Simple question: Can non-privileged users display XFS project quotas?
Currently the command
xfs_quota -c 'quota -p 42'
fails when executed as a non-root user due to quotactl(Q_XGETQUOTA,...)
returning EPERM. The problem seems to be that fs/quota/quota.c has no
knowledge of project quotas at all.
The proof-of-concept patch below makes quotactl(Q_XGETQUOTA,...)
succeed for any user when called with type == XQM_PRJQUOTA. However,
relaxing the permission checks like this might not please everybody,
changes semantics of an existing API and adds the XFS specific constant
XQM_PRJQUOTA to fs/quota.c. So I'm not even asking to apply something
like that.
Is there a better way to allow users to display project quotas?
Thanks
Andre
---
diff --git a/fs/quota/quota.c b/fs/quota/quota.c
index fc2c438..010763d 100644
--- a/fs/quota/quota.c
+++ b/fs/quota/quota.c
@@ -33,7 +33,8 @@ static int check_quotactl_permission(struct super_block *sb,
int type, int cmd,
case Q_GETQUOTA:
case Q_XGETQUOTA:
if ((type == USRQUOTA && current_euid() == id) ||
- (type == GRPQUOTA && in_egroup_p(id)))
+ (type == GRPQUOTA && in_egroup_p(id)) ||
+ (type == XQM_PRJQUOTA))
break;
/*FALLTHROUGH*/
default:
--
The only person who always got his work done by Friday was Robinson Crusoe
signature.asc
Description: Digital signature
|