From: "Austin S. Hemmelgarn" <ahferroin7@gmail.com>
To: Nikolay Borisov <nborisov@suse.com>,
kreijack@inwind.it, "Misono,
Tomohiro" <misono.tomohiro@jp.fujitsu.com>,
linux-btrfs <linux-btrfs@vger.kernel.org>
Subject: Re: [PATCH] btrfs: Allow non-privileged user to delete empty subvolume by default
Date: Wed, 21 Mar 2018 07:47:31 -0400 [thread overview]
Message-ID: <5ce4f667-e97f-c87e-466d-37d488f2abbb@gmail.com> (raw)
In-Reply-To: <c4fc8c1f-32cf-06e5-f8fa-ca5574aca347@suse.com>
On 2018-03-21 03:46, Nikolay Borisov wrote:
>
>
> On 20.03.2018 22:06, Goffredo Baroncelli wrote:
>> On 03/20/2018 07:45 AM, Misono, Tomohiro wrote:
>>> Deletion of subvolume by non-privileged user is completely restricted
>>> by default because we can delete a subvolume even if it is not empty
>>> and may cause data loss. In other words, when user_subvol_rm_allowed
>>> mount option is used, a user can delete a subvolume containing the
>>> directory which cannot be deleted directly by the user.
>>>
>>> However, there should be no harm to allow users to delete empty subvolumes
>>> when rmdir(2) would have been allowed if they were normal directories.
>>> This patch allows deletion of empty subvolume by default.
>>
>> Instead of modifying the ioctl, what about allowing rmdir(2) to work for an _empty_ subvolume (and all the permission check are satisfied) ?
>
> I'm inclined to agree with Goffredo. user_subvol_rm_allowed flag really
> looks like a hack ontop of the ioctl. I'd rather we modify the generic
> behavior.
I agree as well, with the addendum that I'd love to see a new ioctl that
does proper permissions checks. While letting rmdir(2) work for an
empty subvolume with the appropriate permissions would be great (it will
let rm -r work correctly), it doesn't address the usefulness of being
able to just `btrfs subvolume delete` and not have to wait for the
command to finish before you can reuse the name.
next prev parent reply other threads:[~2018-03-21 11:47 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-20 6:45 [PATCH] btrfs: Allow non-privileged user to delete empty subvolume by default Misono, Tomohiro
2018-03-20 20:06 ` Goffredo Baroncelli
2018-03-21 7:46 ` Nikolay Borisov
2018-03-21 11:47 ` Austin S. Hemmelgarn [this message]
2018-03-21 20:38 ` Goffredo Baroncelli
2018-03-22 12:15 ` Austin S. Hemmelgarn
2018-03-22 17:38 ` Goffredo Baroncelli
2018-03-23 6:29 ` Misono Tomohiro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5ce4f667-e97f-c87e-466d-37d488f2abbb@gmail.com \
--to=ahferroin7@gmail.com \
--cc=kreijack@inwind.it \
--cc=linux-btrfs@vger.kernel.org \
--cc=misono.tomohiro@jp.fujitsu.com \
--cc=nborisov@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.