Btrfs: allow subvol deletion by unprivileged user with -o user_subvol_rm_allowed

Add a mount option user_subvol_rm_allowed that allows users to delete a (potentially non-empty!) subvol when they would otherwise we allowed to do an rmdir(2). We duplicate the may_delete() checks from the core VFS code to implement identical security checks (minus the directory size check). We additionally require that the user has write+exec permission on the subvol root inode. Signed-off-by: Sage Weil <sage@newdream.net> Signed-off-by: Chris Mason <chris.mason@oracle.com>
author: Sage Weil <sage@newdream.net> 2010-10-29 15:46:43 -0400
committer: Chris Mason <chris.mason@oracle.com> 2010-10-29 21:42:10 -0400
commit: 4260f7c7516f4c209cf0ca34fda99cc9a0847772 (patch)
tree: 7feb5ab81d074b17a7c5b12bcc019c2e1bb010e2 /fs/btrfs/ctree.h
parent: 531cb13f1e417c060b54f979e1659ecd69bea650 (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/fs/btrfs/ctree.h b/fs/btrfs/ctree.h
index e5d66b13c175..8db9234f6b41 100644
--- a/fs/btrfs/ctree.h
+++ b/fs/btrfs/ctree.h
@@ -1234,6 +1234,7 @@ struct btrfs_root {
 #define BTRFS_MOUNT_FORCE_COMPRESS      (1 << 11)
 #define BTRFS_MOUNT_SPACE_CACHE		(1 << 12)
 #define BTRFS_MOUNT_CLEAR_CACHE		(1 << 13)
+#define BTRFS_MOUNT_USER_SUBVOL_RM_ALLOWED (1 << 14)
 
 #define btrfs_clear_opt(o, opt)		((o) &= ~BTRFS_MOUNT_##opt)
 #define btrfs_set_opt(o, opt)		((o) |= BTRFS_MOUNT_##opt)
author	Sage Weil <sage@newdream.net>	2010-10-29 15:46:43 -0400
committer	Chris Mason <chris.mason@oracle.com>	2010-10-29 21:42:10 -0400
commit	4260f7c7516f4c209cf0ca34fda99cc9a0847772 (patch)
tree	7feb5ab81d074b17a7c5b12bcc019c2e1bb010e2 /fs/btrfs/ctree.h
parent	531cb13f1e417c060b54f979e1659ecd69bea650 (diff)