public inbox for linux-xfs@vger.kernel.org
 help / color / mirror / Atom feed
From: Eric Biggers <ebiggers3@gmail.com>
To: fstests@vger.kernel.org
Cc: linux-xfs@vger.kernel.org, Eric Biggers <ebiggers@google.com>
Subject: [PATCH v2 01/15] tests: port generic/093 to Linux
Date: Thu, 20 Jul 2017 21:38:39 -0700	[thread overview]
Message-ID: <20170721043853.364-2-ebiggers3@gmail.com> (raw)
In-Reply-To: <20170721043853.364-1-ebiggers3@gmail.com>

From: Eric Biggers <ebiggers@google.com>

This IRIX-specific test mainly tested whether a file's capabilities are
cleared when it is written to.  Port the test to the Linux libcap tools
and update it to expect the Linux semantics which are a little simpler:
capabilities are always cleared even if the program is root (or has
CAP_FSETID).  The test also tests that chmod doesn't affect open file
descriptors; this is mostly unrelated, but keep it in for now.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 src/writemod.c        |   4 +-
 tests/generic/093     | 113 ++++++++++----------------------------------------
 tests/generic/093.out | Bin 917 -> 372 bytes
 tests/generic/group   |   2 +-
 4 files changed, 26 insertions(+), 93 deletions(-)

diff --git a/src/writemod.c b/src/writemod.c
index 0c9ff1a5..16b3fa0c 100644
--- a/src/writemod.c
+++ b/src/writemod.c
@@ -35,7 +35,7 @@ main(int argc, char* argv[])
 {
     char *path;
     int fd;
-    char *buf = "hi there";
+    char *buf = "hi there\n";
     ssize_t x;
     int sts;
 
@@ -59,7 +59,7 @@ main(int argc, char* argv[])
         return 1;
     }
     printf("write to the file\n");
-    x = write(fd, buf, strlen(buf)+1); 
+    x = write(fd, buf, strlen(buf));
     if (x == -1) {
 	perror("write");
         return 1;
diff --git a/tests/generic/093 b/tests/generic/093
index 824e9b27..807d886f 100755
--- a/tests/generic/093
+++ b/tests/generic/093
@@ -1,13 +1,11 @@
 #! /bin/bash
 # FS QA Test No. 093
 #
-# Test out for IRIX the removal of file capabilities when
-# writing to the file (when it doesn't have CAP_FSETID & CAP_SETFCAP)
-# i.e. not root.
-# Test out fix for pv#901019
+# Test clearing of capabilities on write.
 #
 #-----------------------------------------------------------------------
 # Copyright (c) 2000-2004 Silicon Graphics, Inc.  All Rights Reserved.
+# Copyright (c) 2017 Google, Inc.  All Rights Reserved.
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
@@ -43,23 +41,18 @@ _cleanup()
     [ -n "$TEST_DIR" ] && rm -f $file
 }
 
-_testfilter()
+filefilter()
 {
-    sed -e "s#$TEST_DIR#TESTDIR#g"
-}
-
-_filefilter()
-{
-    sed -e "s#$tmp##" -e "s#$file#file#"
+    sed -e "s#$file#file#"
 }
 
 # real QA test starts here
 _supported_fs generic
-_supported_os IRIX
+_supported_os Linux
 
 _require_test
 _require_attrs
-_require_runas
+_require_user
 
 rm -f $seqres.full
 
@@ -67,91 +60,31 @@ echo "QA output created by $seq"
 echo ""
 file=$TEST_DIR/$seq.file
 
-user=`grep ':all=:all=' /etc/capability | tail -1 | $AWK_PROG -F: '{print $1}'`
-uid=`_cat_passwd | grep $user | $AWK_PROG -F: '{print $3}'`
-
-cat >$tmp.append <<EOF
-#!/bin/bash
-echo data >>$file
-EOF
-chmod ugo+x $tmp.append
-
-echo "touch file"
+rm -f $file
 touch $file
-chmod ugo+w $file 
-
-echo "chcap on file"
-chcap CAP_CHOWN+p $file
-
-echo "ls -P on file"
-ls -P $file | _testfilter
-
-echo "append to file as root"
-$tmp.append
-
-echo "ls -P on file"
-ls -P $file | _testfilter
-
-echo "cat file"
-echo "----"
-cat $file
-echo "----"
-
-echo "append to file as user without caps"
-# in particular user doesn't have FSETID or SETFCAP
-_runas -u $uid $tmp.append
 
-echo "cat file"
-echo "----"
+echo "**** Verifying that appending to file clears capabilities ****"
+setcap cap_chown+ep $file
+getcap $file | filefilter
+echo data1 >> $file
 cat $file
-echo "----"
+getcap $file | filefilter
+echo
 
-echo "ls -P on file"
-ls -P $file | _testfilter
-
-# try again when it doesn't have the EA
-echo "append to file as user without caps a 2nd time"
-_runas -u $uid $tmp.append
-
-echo "ls -P on file"
-ls -P $file | _testfilter
-
-echo "cat file"
-echo "----"
+echo "**** Verifying that appending to file doesn't clear other xattrs ****"
+setcap cap_chown+ep $file
+$SETFATTR_PROG -n trusted.name -v value $file
+echo data2 >> $file
 cat $file
-echo "----"
-
-echo "only let root write to file"
-chmod 700 $file
-chown root $file 
-
-echo "as non-root try to append to file"
-_runas -u $uid $tmp.append 2>&1 | _filefilter
-
-echo "restore perms on file"
-chmod 777 $file
+$GETFATTR_PROG -m '^trusted\.*' --absolute-names $file | filefilter
 
-echo "set a root EA on file"
-${ATTR_PROG} -R -s test -V testval $file | _filefilter
-
-echo "list EA on file"
-${ATTR_PROG} -R -l $file | _filefilter
-
-echo "as non-root try to append to file"
-_runas -u $uid $tmp.append 2>&1 | _filefilter
-
-echo "list EA on file"
-${ATTR_PROG} -R -l $file | _filefilter
-
-chown $uid $file
+echo "**** Verifying that chmod doesn't affect open file descriptors ****"
+rm -f $file
+touch $file
+chown $qa_user $file
 chmod ugo+w $TEST_DIR
-echo "as non-root call writemod"
-_runas -u $uid src/writemod $file 2>&1 | _filefilter
-
-echo "cat file"
-echo "----"
+su $qa_user -c "src/writemod $file" | filefilter
 cat $file
-echo "----"
 
 # success, all done
 status=0
diff --git a/tests/generic/093.out b/tests/generic/093.out
index 0113a48ca00c2637080cbaa3bcf9bb5cc90dd473..cb29153ebfb94b066e2c1c77eebb4a1c097dbd0d 100644
GIT binary patch
literal 372
zcma)&y-vh15QKX_#po!IKtlW!5l9p~0?oB(&)#55N!D6#F5KH=$GVOJ7b{z1&o|@G
z56EhHHF#w*4me%#`1<19U0pb`rty-NZ&)M)<;+XikAg8x3_mexfu~HTG$l)1&|bP-
zeQ&~-kFqWIoLwNJr~f(!;j-M;T#W#+$ci5_tF#@^&Dwl+H+z`3eLB;%)FKZH&HOja
z$5{fd02)X32C3D0r@+N)$|hG-mqf8?GRC2GJ77x|F${xKp5@HQtaE{M6W6br)Q{ty
JE2g$rcE3cCe3<|M

literal 917
zcmb_b!A=4(5cS-znC#Vn1`iuaJP;(&i=vWvAcU0NA={+eZrWK0fA6$a2m+#sd+JQ5
zGw;25`!WFAQqvL?4kcj;iw#`g-UvaqEh<<ljiRUu*?=`E(jGeFZ8RCZP3|9GulP+j
z6vI?%eFwwAcs_i1et)`bW<oX%ni9yy1|U5+Yf1dQQ6VW|=<p{>Nm9hq;eghogSDcH
z*#V>X;>g=wgL6=haX1(O5_*BAs_`th*-1P*P}b-TXr!nXteqnK(onF5#+pvh5y)*q
zeqRL9P4Toh>qpJ{EQ2vzo)+DQF}hlLuXwK|8il2B=*c>ShHw0K!=4eygki*P`E<d6
z$f-rkkTT+D8HBQc0&=zxr&m(92uthIbP=jJC$#beKQ*eD+lel}p#5*{3-)mmy|$&W
s?BGZytsx6m&!WK~&vRC;wyW>LZ8t_03lV>$J^xk;_{QNya`JBRANmR_wg3PC

diff --git a/tests/generic/group b/tests/generic/group
index e626820c..d93aa06d 100644
--- a/tests/generic/group
+++ b/tests/generic/group
@@ -95,7 +95,7 @@
 090 metadata auto quick
 091 rw auto quick
 092 auto quick prealloc
-093 attr cap udf auto
+093 attr cap auto
 094 auto quick prealloc
 095 auto rw stress
 096 auto prealloc quick zero
-- 
2.13.3


  reply	other threads:[~2017-07-21  4:40 UTC|newest]

Thread overview: 20+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-07-21  4:38 [PATCH v2 00/15] xfstests: remove IRIX support Eric Biggers
2017-07-21  4:38 ` Eric Biggers [this message]
2017-07-21  4:38 ` [PATCH v2 02/15] tests: port generic/097 to Linux Eric Biggers
2017-07-21  4:38 ` [PATCH v2 03/15] tests: port xfs/095 " Eric Biggers
2017-07-21  4:38 ` [PATCH v2 04/15] tests: remove udf/098 Eric Biggers
2017-07-21  4:38 ` [PATCH v2 05/15] tests: remove udf/101 Eric Biggers
2017-07-21  4:38 ` [PATCH v2 06/15] tests: remove xfs/114 and xfs/115 Eric Biggers
2017-07-21  4:38 ` [PATCH v2 07/15] tests: remove xfs/057 and xfs/058 Eric Biggers
2017-07-21  4:38 ` [PATCH v2 08/15] tests: remove generic/099 Eric Biggers
2017-07-21  4:38 ` [PATCH v2 09/15] tests: make shared/051 a generic test Eric Biggers
2017-07-21  4:38 ` [PATCH v2 10/15] README: remove IRIX-specific documentation Eric Biggers
2017-07-21  4:38 ` [PATCH v2 11/15] tests: remove IRIX support from tests also supported on Linux Eric Biggers
2017-07-21  4:38 ` [PATCH v2 12/15] tests: clean up per-OS output files Eric Biggers
2017-07-21  4:38 ` [PATCH v2 13/15] common: remove IRIX-specific code Eric Biggers
2017-07-28 11:19   ` Eryu Guan
2017-07-28 16:50     ` Eric Biggers
2017-07-21  4:38 ` [PATCH v2 14/15] build: remove IRIX-specific build logic Eric Biggers
2017-07-21  4:38 ` [PATCH v2 15/15] include: remove some unused headers Eric Biggers
2017-07-24  4:43 ` [PATCH v2 00/15] xfstests: remove IRIX support Eryu Guan
2017-07-24 17:38   ` Eric Biggers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170721043853.364-2-ebiggers3@gmail.com \
    --to=ebiggers3@gmail.com \
    --cc=ebiggers@google.com \
    --cc=fstests@vger.kernel.org \
    --cc=linux-xfs@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox