Merge pull request #1448 from trapexit/defaultperms

Add config option to control default_permissions

mkdocs/docs/config/export-support.md

@@ -1,7 +1,8 @@
 # export-support
 
 * `export-support=true|false`
-* Defaults to `true`.
+* Default: `true`
+
 
 In theory, this flag should not be exposed to the end user. It is a
 low-level FUSE flag which indicates whether or not the kernel can send

mkdocs/docs/config/kernel-permissions-check.md

@@ -0,0 +1,19 @@
+# kernel-permissions-check
+
+* `kernel-permissions-check=true|false`
+* Default: `true`
+
+
+[FUSE](https://www.kernel.org/doc./html/next/filesystems/fuse.html)
+has a feature which mergerfs leverages which allows the kernel to do
+file permission checking rather than leaving it to the FUSE server (in
+this case mergerfs.) This improves performance. However, it also
+limits flexibility.
+
+mergerfs should work fine regardless of this setting but there might
+be some currently unknown edge cases where disabling the feature might
+help. Like [export-support](export-support.md) this is mostly for
+debugging.
+
+This option is a kernel mount option so unable to be changed at
+runtime.

mkdocs/mkdocs.yml

@@ -88,6 +88,7 @@ nav:
   - config/statfs.md
   - config/flush-on-close.md
   - config/export-support.md
+  - config/kernel-permissions-check.md
 - error_handling_and_logging.md
 - runtime_interfaces.md
 - remote_filesystems.md

src/config.cpp

@@ -63,6 +63,7 @@ namespace l
     IFERT("export-support");
     IFERT("fsname");
     IFERT("fuse_msg_size");
+    IFERT("kernel-permissions-check");
     IFERT("mount");
     IFERT("nullrw");
     IFERT("pid");
@@ -186,6 +187,7 @@ Config::Config()
   _map["ignorepponrename"]       = &ignorepponrename;
   _map["inodecalc"]              = &inodecalc;
   _map["kernel_cache"]           = &kernel_cache;
+  _map["kernel-permissions-check"] = &kernel_permissions_check;
   _map["lazy-umount-mountpoint"] = &lazy_umount_mountpoint;
   _map["link_cow"]               = &link_cow;
   _map["link-exdev"]             = &link_exdev;

src/config.hpp

@@ -133,6 +133,7 @@ public:
   ConfigBOOL     ignorepponrename;
   InodeCalc      inodecalc;
   ConfigBOOL     kernel_cache;
+  ConfigBOOL     kernel_permissions_check = true;
   ConfigBOOL     lazy_umount_mountpoint;
   ConfigBOOL     link_cow;
   LinkEXDEV      link_exdev;

src/option_parser.cpp

@@ -32,11 +32,14 @@
 #include "fuse.h"
 #include "fuse_config.hpp"
 
+#include "nonstd/string_view.hpp"
+
 #include <fstream>
 #include <iomanip>
 #include <iostream>
 #include <string>
 #include <vector>
+#include <array>
 
 #include <stddef.h>
 #include <stdio.h>
@@ -114,9 +117,12 @@ set_subtype(fuse_args *args_)
 
 static
 void
-set_default_options(fuse_args *args_)
+set_default_options(fuse_args     *args_,
+                    Config::Write &cfg_)
 {
+  if(cfg_->kernel_permissions_check)
     set_option("default_permissions",args_);
+
   if(geteuid() == 0)
     set_option("allow_other",args_);
   else
@@ -127,7 +133,7 @@ static
 bool
 should_ignore(const std::string &key_)
 {
-  static const std::set<std::string> IGNORED_KEYS =
+  constexpr const std::array<nonstd::string_view,13> ignored_keys =
     {
       "atomic_o_trunc",
       "big_writes",
@@ -144,7 +150,13 @@ should_ignore(const std::string &key_)
       "use_ino",
     };
 
-  return (IGNORED_KEYS.find(key_) != IGNORED_KEYS.end());
+  for(const auto &key : ignored_keys)
+    {
+      if(key == key_)
+        return true;
+    }
+
+  return false;
 }
 
 static
@@ -464,7 +476,7 @@ namespace options
 
     check_for_mount_loop(cfg,errs_);
 
-    set_default_options(args_);
+    set_default_options(args_,cfg);
     set_fsname(cfg,args_);
     set_subtype(args_);
     set_fuse_threads(cfg);