search

opensciencegrid / xrootd-multiuser

A filesystem plugin to allow Xrootd write as a different Unix user
Apache License 2.0
2 stars 12 forks source link

Umask not working #13

Closed efajardo closed 3 years ago

efajardo commented 3 years ago

Justas reported on freshdesk ticket #65647. That the umasking feature it is not working:

[root@transfer-10 justas]# cat /usr/lib/systemd/system/xrootd-privileged\@.service | grep UMask
UMask=0002
[root@transfer-10 justas]# cat /etc/xrootd/xrootd-clustered.cfg | grep umask
multiuser.umask 0002
Copy file
-bash-4.2$ gfal-copy -K ADLER32 -p -f justas root://transfer-10.ultralight.org//storage/justas/umask0002
Copying file:///storage/user/jbalcas/justas   [DONE]  after 0s
On storage:
[root@transfer-10 justas]# ll /storage/justas/
total 1
-rw-r--r-T 1 cmsuser cmsuser 6 Sep 28 16:14 umask0002
so umask is somehow not used. I also tried to change 0001, same effect. Do I miss something else to change?
[root@transfer-10 ~]# ll /storage/justas/
total 1
-rw-r--r-T 1 cmsuser cmsuser 6 Sep 28 16:32 umask0001
-rw-r--r-T 1 cmsuser cmsuser 6 Sep 28 16:14 umask0002
djw8605 commented 3 years ago

With the tracing on high enough, it should print out the umask it was going to use, as in this line: https://github.com/opensciencegrid/xrootd-multiuser/blob/master/src/multiuser.cpp#L539

It looks like the umask only happens when it uses the default xrootd umask. I suppose it's possible that gfal is doing something weird with setting the xrootd umask? Could you try the same command with the raw xrdcp command?

juztas commented 3 years ago

Seems most of it works (and for my needs it is enough). Changing umask on xrootd server config and do transfer with gfal-copy:

[root@transfer-10 ~]# ll /storage/eck4m1/
total 8192
-rw-rw-r-- 1 cmsuser cmsuser 1048576 Oct 29 08:20 umask0001
-rw-rw-r-- 1 cmsuser cmsuser 1048576 Oct 29 08:20 umask0002
-rw-rw---- 1 cmsuser cmsuser 1048576 Oct 29 08:22 umask0006
-rw-rw---- 1 cmsuser cmsuser 1048576 Oct 29 08:22 umask0007
-rw-r----- 1 cmsuser cmsuser 1048576 Oct 29 08:23 umask0027
-rw------- 1 cmsuser cmsuser 1048576 Oct 29 08:24 umask0067
-rw----r-- 1 cmsuser cmsuser 1048576 Oct 29 08:27 umask0070
-rw------- 1 cmsuser cmsuser 1048576 Oct 29 08:25 umask0077

Also changing this at systemd Umask looks ok (while xrootd config is not setting it)

[root@transfer-10 eck4m1]# ll /storage/eck4m1/*service
-rw-rw-r-- 1 cmsuser cmsuser 1048576 Oct 29 08:44 /storage/eck4m1/umask0000-service
-rw-rw---- 1 cmsuser cmsuser 1048576 Oct 29 08:45 /storage/eck4m1/umask0007-service
-rw------- 1 cmsuser cmsuser 1048576 Oct 29 08:46 /storage/eck4m1/umask0077-service

Even I am still confused why if I use UMask 0000, it becomes 664 - but simply seems there is umask set somewhere else which takes precedence. I think it is good to close this issue (there is no real issue here).

djw8605 commented 3 years ago

I'm confused (though happy to close this issue). You said at first it wasn't working, but now you are saying that the umask in the XRootD config does work?

juztas commented 3 years ago

In my first try, I tested only 002 and 001, but not other umasks, while in second I tried many other umasks. Based on every possible umask (https://www.linuxtrainingacademy.com/all-umasks/), I can only assume that xrootd is not changing (lowering) umask (default is 002) or is it Linux not doing this/not allowing? And because I tested in a first try only 002 and 001 - these two have no difference (as default is 002). All other work as it should.

001 - should be rw-rw-rw-, while xrootd sets rw-rw-r--
002 - should be rw-rw-r--, while xrootd sets rw-rw-r--
006 - should be rw-rw----, while xrootd sets  -rw-rw----
077 - should be rw------, while xrootd sets rw-------
djw8605 commented 3 years ago

Thanks Justas.