On Thu, 07 Jan 2010 15:02:49 +0100, Michal Simek wrote: > Garrett Cooper wrote: >> On Wed, Jan 6, 2010 at 5:33 PM, Jiri Palecek wrote: >>> Garrett Cooper napsal(a): >>>> On Tue, Jan 5, 2010 at 5:41 PM, Garrett Cooper >>>> wrote: >>>>> On Tue, Jan 5, 2010 at 5:27 PM, Jiri Palecek wrote: >>>>>> Michal Simek napsal(a): >>>>>>> Hi, >>>>>> Hi, >>>>>>> I have some problems with lchown02 test which is caused with this >>>>>>> patch. >>>>>>> What is prep_create_link? >>>>>>> >>>>>>> Thanks, >>>>>>> Michal >>>>>>> >>>>>>> >>>>>>> >>>>>>> http://git.kernel.org/?p=linux/kernel/git/galak/ltp.git;a=commitdiff;h=ee1a022fc76076d7fc1b6b1797c195244414c038 >>>>>>> >>>>>>> >>>>>>> >>>>>>> diff --git a/runtest/syscalls b/runtest/syscalls >>>>>>> index fbe8641..34631ed 100644 (file) >>>>>>> --- a/runtest/syscalls >>>>>>> +++ b/runtest/syscalls >>>>>>> @@ -462,10 +462,10 @@ kill12 kill12 >>>>>>> >>>>>>> lchown01 lchown01 >>>>>>> lchown01_16 lchown01_16 >>>>>>> -lchown02 cp -p $LTPROOT/testcases/bin/create_link $TMP; lchown02 >>>>>>> -lchown02_16 cp -p $LTPROOT/testcases/bin/create_link $TMP; >>>>>>> lchown02_16 >>>>>>> +lchown02 prep_create_link; lchown02 >>>>>>> +lchown02_16 prep_create_link; lchown02_16 >>>>>> IMHO it should do the same as the line above. But I think the whole >>>>>> thing >>>>>> could be deleted without causing any grief: >>>>>> >>>>>> >>>>>> http://repo.or.cz/w/ltp-debian.git?a=commit;h=a5499edcf368fa88df924f94ffcbe63c22b46e82 >>>>> The test needs create_link in $TMP; that's why I scripted it as a >>>>> one-liner (but stupid me probably forgot to add the script to CVS >>>>> -_-). >>>>> Let me look and I'll get back to you shortly. >>>> Fixed. The executable needed CAP_CHOWN capability and that's part of >>>> the point behind that script... >>> Couldn't the executable just get CAP_CHOWN with cap_set_proc in case >>> it is >>> running under root with restricted capabilities? >>> >>> I'm not sure it wouldn't fail even with the suid-root executable under >>> such >>> condition - are you really sure it doesn't (esp. in the face of >>> lchown01, >>> which would fail almost surely and doesn't have this hack)? >> This requires libcap though, which means that any system under >> test without it would fail the test: >> NAME >> cap_get_proc, cap_set_proc, capgetp - capability manipulation >> on pro- >> cesses >> SYNOPSIS >> #include >> cap_t cap_get_proc(void); >> int cap_set_proc(cap_t cap_p); >> #include >> cap_t cap_get_pid(pid_t pid); >> Link with -lcap. >> I agree though, this is the best / cleanest solution... > > > Please keep in your mind that not everybody has capability.h in > toolchain. For example we don't have it. I can imagine that this could True, but do you have a capability restricted root and NOT have capability.h. > be one option. You can check if is capability.h and then use it. But if > is not there still should be able to run that tests. Yet I'm still unconviced about the motivation behind this. I tried running the *chown* tests under root with CAP_CHOWN dropped. As you can see in the attachment, all the tests failed (except for chown01, which is because this test doesn't actually test the functionality of chown). But, only lchown02 has this prep_create_link hack (and I'm actually unsure it would help in this case). So I don't know if these tests are actually meant to be working under these conditions, and if not, I can't see the reason of this prep_create_link script. Regards Jiri Palecek