... .... .... ..0. .... .... = Save swapped text even after use: No.... .... .... .... .... ...1 .... .... = Read permission for owner: Yes.... .... .... .... .... .... 1... .... = Write permission for owner: Yes.... .... .... .... .... .... .0.. .... = Execute permission for owner: No.... .... .... .... .... .... ..1. .... = Read permission for group: Yes.... .... .... .... .... .... ...1 .... = Write permission for group: Yes.... .... .... .... .... .... .... 0... = Execute permission for group: No.... .... .... .... .... .... .... .1.. = Read permission for others: Yes.... .... .... .... .... .... .... ..1. = Write permission for others: Yes.... .... .... .... .... .... .... ...0 = Execute permission for others: Noreco_attr: Time_Access_Set (48)set_it: SET_TO_SERVER_TIME4 (0)reco_attr: Time_Modify_Set (54)set_it: SET_TO_SERVER_TIME4 (0)40 2023-05-01 17:46:00.957332 storage_IP 2049 client_IP 727 NFS V4 Reply (Call In 39) SETATTROpcode: GETATTR (9)reco_attr: Mode (33)mode: 0666, Name: Unknown, Read permission for owner, Write permission for owner, Read permission for group, Write permission for group, Read permission for others, Write permission for others.... .... .... .... 000. .... .... .... = Name: Unknown (0).... .... .... .... .... 0... .... .... = Set user id on exec: No.... .... .... .... .... .0.. .... .... = Set group id on exec: No.... .... .... .... .... ..0. .... .... = Save swapped text even after use: No.... .... .... .... .... ...1 .... .... = Read permission for owner: Yes.... .... .... .... .... .... 1... .... = Write permission for owner: Yes.... .... .... .... .... .... .0.. .... = Execute permission for owner: No.... .... .... .... .... .... ..1. .... = Read permission for group: Yes.... .... .... .... .... .... ...1 .... = Write permission for group: Yes.... .... .... .... .... .... .... 0... = Execute permission for group: No.... .... .... .... .... .... .... .1.. = Read permission for others: Yes.... .... .... .... .... .... .... ..1. = Write permission for others: Yes.... .... .... .... .... .... .... ...0 = Execute permission for others: No- この特殊なケースでは、クライアントは SETATTR要求をストレージシステムに送信する際にAttr mask:Modeを伝送しません。ストレージシステムは 、UNIXモードビット777に従って、新しく作成されたこのファイルb.txtの権限を設定します。
クライアントumask:
022[root@test home]# ls -al /mnt/hometotal 4drwxrwxrwx 2 nobody nobody 4096 Apr 29 14:05 .drwxr-xr-x. 3 root root 17 Apr 28 14:52 ..-rw-r--r-- 1 nobody nobody 0 Apr 29 14:05 a.txt[root@test home]#[root@test home]# cp a.txt b.txt[root@test home]#[root@test home]# ls -al /mnt/hometotal 4drwxrwxrwx 2 nobody nobody 4096 Apr 29 14:06 .drwxr-xr-x. 3 root root 17 Apr 28 14:52 ..-rw-r--r-- 1 nobody nobody 0 Apr 29 14:05 a.txt-rwxrwxrwx 1 nobody nobody 0 Apr 29 14:06 b.txt88 2023-05-02 14:53:31.199089 client_IP 851 storage_IP 2049 NFS V4 Call (Reply In 89) SETATTR FH: 0x0d291f7eOpcode: PUTFH (22)FileHandlelength: 32[hash (CRC-32): 0x0d291f7e][Name: b.txt][Full Name: b.txt]FileHandle: 0101000000000000000000008b190000cce2b40afe7230800000000000000000Opcode: SETATTR (34)StateID[StateID Hash: 0xafa9]StateID seqid: 0StateID Other: 000000000000000000000000[StateID Other hash: 0x7bd5c66f]Attr mask: 0x00010000 (Time_Access_Set)reco_attr: Time_Access_Set (48)set_it: SET_TO_SERVER_TIME4 (0)89 2023-05-02 14:53:31.199289 storage_IP 2049 client_IP 851 NFS V4 Reply (Call In 88) SETATTROpcode: GETATTR (9)reco_attr: Mode (33)mode: 0777, Name: Unknown, Read permission for owner, Write permission for owner, Execute permission for owner, Read permission for group, Write permission for group, Execute permission for group, Read permission for others, Write permissi.... .... .... .... 000. .... .... .... = Name: Unknown (0).... .... .... .... .... 0... .... .... = Set user id on exec: No.... .... .... .... .... .0.. .... .... = Set group id on exec: No.... .... .... .... .... ..0. .... .... = Save swapped text even after use: No.... .... .... .... .... ...1 .... .... = Read permission for owner: Yes.... .... .... .... .... .... 1... .... = Write permission for owner: Yes.... .... .... .... .... .... .1.. .... = Execute permission for owner: Yes.... .... .... .... .... .... ..1. .... = Read permission for group: Yes.... .... .... .... .... .... ...1 .... = Write permission for group: Yes.... .... .... .... .... .... .... 1... = Execute permission for group: Yes.... .... .... .... .... .... .... .1.. = Read permission for others: Yes.... .... .... .... .... .... .... ..1. = Write permission for others: Yes.... .... .... .... .... .... .... ...1 = Execute permission for others: Yes