From 3ee5349e21f1c0138501eaad839fbd63a91d2801 Mon Sep 17 00:00:00 2001 From: Tim Shimmin Date: Tue, 10 Aug 2004 05:43:44 +0000 Subject: [PATCH] add test 093 for testing removal of cap EA on file writes when process doesn't have FSETID and SETFCAP capabilities. This is an IRIX only test. This will check that pv#901019 changes are not stuffing up what the code was supposed to do. removal of file caps on write test - pv#901019 --- 093 | 117 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 093.out | 12 ++++++ common.rc | 18 ++++++--- group | 6 ++- 4 files changed, 147 insertions(+), 6 deletions(-) create mode 100755 093 create mode 100644 093.out diff --git a/093 b/093 new file mode 100755 index 00000000..89b114bd --- /dev/null +++ b/093 @@ -0,0 +1,117 @@ +#! /bin/sh +# FS QA Test No. 093 +# +# Test out for IRIX the removal of file capabilities when +# writing to the file (when it doesn't have CAP_FSETID & CAP_SETFCAP) +# i.e. not root. +# Test out fix for pv#901019 +# +#----------------------------------------------------------------------- +# Copyright (c) 2000-2004 Silicon Graphics, Inc. All Rights Reserved. +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of version 2 of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it would be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# Further, this software is distributed without any warranty that it is +# free of the rightful claim of any third person regarding infringement +# or the like. Any license provided herein, whether implied or +# otherwise, applies only to this software file. Patent licenses, if +# any, provided herein do not apply to combinations of this program with +# other software, or any other product whatsoever. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write the Free Software Foundation, Inc., 59 +# Temple Place - Suite 330, Boston MA 02111-1307, USA. +# +# Contact information: Silicon Graphics, Inc., 1600 Amphitheatre Pkwy, +# Mountain View, CA 94043, or: +# +# http://www.sgi.com +# +# For further information regarding this notice, see: +# +# http://oss.sgi.com/projects/GenInfo/SGIGPLNoticeExplan/ +#----------------------------------------------------------------------- +# +# creator +owner=tes@sgi.com + +seq=`basename $0` + +here=`pwd` +tmp=/tmp/$$ +runas=$here/src/runas +status=1 # FAILure is the default! +trap "_cleanup; exit \$status" 0 1 2 3 15 + +# get standard environment, filters and checks +. ./common.rc +. ./common.filter +. ./common.attr + +_cleanup() +{ + [ -n "$testdir" ] && rm -f $file + _cleanup_testdir +} + +_testfilter() +{ + sed -e "s#$testdir#TESTDIR#g" +} + +# real QA test starts here +_supported_fs xfs udf +_supported_os IRIX + +[ -x $runas ] || _notrun "$runas executable not found" + +rm -f $seq.full + +_setup_testdir +_need_to_be_root + +echo "QA output created by $seq" +echo "" +file=$testdir/$seq.file + +user=`grep ':all=:all=' /etc/capability | tail -1 | $AWK_PROG -F: '{print $1}'` +uid=`grep $user /etc/passwd | $AWK_PROG -F: '{print $3}'` + +cat >$tmp.append <>$file +EOF +chmod ugo+x $tmp.append + +echo "touch file" +touch $file +chmod ugo+w $file + +echo "chcap on file" +chcap CAP_CHOWN+p $file + +echo "ls -P on file" +ls -P $file | _testfilter + +echo "append to file as root" +$tmp.append + +echo "ls -P on file" +ls -P $file | _testfilter + +echo "append to file as user without caps" +# in particular user doesn't have FSETID or SETFCAP +$runas -u $uid $tmp.append + +echo "ls -P on file" +ls -P $file | _testfilter + +# success, all done +status=0 +exit diff --git a/093.out b/093.out new file mode 100644 index 00000000..2f57e075 --- /dev/null +++ b/093.out @@ -0,0 +1,12 @@ +QA output created by 093 + +touch file +chcap on file +ls -P on file +TESTDIR/093.file [all= CAP_CHOWN+p] +append to file as root +ls -P on file +TESTDIR/093.file [all= CAP_CHOWN+p] +append to file as user without caps +ls -P on file +TESTDIR/093.file [] diff --git a/common.rc b/common.rc index 233f8d8e..82d54937 100644 --- a/common.rc +++ b/common.rc @@ -837,11 +837,19 @@ _full_fstyp_details() { [ -z "$FSTYP" ] && FSTYP=xfs if [ $FSTYP = xfs ]; then - if grep 'debug 0' /proc/fs/xfs/stat >/dev/null; then - FSTYP="$FSTYP (non-debug)" - elif grep 'debug 1' /proc/fs/xfs/stat >/dev/null; then - FSTYP="$FSTYP (debug)" - fi + if [ -d /proc/fs/xfs ]; then + if grep -q 'debug 0' /proc/fs/xfs/stat; then + FSTYP="$FSTYP (non-debug)" + elif grep -q 'debug 1' /proc/fs/xfs/stat; then + FSTYP="$FSTYP (debug)" + fi + else + if uname -a | grep -qi 'debug'; then + FSTYP="$FSTYP (debug)" + else + FSTYP="$FSTYP (non-debug)" + fi + fi fi echo $FSTYP } diff --git a/group b/group index 271fefca..4fb1a445 100644 --- a/group +++ b/group @@ -39,7 +39,10 @@ remote tes@sgi.com ivanr@sgi.com copy harshula@sgi.com # chacl, libacl -acl tes@sgi.com ajag@sgi.com +acl tes@sgi.com + +# capabilities +cap tes@sgi.com # permissions perms tes@sgi.com @@ -159,3 +162,4 @@ ioctl nathans@sgi.com 090 rw 091 rw 092 other auto +093 attr cap auto