On Wed, May 06, 2015 at 01:32:02PM -0400, Austin S Hemmelgarn wrote: > On 2015-05-06 13:05, Chris Murphy wrote: > >Ok so now that my mea culpa is out of the way, I'm actually wondering > >why non-root users can't do certain btrfs tasks when they're read-only > >commands. > > > >[chris@f22m ~]$ btrfs fi show > >ERROR: could not open /dev/sda7 ##this is new it wasn't doing this last night > >btrfs-progs v4.0 > >[chris@f22m ~]$ btrfs fi df / > >Data, single: total=4.00GiB, used=3.57GiB > >System, single: total=4.00MiB, used=16.00KiB > >Metadata, single: total=1.01GiB, used=198.30MiB > >GlobalReserve, single: total=80.00MiB, used=0.00B > >[chris@f22m ~]$ btrfs fi usage / > >WARNING: can't read detailed chunk info, RAID5/6 numbers will be > >incorrect, run as root > >WARNING: can't get filesystem info from ioctl(FS_INFO), run as root > >ERROR: couldn't get space info on '/' - Operation not permitted > > > > > >I think usage is more useful than df for users, and contains largely > >the same information as df + show, so I think all three should be > >non-root user usable. > > > That may be tricky to do, I think show and usage both access the > underlying block device directly (or try to in any case), which > would explain why they don't work as non-root; most modern linux > distributions have permissions on (non-hot-plugged) block devices > set to 660 and owned by root:disk. show certainly does, because it scans for devices, like btrfs dev scan does. I think Anand has attempted to make it report data from the kernel's internal FS table, but I'm not sure about the status of that (and, TBH, not entirely sure about whether it exists. I may have got the wrong end of the stick skimming through that patch set and discussion). usage shouldn't need to access the device directly, but probably does need to access the tree search ioctl. It's not the only tool that does that, and that's probably the reason for most of the root-only btrfs commands. I suspect that in most cases, there's no particularly good reason for the use of TREE_SEARCH, other than it would require yet another btrfs-specific ioctl to get the information out without handing the entire FS's metadata to non-root users. TREE_SEARCH is great for extracting random data from the FS, and is a really good way to hack together a new userspace informational feature, but it does then mean that you can't offer that feature to users that don't have root permissions. Hugo. -- Hugo Mills | We don't just borrow words; on occasion, English has hugo@... carfax.org.uk | pursued other languages down alleyways to beat them http://carfax.org.uk/ | unconscious and rifle their pockets for new PGP: E2AB1DE4 | vocabulary. James D. Nicoll
Attachment:
signature.asc
Description: Digital signature
