Bug 10762 - open/open64("file", O_WRONLY|O_CREAT, 0) creates a read-only file on CIFS.
Summary: open/open64("file", O_WRONLY|O_CREAT, 0) creates a read-only file on CIFS.
Status: NEW
Alias: None
Product: CifsVFS
Classification: Unclassified
Component: kernel fs (show other bugs)
Version: 2.6
Hardware: All All
: P5 normal
Target Milestone: ---
Assignee: Steve French
QA Contact: cifs QA contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-08-07 06:26 UTC by Srikanth Myakam (mail address dead)
Modified: 2020-07-16 00:12 UTC (History)
1 user (show)

See Also:


Attachments
pcap file,output and strace of iozone. (6.73 KB, application/x-zip-compressed)
2014-08-07 06:26 UTC, Srikanth Myakam (mail address dead)
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Srikanth Myakam (mail address dead) 2014-08-07 06:26:36 UTC
Created attachment 10182 [details]
pcap file,output and strace of iozone.

I was testing iozone utility on Linux cifs mount with Windows 2012R2 server for interoperability and ran into strange issue. This utility creates a temporary file with permissions "r-xr-xr-x" but it was supposed to be "-rw-r-----". In the strace I found "open("iozone.tmp", O_WRONLY|O_CREAT, 0) = -1 EACCES (Permission denied)" and in the packet captured while creating a file with an open syscall using the following c program:
	int main(void) {
	 int fd;
	 ssize_t sz;

	 fd = open("/W12R2share/file112", O_WRONLY | O_CREAT, 0);
	 close(fd);
	}
found "DesiredAccess: 0x40000080" (ReadAttributes:       (........................1.......) Set FILE_READ_ATTRIBUTES (all)) and "FSCCFileAttribute: 1 (0x1)" (ReadOnly:           (...............................1) Read Only).
Please find the attached pcap file, output and strace of iozone.
Comment 1 Steve French 2014-08-08 02:20:12 UTC
In the test case I see an attempt to create a file with mode "0" which will in fact create a file which can't be accessed by a non root user, including the creator.  Is this what you really want?  It is supposed to return access denied when run by non-root

I ran this minor variation as a test (locally and remote, both failed, except as root)

include <stdio.h>
#include <stdlib.h>   
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>

int main(void) {
     int fd;
     ssize_t sz;

     printf("attempt to open /W12R2share/file112\n");
     fd = open("/W12R2share/file112", O_WRONLY | O_CREAT, 0);
     if (fd < 0)
	printf("error %d errno: %d opening file\n", fd, errno);
     else {
        printf("success\n");
        close(fd);
     }
}
Comment 2 Srikanth Myakam (mail address dead) 2014-08-10 13:24:40 UTC
(In reply to comment #0)
> Created attachment 10182 [details]
> pcap file,output and strace of iozone.
> 
> I was testing iozone utility on Linux cifs mount with Windows 2012R2 server for
> interoperability and ran into strange issue. This utility creates a temporary
> file with permissions "r-xr-xr-x" but it was supposed to be "-rw-r-----". In
> the strace I found "open("iozone.tmp", O_WRONLY|O_CREAT, 0) = -1 EACCES
> (Permission denied)" and in the packet captured while creating a file with an
> open syscall using the following c program:
>     int main(void) {
>      int fd;
>      ssize_t sz;
> 
>      fd = open("/W12R2share/file112", O_WRONLY | O_CREAT, 0);
>      close(fd);
>     }
> found "DesiredAccess: 0x40000080" (ReadAttributes:      
> (........................1.......) Set FILE_READ_ATTRIBUTES (all)) and
> "FSCCFileAttribute: 1 (0x1)" (ReadOnly:          
> (...............................1) Read Only).
> Please find the attached pcap file, output and strace of iozone.

Sorry about "open("iozone.tmp", O_WRONLY|O_CREAT, 0) = -1 EACCES
(Permission denied)" I was rerunning the open() before deleting the "iozone.tmp" file created in the last run of Iozone.

Actually we are getting the same error at later stage:
open("iozone.tmp", O_WRONLY|O_CREAT, 0) = 3
stat("iozone.tmp", {st_mode=S_IFREG|0555, st_size=0, ...}) = 0
ftruncate(3, 0)                         = 0
close(3)                                = 0
stat("iozone.tmp", {st_mode=S_IFREG|0555, st_size=0, ...}) = 0
unlink("iozone.tmp")                    = -1 EIO (Input/output error)
creat("iozone.tmp", 0640)               = -1 EACCES (Permission denied)
write(1, "\nCan not create temp file: iozon"..., 38) = 38
Comment 3 Srikanth Myakam (mail address dead) 2014-08-10 13:42:37 UTC
(In reply to comment #1)
> In the test case I see an attempt to create a file with mode "0" which will in
> fact create a file which can't be accessed by a non root user, including the
> creator.  Is this what you really want?  It is supposed to return access denied
> when run by non-root
> 
> I ran this minor variation as a test (locally and remote, both failed, except
> as root)
> 
> include <stdio.h>
> #include <stdlib.h>   
> #include <sys/types.h>
> #include <sys/stat.h>
> #include <fcntl.h>
> #include <errno.h>
> 
> int main(void) {
>      int fd;
>      ssize_t sz;
> 
>      printf("attempt to open /W12R2share/file112\n");
>      fd = open("/W12R2share/file112", O_WRONLY | O_CREAT, 0);
>      if (fd < 0)
>     printf("error %d errno: %d opening file\n", fd, errno);
>      else {
>         printf("success\n");
>         close(fd);
>      }
> }

I saw non root user throws error to call open() ("open("/W12R2share/file112", O_WRONLY|O_CREAT, 0) = -1 EACCES (Permission denied)") but it creates the file. 

Root user can create the file without any error but its a read only one:
root@xsmbU1404LinuxVM:/W12R2share# ./a.out
attempt to open /W12R2share/file112
success: 3
root@xsmbU1404LinuxVM:/W12R2share# rm -rf /W12R2share/file112
rm: cannot remove ‘/W12R2share/file112’: Input/output error
root@xsmbU1404LinuxVM:/W12R2share# ll
total 145
drwxrwxrwx  2 root root 40960 Aug 10 12:37 ./
drwxr-xr-x 26 root root  4096 Aug  5 10:31 ../
-rwxrwxrwx  1 root root  8726 Aug  8 17:43 a.out*
-rwxrwxrwx  1 root root   239 Aug  5 11:16 open.c*
-r-xr-xr-x  1 root root     0 Aug 10 13:16 file112*
root@xsmbU1404LinuxVM:/W12R2share#
Comment 4 Steven Allen 2018-04-17 09:48:52 UTC
We've run into this in a project I help maintain: https://github.com/ipfs/go-ipfs/issues/4936

> In the test case I see an attempt to create a file with mode "0" which will in fact create a file which can't be accessed by a non root user, including the creator.  Is this what you really want?  It is supposed to return access denied when run by non-root

According to the open(2) man page, the mode passed to open only applies to *future* file accesses. Calling `open("/W12R2share/file112", O_WRONLY | O_CREAT, 0)` *should* succeed (and does on other filesystems). While opening the file with a 0 mode isn't particularly useful, opening it with, e.g., 0444 can be a useful way to create write-once files.

Is this behavior intended?