The init script for zfs-fuse-0.5.0 (/etc/init.d/zfs) has a very slight bug in it. In the current zfs init script, the zfs-fuse daemon is run as the "daemon" user. However, this results in several "Permission denied" type errors when attempting to create, modify, or access a zfs partition on a regular disk. Since the xfs-fuse daemon generally needs to access physical disks, it seems that it would need to run as root (or ensure that all disks are given the proper group permission and run the daemon under the "disk" group).
Created attachment 168704 [details, diff] Patch to run daemon as root user, which seems appropriate for a daemon accessing physical discs
First of all, zfs-fuse does — as far as I know — not not need physical discs per se. So there should be an option. Like the “chroot” use flag, but maybe “physical”, to enable physical disk access functionality/right at install time. :) Then: Why is this patch (thank you for the work :) not in the portage tree yet? This is from nearly half a year ago! I see this quite often. Developers doing great work, fixing bugs, and this work then getting thrown away, by not ever putting it inside portage. And quite frankly: If the person who is not doing it, is overworked and/or can’t handle it, he should at least say so. No problem with that. We can help! :) Who do I contact, or how do I do it myself, to fix this?
Hey guys, sorry for the late response, i've been overseas, however, I do not actually think, that every daemon has to run in with root privileges, especially where physical disks (by default) have the "disk" group assigned and are group read-/writable. Please correct me if i'm wrong, but with the above assumtion, it is more save to setuid/setgid into a non-root privileges. however, IF ppl still feel uncomfortable with root privilege dropping, I feel fine with adding a configuration variable that leave the administrator the option to override default "daemon:disk" service privileges.
(In reply to comment #3) > Please correct me if i'm wrong, but with the above assumtion, it is more safe > to setuid/setgid into a non-root privileges. No, you are absolutely right. :) > however, IF ppl still feel uncomfortable with root privilege dropping, I feel > fine with adding a configuration variable that leave the administrator the > option to override default "daemon:disk" service privileges. Well, Gentoo is about choice and freedom. You never know when someone may really need it. Ok, if you can prove that nobody needs it, the better. :) But if it’s not feeling like a stupid loss of time… why not? :) In the end, it‘s your time, so you do, what you like the most. :)
The same problem is still there for zfs-fuse 0.6.9. The init script should start the zfs-fuse binary with root-privileges.
Comment on attachment 168704 [details, diff] Patch to run daemon as root user, which seems appropriate for a daemon accessing physical discs This patch seems to be doing the opposite, changing "root" to "daemon". Reversed patch, perhaps?
How about a log of the failure? Reference to documentation? Anything to "proof" the "doesn't work" claim and I'll do the change in tree... (I don't use zfs-fuse myself)
Created attachment 236271 [details] working rc-script with root-privileges I use this one with zfs-fuse 0.6.9 without the mentioned permission problems.
For sure the later rc-script also does it the root-way. http://bugs.gentoo.org/attachment.cgi?id=234253
(In reply to comment #7) > How about a log of the failure? Reference to documentation? Anything to "proof" > the "doesn't work" claim and I'll do the change in tree... Please look at these threads: http://groups.google.com/group/zfs-fuse/browse_thread/thread/fd2b7b8cfa6c055f# http://groups.google.com/group/zfs-fuse/browse_thread/thread/e662cccc094e1632# and http://zfs-fuse.net/issues/60
+*zfs-fuse-0.6.9-r1 (22 Jun 2010) + + 22 Jun 2010; Samuli Suominen <ssuominen@gentoo.org> + +zfs-fuse-0.6.9-r1.ebuild, +files/zfs-fuse: + Run as "root" instead of "daemon" wrt #242390 by Stefan G. Weichinger.
Thanks Samuli.
