Merge pull request #1448 from trapexit/defaultperms

Add config option to control default_permissions
4 days ago · deb54c58d8
6 changed files with 42 additions and 6 deletions
--- a/mkdocs/docs/config/export-support.md
+++ b/mkdocs/docs/config/export-support.md
@ -1,7 +1,8 @@
 # export-support

 * `export-support=true|false`
-* Defaults to `true`.
+* Default: `true`
+

 In theory, this flag should not be exposed to the end user. It is a
 low-level FUSE flag which indicates whether or not the kernel can send
--- a/mkdocs/docs/config/kernel-permissions-check.md
+++ b/mkdocs/docs/config/kernel-permissions-check.md
@ -0,0 +1,19 @@
+# kernel-permissions-check
+
+* `kernel-permissions-check=true|false`
+* Default: `true`
+
+
+[FUSE](https://www.kernel.org/doc./html/next/filesystems/fuse.html)
+has a feature which mergerfs leverages which allows the kernel to do
+file permission checking rather than leaving it to the FUSE server (in
+this case mergerfs.) This improves performance. However, it also
+limits flexibility.
+
+mergerfs should work fine regardless of this setting but there might
+be some currently unknown edge cases where disabling the feature might
+help. Like [export-support](export-support.md) this is mostly for
+debugging.
+
+This option is a kernel mount option so unable to be changed at
+runtime.
--- a/mkdocs/mkdocs.yml
+++ b/mkdocs/mkdocs.yml
@ -88,6 +88,7 @@ nav:
  - config/statfs.md
  - config/flush-on-close.md
  - config/export-support.md
+  - config/kernel-permissions-check.md
 - error_handling_and_logging.md
 - runtime_interfaces.md
 - remote_filesystems.md
--- a/src/config.cpp
+++ b/src/config.cpp
@ -63,6 +63,7 @@ namespace l
    IFERT("export-support");
    IFERT("fsname");
    IFERT("fuse_msg_size");
+    IFERT("kernel-permissions-check");
    IFERT("mount");
    IFERT("nullrw");
    IFERT("pid");
@ -186,6 +187,7 @@ Config::Config()
  _map["ignorepponrename"]       = &ignorepponrename;
  _map["inodecalc"]              = &inodecalc;
  _map["kernel_cache"]           = &kernel_cache;
+  _map["kernel-permissions-check"] = &kernel_permissions_check;
  _map["lazy-umount-mountpoint"] = &lazy_umount_mountpoint;
  _map["link_cow"]               = &link_cow;
  _map["link-exdev"]             = &link_exdev;
--- a/src/config.hpp
+++ b/src/config.hpp
@ -133,6 +133,7 @@ public:
  ConfigBOOL     ignorepponrename;
  InodeCalc      inodecalc;
  ConfigBOOL     kernel_cache;
+  ConfigBOOL     kernel_permissions_check = true;
  ConfigBOOL     lazy_umount_mountpoint;
  ConfigBOOL     link_cow;
  LinkEXDEV      link_exdev;
--- a/src/option_parser.cpp
+++ b/src/option_parser.cpp
@ -32,11 +32,14 @@
 #include "fuse.h"
 #include "fuse_config.hpp"

+#include "nonstd/string_view.hpp"
+
 #include <fstream>
 #include <iomanip>
 #include <iostream>
 #include <string>
 #include <vector>
+#include <array>

 #include <stddef.h>
 #include <stdio.h>
@ -114,9 +117,12 @@ set_subtype(fuse_args *args_)

 static
 void
-set_default_options(fuse_args *args_)
+set_default_options(fuse_args     *args_,
+                    Config::Write &cfg_)
 {
-  set_option("default_permissions",args_);
+  if(cfg_->kernel_permissions_check)
+    set_option("default_permissions",args_);
+
  if(geteuid() == 0)
    set_option("allow_other",args_);
  else
@ -127,7 +133,7 @@ static
 bool
 should_ignore(const std::string &key_)
 {
-  static const std::set<std::string> IGNORED_KEYS =
+  constexpr const std::array<nonstd::string_view,13> ignored_keys =
    {
      "atomic_o_trunc",
      "big_writes",
@ -144,7 +150,13 @@ should_ignore(const std::string &key_)
      "use_ino",
    };

-  return (IGNORED_KEYS.find(key_) != IGNORED_KEYS.end());
+  for(const auto &key : ignored_keys)
+    {
+      if(key == key_)
+        return true;
+    }
+
+  return false;
 }

 static
@ -464,7 +476,7 @@ namespace options

    check_for_mount_loop(cfg,errs_);

-    set_default_options(args_);
+    set_default_options(args_,cfg);
    set_fsname(cfg,args_);
    set_subtype(args_);
    set_fuse_threads(cfg);