Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Some user-permission changes to btrfs-progs #762

Open
wants to merge 2 commits into
base: devel
Choose a base branch
from
Open

Some user-permission changes to btrfs-progs #762

wants to merge 2 commits into from

Conversation

sweettea
Copy link
Contributor

This makes it possible to use btrfs receive as a regular user, and gets part of the way to using btrfs subvolume list as a regular user (the main change there is pretty big so it's going in a different pull request).

@sweettea
btrfs-progs: receive: make receive fall back on EPERM
ea2c8e6 
For non-root usage, receive can't write compressed data and will get
EPERM, but falling back to writing uncompressed data may work and allows
receive as a normal user, which is safer.

Signed-off-by: Sweet Tea Dorminy <[email protected]>
@sweettea
btrfs-progs: subvolume-list: use user ino lookup
0cc8c32 
The user ioctl works in all cases, so don't limit subvolume list to root
by using the root-only ioctl. Subvolume list itself still uses the
root-only tree search ioctl, but this is a step toward making subvolume
list user-capable.

Signed-off-by: Sweet Tea Dorminy <[email protected]>
@adam900710
Copy link
Collaborator

For data writes it's totally fine to fallback to non-privileged writes.

But wouldn't things like snapshotting and UUID tree updates still requires root privilege?

@sweettea
Copy link
Contributor Author

Snapshotting shouldn't require root?

But uuid search, good point, I was running on a kernel with uuid search allowed for non-root.

@kdave
Copy link
Owner

kdave commented Apr 18, 2024

There are the unprivileged subvolume ioctls, I'm not sure if there are also helpers for that but this should be possible to implement by manual iteration.

@kdave kdave force-pushed the devel branch 4 times, most recently from 247e2d2 to 208150e Compare April 19, 2024 23:44
@kdave kdave force-pushed the devel branch 2 times, most recently from 0bbf8b9 to bcb887a Compare May 3, 2024 13:01
@kdave kdave force-pushed the devel branch 2 times, most recently from 87a1129 to e4d372e Compare June 6, 2024 23:14
@kdave
Copy link
Owner

kdave commented Jun 12, 2024

I'm taking another look, the idea of using unprivileged ioctls makes sense but we can go further and use the library functions (receive code is old so the interface was not there). I'd apply the patches but the change in lookup_ino_path() to strcpy(ri->name, args.name); looks like it's ignoring the following code that checks args.name[0] and build the path.

@kdave kdave force-pushed the devel branch 2 times, most recently from ca84db7 to 8e8c554 Compare June 27, 2024 00:22
@kdave kdave force-pushed the devel branch 3 times, most recently from c94327d to 2ce4219 Compare July 17, 2024 02:59
@kdave kdave force-pushed the devel branch 4 times, most recently from 082ce75 to 84c044d Compare August 16, 2024 19:40
@kdave kdave force-pushed the devel branch 2 times, most recently from f6d1943 to 5ff9f62 Compare September 17, 2024 15:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sweettea @adam900710 @kdave