Public bug reported:
When upgrading from xenial kernel (4.4.0-145) to linux-image-generic-
hwe-16.04 (4.15.0-47) I am no longer able to run an application that
checks it's data directory for write access/path traversal when that
directory is an NFS share. This works on 4.4 and 3.13 kernels that I
tested with but fails on 4.15. I'm using NFSv3 and have seen the
behavior with both a synology NAS as the nfs-server as well as my xenial
desktop as the nfs-server.
To reproduce:
0.) Boot test machine with kernel 4.15.0-47
1.) set up a NFS export on another machine (nfs-server)
/etc/exports:
/srv/nfstest 192.168.100.100(rw,sync,no_subtree_check)
2.) mount the NFS share on the test machine and give a non-root user
ownership of the mount, in my case I have a user: aptly, with
home=/var/lib/aptly, and I mounted the NFS at /var/lib/aptly/test.
aptly:aptly owns /var/lib/aptly/test.
/etc/fstab:
192.168.100.101:/srv/nfstest /var/lib/aptly/test nfs rw,mountvers=3
3.) attempt to call access.W_OK on the mount as the non-root user `strace
./testaccess.py`
stderr:
...
access("/var/lib/aptly/test", W_OK) = -1 EACCES (Permission denied)
...
stdout:
('Writeable:', False)
('user r,e,s', (5062, 5062, 5062))
('group r,e,s', (5062, 5062, 5062))
posix.stat_result(st_mode=16895, st_ino=101188113, st_dev=48, st_nlink=3,
st_uid=5062, st_gid=5062, st_size=4096, st_atime=1554858490,
st_mtime=1554858633, st_ctime=1554858633)
testaccess.py:
#!/usr/bin/python
import os
import sys
from pprint import pprint
directory = '/var/lib/aptly/test'
if __name__ == "__main__":
writeable = os.access(directory, os.W_OK)
print("Writeable:", writeable)
print("user r,e,s", os.getresuid())
print("group r,e,s", os.getresgid())
pprint(os.stat(directory))
** Affects: linux (Ubuntu)
Importance: Undecided
Status: Incomplete
** Attachment added: "apport.linux-image-4.15.0-47-generic.j9ut204h.apport"
https://bugs.launchpad.net/bugs/1824050/+attachment/5254575/+files/apport.linux-image-4.15.0-47-generic.j9ut204h.apport
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1824050
Title:
access.W_OK yields -1 EACCES (permission denied) on NFS mountpoints
Status in linux package in Ubuntu:
Incomplete
Bug description:
When upgrading from xenial kernel (4.4.0-145) to linux-image-generic-
hwe-16.04 (4.15.0-47) I am no longer able to run an application that
checks it's data directory for write access/path traversal when that
directory is an NFS share. This works on 4.4 and 3.13 kernels that I
tested with but fails on 4.15. I'm using NFSv3 and have seen the
behavior with both a synology NAS as the nfs-server as well as my
xenial desktop as the nfs-server.
To reproduce:
0.) Boot test machine with kernel 4.15.0-47
1.) set up a NFS export on another machine (nfs-server)
/etc/exports:
/srv/nfstest 192.168.100.100(rw,sync,no_subtree_check)
2.) mount the NFS share on the test machine and give a non-root user
ownership of the mount, in my case I have a user: aptly, with
home=/var/lib/aptly, and I mounted the NFS at /var/lib/aptly/test.
aptly:aptly owns /var/lib/aptly/test.
/etc/fstab:
192.168.100.101:/srv/nfstest /var/lib/aptly/test nfs rw,mountvers=3
3.) attempt to call access.W_OK on the mount as the non-root user `strace
./testaccess.py`
stderr:
...
access("/var/lib/aptly/test", W_OK) = -1 EACCES (Permission denied)
...
stdout:
('Writeable:', False)
('user r,e,s', (5062, 5062, 5062))
('group r,e,s', (5062, 5062, 5062))
posix.stat_result(st_mode=16895, st_ino=101188113, st_dev=48, st_nlink=3,
st_uid=5062, st_gid=5062, st_size=4096, st_atime=1554858490,
st_mtime=1554858633, st_ctime=1554858633)
testaccess.py:
#!/usr/bin/python
import os
import sys
from pprint import pprint
directory = '/var/lib/aptly/test'
if __name__ == "__main__":
writeable = os.access(directory, os.W_OK)
print("Writeable:", writeable)
print("user r,e,s", os.getresuid())
print("group r,e,s", os.getresgid())
pprint(os.stat(directory))
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1824050/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
