-
Notifications
You must be signed in to change notification settings - Fork 245
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
unprivileged btrfs subvol list
#893
Open
maharmstone
wants to merge
10
commits into
kdave:devel
Choose a base branch
from
maharmstone:osandov-subvol-list
base: devel
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
maharmstone
force-pushed
the
osandov-subvol-list
branch
from
September 13, 2024 11:42
f351ff9
to
73abcba
Compare
Well, not just in 2022, I've been working on that all the time (irregularly). I understand you need it but it's an interface change and currently there's the mkfs set of changes and subvol create/delete pots to libbtrfsutil with yet unresolved issues, so subvol list will wait. |
[ ci skip ] Issue: kdave#310 Signed-off-by: David Sterba <[email protected]>
[BUG] Currently with python3.12, the python bindding will always result the following warning: [PY] libbtrfsutil /usr/lib/python3.12/site-packages/setuptools/_distutils/extension.py:134: UserWarning: Unknown Extension options: 'headers' warnings.warn(msg) [CAUSE] In the setup.py which specifies the files to be included into the package, we use setuptools::Extension to specify the file lists and include paths. But there is no handling of Extension::headers member, thus resulting the above warning. [FIX] According to the docs of setuptools, MANIFEST.in is the file controlling what files should be included. So instead of the non-supported headers, use MANIFEST.in to include the needed headers. Signed-off-by: Qu Wenruo <[email protected]>
…escription Instead of copying the file during custom build commands, just use a soft link to re-use the existing README.d from libbtrfsutil. Issue: kdave#310 Signed-off-by: Qu Wenruo <[email protected]>
btrfs_util_subvolume_info() explicitly checks whether geteuid() == 0 to decide whether to use the unprivileged BTRFS_IOC_GET_SUBVOL_INFO ioctl or the privileged BTRFS_IOC_TREE_SEARCH ioctl. This breaks in user namespaces: $ unshare -r python3 -c 'import btrfsutil; print(btrfsutil.subvolume_info("/"))' Traceback (most recent call last): File "<string>", line 1, in <module> btrfsutil.BtrfsUtilError: [BtrfsUtilError 12 Errno 1] Could not search B-tree: Operation not permitted: '/' The unprivileged ioctl has been supported since Linux 4.18. Let's try the unprivileged ioctl first, then fall back to the privileged version only if it isn't supported. Signed-off-by: Omar Sandoval <[email protected]>
The subvolume iterator API explicitly checks whether geteuid() == 0 to decide whether to use the unprivileged BTRFS_IOC_GET_SUBVOL_ROOTREF and BTRFS_IOC_INO_LOOKUP_USER ioctls or the privileged BTRFS_IOC_TREE_SEARCH ioctl. This breaks in user namespaces: $ unshare -r python3 -c 'import btrfsutil; print(list(btrfsutil.SubvolumeIterator("/home")))' Traceback (most recent call last): File "<string>", line 1, in <module> btrfsutil.BtrfsUtilError: [BtrfsUtilError 12 Errno 1] Could not search B-tree: Operation not permitted Instead of the explicit check, let's try the privileged mode first, and if it fails with a permission error, fall back to the unprivileged mode (which has been supported since Linux 4.18). Note that we have to try the privileged mode first, since even for privileged users, the unprivileged mode may omit some subvolumes that are hidden by filesystem mounts. Signed-off-by: Omar Sandoval <[email protected]>
It hasn't been used since commit 9005b60 ("btrfs-progs: use libbtrfsutil for subvol show"). Signed-off-by: Omar Sandoval <[email protected]>
BTRFS_LIST_FILTER_ROOTID hasn't been used since commit 9e73a41 ("btrfs-progs: use libbtrfsutil for get-default"), and BTRFS_LIST_FILTER_BY_PARENT hasn't been used since commit 9005b60 ("btrfs-progs: use libbtrfsutil for subvol show"). Signed-off-by: Omar Sandoval <[email protected]>
The way btrfs subvol list prints paths and what the -o and -a flags do are all nonsense. Apparently, very early versions of Btrfs had a concept of a "top level" of subvolumes rather than the root filesystem tree that we have today; see commit 4ff9e2a ("Add btrfs-list for listing subvolumes"). The original subvol list code tracked the ID of that top level subvolume. Eventually, 5 became the only possibility for the top level, and -o, -a, and path printing were based on that. Commit 4f5ebb3 ("Btrfs-progs: fix to make list specified directory's subvolumes work") broke this and changed the top level to be the same as the parent subvolume ID, which gave us the illogical behavior we have today. It has been this way for a decade, so we're probably stuck with it. But let's at least document precisely what these all do in preparation for adding sensible options. Let's also add tests in preparation for the upcoming changes. Signed-off-by: Omar Sandoval <[email protected]>
btrfs subvol list has its own subvolume walking implementation that we can replace with a libbtrfsutil subvolume iterator. Most of the changed lines are removing the old implementation and mechanically updating the comparators, filters, and printers to use libbtrfsutil's subvolume info. The interesting parts are: 1. We can replace the red-black tree of subvolumes with an array that we qsort. 2. Listing deleted subvolumes needs a different codepath, but we don't need a filter for it anymore. 3. We need some hacks to maintain the weird path behavior documented in the previous commit. In addition to removing a bunch of redundant code, this also prepares us for allowing subvol list by unprivileged users in some cases. Signed-off-by: Omar Sandoval <[email protected]>
Now that we've documented the current nonsensical behavior, add a couple of options that actually make sense: -O lists all subvolumes below a path (which is what people think -o does), and -A lists all subvolumes with no path munging (which is what people think the default or -a do). -O can even be used by unprivileged users. -O and -A also renames the "top level" in the default output to what it actually is now: the "parent". Signed-off-by: Omar Sandoval <[email protected]>
maharmstone
force-pushed
the
osandov-subvol-list
branch
from
September 23, 2024 10:19
73abcba
to
7b163f6
Compare
adam900710
force-pushed
the
devel
branch
2 times, most recently
from
November 4, 2024 08:01
b7cd74f
to
66f08f9
Compare
kdave
force-pushed
the
devel
branch
3 times, most recently
from
November 28, 2024 13:41
72c9865
to
164145b
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resubmission of Omar's patches from June, which allow
btrfs subvol list
to work without CAP_SYS_ADMIN: https://lore.kernel.org/linux-btrfs/[email protected]/@kdave, I appreciate that you were working on a replacement for
btrfs subvol list
in 2022, but we need this for unprivileged containers. Plus in any event we'll be keeping the old interface for a good while yet, in the interests of stability.