Comments (10)
yes, sorry I forgot to answer. By setting the usual permission rwxr-xr-x to folders, the newly created dwarfs works as expected 👍
from dwarfs.
Thanks for your report, @cipitaua!
Nice catch, this is indeed a bug in how DwarFS implements the access
system call. Funnily enough, while you can't cd
to archive/media
, you can list/read it's contents and even create files. Also, once you've created a file in the directory - even if you immediately delete it again - you can cd
into the directory without issues. The latter is presumably because the directory now exists in archive-rw
and so archive-ro/media
is no longer checked for access permissions.
I've got a fix for the issue locally, but I'll need to double check and run a few tests before pushing a new release.
from dwarfs.
Thank you for the prompt reply.
What's not clear is why I've encountered the bug only in this case but never before, although I've used dwarfs in this way (with overlay) a lot of times for over one year, starting with dwarfs version 0.6.9.
Also it's not clear to me whether the bug is in the archive.dwarfs I have produced, or it is in the mount.dwarfs code.
from dwarfs.
any hint?
from dwarfs.
Sorry, I completely missed your reply.
What's not clear is why I've encountered the bug only in this case but never before, although I've used dwarfs in this way (with overlay) a lot of times for over one year, starting with dwarfs version 0.6.9.
That is a very good question. Here's some more detail:
The bug that I found and that seems to cause this particular problem is in DwarFS' implementation of the access
system call. The bug is that the implementation didn't handle the root user id any different from a regular user, whereas the expectation is that "The super-user can read and write any file, and execute any file that anyone can execute". The "execute" part extends to "being able to enter directories" for directory inodes.
This obviously has nothing to do directly with overlaying file systems. However, since the overlay mount is run as root
and (seemingly) all access to the read-only layer will be performed from the root user id (thus also requiring -o allow_root
), if the overlayfs code happens to use access()
, DwarFS will currently report an error, and this can cause things like changing to the directory to fail.
Now this raises a bunch of questions:
- Did overlayfs always behave that way, or is the
access
call something that was recently introduced? - Does overlayfs actually have to run as
root
? Does it have to perform requests "as-root"?
So, unfortunately, I can't provide a definitive answer to your question.
Also it's not clear to me whether the bug is in the archive.dwarfs I have produced, or it is in the mount.dwarfs code.
Your archive.dwarfs
is perfectly okay. The bug described above is in the DwarFS FUSE driver (i.e. mount.dwarfs
).
from dwarfs.
I see. However I'm using many dwarfs archives with overlay and only that one has 'access' problems.
from dwarfs.
I see. However I'm using many dwarfs archives with overlay and only that one has 'access' problems.
Maybe the directory permissions are different for your other archives?
$ ls -ld archive/media
drwx------ 1 guest guest 66 6 apr 2012 archive/media
I assume that if the directory was world-executable, you wouldn't run into the problem.
from dwarfs.
@cipitaua, did you check the directory permissions in your other archives by any chance?
from dwarfs.
Thanks! I'll nonetheless roll a new release with the fix in the next couple of days.
from dwarfs.
Fixed in v0.9.7.
from dwarfs.
Related Issues (20)
- fails to build with google-glog 0.7.0 HOT 3
- Some operating systems require a new folder/directory, others don't mount unless a directory already exists (non-universal binary) HOT 1
- (addition) Linux arm64 dwarfs binary build HOT 4
- Error while building HOT 2
- Fuse Passthrough
- Are the prebuilt binaries affected by xz/liblzma backdoor? HOT 6
- [Feature request] Allow providing dwarfs with a dedup library HOT 4
- official debian package, allow building without git? HOT 4
- mkdwarfs always crashes with SIGABRT HOT 13
- [MacOS] DwarFS mount not seen through Finder HOT 5
- [Core Dump] Signal 7 (SIGBUS) (code: nonexistent physical address) on making archive of currently running OS (possibly bad use case) HOT 2
- Homebrew formula HOT 22
- some problem on the README.md files. Please Check up and Fix. HOT 1
- read scalability issues with large archives HOT 9
- Unexpected exception: `inode has no file (any)` HOT 8
- [Feature Request] Mounting multiple archives to the same path HOT 12
- Segfault when using the mold linker HOT 2
- Cannot build v0.9.9 on Ubuntu 22.04 HOT 5
- Vendor fbthrift & folly using vcpkg HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dwarfs.