yama hardlink restriction misbehaves under aufs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Ubuntu) |
Triaged
|
Medium
|
Andy Whitcroft |
Bug Description
On the mythbuntu liveCD mysqld throws errors during renaming of database files because hardlink restrictions are incorrectly triggered:
root@ubuntu:~# sudo -u mysql /bin/bash
mysql@ubuntu:/root$ id
uid=102(mysql) gid=105(mysql) groups=105(mysql)
mysql@ubuntu:/root$ cd /var/lib/
mysql@ubuntu:
mysql@ubuntu:
mysql@ubuntu:
drwx------ 2 mysql root 140 2011-03-04 12:44 .
-rw-rw---- 1 mysql mysql 0 2011-03-04 12:44 cow
-rw-rw---- 1 mysql mysql 2048 2011-03-01 19:04 user.MYI
mysql@ubuntu:
mysql@ubuntu:
mv: cannot move `user.MYI' to `user2': Operation not permitted
mysql@ubuntu:
[ 6382.911220] non-accessible hardlink creation was attempted by: mv (fsuid 102)
mysql@ubuntu:
mysql@ubuntu:
-rw-rw---- 1 mysql mysql 2048 2011-03-04 12:45 cow2
-rw-rw---- 1 mysql mysql 2048 2011-03-01 19:04 user.MYI
mysql@ubuntu:
lsattr: Inappropriate ioctl for device While reading flags on cow2
lsattr: Inappropriate ioctl for device While reading flags on user.MYI
mysql@ubuntu:
Filesystem Size Used Avail Use% Mounted on
aufs 247M 28M 220M 12% /
mysql@ubuntu:
aufs / aufs rw,noatime,
mysql@ubuntu:
mysql@ubuntu:
root@ubuntu:
total 0
drwxr-xr-x 2 root root 0 2011-03-04 12:52 .
drwxr-xr-x 3 root root 0 2011-03-04 12:52 ..
-r--r--r-- 1 root root 4096 2011-03-04 12:52 br0
-r--r--r-- 1 root root 4096 2011-03-04 12:52 br1
-r--r--r-- 1 root root 4096 2011-03-04 12:52 xi_path
root@ubuntu:
/cow=rw
root@ubuntu:
/rofs=rr
The main hardlink restriction check is this:
if (cred->fsuid != inode->i_uid &&
((mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP)) ||
or, in english:
* Block hardlink when all of:
* - fsuid does not match inode
* - not CAP_FOWNER
* - and at least one of:
* - inode is not a regular file
* - inode is setuid
* - inode is setgid and group-exec
* - access failure for read and write
nothing visible in userspace seems to violate this, so this looks like some kind of aufs issue where the exposed inode does not match the toplevel visible to userspace? I'm not sure yet what's going on.
Managed to reproduce this on the Oneiric kernel, the error seems to be triggered on renaming of an object on the ro layer.