8fc54f9428
Without the allow_other mount option, no user (not even root) but the one who started qemu/the storage daemon can access the export. Allow users to configure the export such that such accesses are possible. While allow_other is probably what users want, we cannot make it an unconditional default, because passing it is only possible (for non-root users) if the global fuse.conf configuration file allows it. Thus, the default is an 'auto' mode, in which we first try with allow_other, and then fall back to without. FuseExport.allow_other reports whether allow_other was actually used as a mount option or not. Currently, this information is not used, but a future patch will let this field decide whether e.g. an export's UID and GID can be changed through chmod. One notable thing about 'auto' mode is that libfuse may print error messages directly to stderr, and so may fusermount (which it executes). Our export code cannot really filter or hide them. Therefore, if 'auto' fails its first attempt and has to fall back, fusermount will print an error message that mounting with allow_other failed. This behavior necessitates a change to iotest 308, namely we need to filter out this error message (because if the first attempt at mounting with allow_other succeeds, there will be no such message). Furthermore, common.rc's _make_test_img should use allow-other=off for FUSE exports, because iotests generally do not need to access images from other users, so allow-other=on or allow-other=auto have no advantage. OTOH, allow-other=on will not work on systems where user_allow_other is disabled, and with allow-other=auto, we get said error message that we would need to filter out again. Just disabling allow-other is simplest. Signed-off-by: Max Reitz <mreitz@redhat.com> Message-Id: <20210625142317.271673-3-mreitz@redhat.com> Signed-off-by: Kevin Wolf <kwolf@redhat.com> |
||
---|---|---|
.. | ||
acpi.json | ||
audio.json | ||
authz.json | ||
block-core.json | ||
block-export.json | ||
block.json | ||
char.json | ||
common.json | ||
compat.json | ||
control.json | ||
crypto.json | ||
dump.json | ||
error.json | ||
introspect.json | ||
job.json | ||
machine-target.json | ||
machine.json | ||
meson.build | ||
migration.json | ||
misc-target.json | ||
misc.json | ||
net.json | ||
opts-visitor.c | ||
pci.json | ||
pragma.json | ||
qapi-clone-visitor.c | ||
qapi-dealloc-visitor.c | ||
qapi-schema.json | ||
qapi-util.c | ||
qapi-visit-core.c | ||
qdev.json | ||
qmp-dispatch.c | ||
qmp-event.c | ||
qmp-registry.c | ||
qobject-input-visitor.c | ||
qobject-output-visitor.c | ||
qom.json | ||
rdma.json | ||
replay.json | ||
rocker.json | ||
run-state.json | ||
sockets.json | ||
string-input-visitor.c | ||
string-output-visitor.c | ||
tpm.json | ||
trace-events | ||
trace.h | ||
trace.json | ||
transaction.json | ||
ui.json | ||
yank.json |