On 2017-09-15 12:37, Ulli Horlacher wrote:
I have my btrfs filesystem mounted with option user_subvol_rm_allowed
tux@xerus: btrfs --version
btrfs-progs v4.4
tux@xerus: uname -a
Linux xerus 4.4.0-93-generic #116-Ubuntu SMP Fri Aug 11 21:17:51 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux
tux@xerus: id
uid=1000(tux) gid=100(users) groups=100(users)
tux@xerus: btrfs subvolume snapshot -r /test/tux/zz /test/tux/zz/.snapshot/2017-09-15_1824.test
tux@xerus: btrfs subvolume delete /test/tux/zz/.snapshot/2017-09-15_1824.test
Delete subvolume (no-commit): '/test/tux/zz/.snapshot/2017-09-15_1824.test'
ERROR: cannot delete '/test/tux/zz/.snapshot/2017-09-15_1824.test': Read-only file system
root can delete this snapshot, but not the user. Why?
Add 'user_subvol_rm' to the mount options and try again.
It's because of a poor decision made regarding permissions surrounding
subvolume operations. The original argument was to prevent accidental
data loss (stupid argument, rm -rf is just as bad and nearly as fast on
most modern systems), and that behavior has never been changed. In
fact, I'd advocate using that option on everything, because otherwise
you have trivial resource exhaustion issues (users can create a resource
they then can't remove). Ideally, normal users wouldn't be able to
create or delete subvolumes unless explicitly allowed (possibly through
delegation by ownership or something).
--
To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
