xfstests: test dump/restore of file capabilities

xfsrestore isn't properly restoring file capabilities; it restores them, but then chowns the file, which removes the caps: Call Trace: [<ffffffffa028de68>] xfs_xattr_set+0x118/0x120 [xfs] [<ffffffff8119a8c0>] generic_removexattr+0x80/0x90 [<ffffffff8120b408>] cap_inode_killpriv+0x28/0x30 [<ffffffff8120c666>] security_inode_killpriv+0x16/0x20 [<ffffffff81192edf>] notify_change+0x18f/0x330 [<ffffffff81176b70>] chown_common+0x60/0xa0 [<ffffffff81176c30>] sys_fchown+0x80/0xd0 [<ffffffff81537c59>] system_call_fastpath+0x16/0x1b This test demonstrates the problem. Reported-by: fugazzi® <fugazzi99@gmail.com> Signed-off-by: Eric Sandeen <sandeen@redhat.com> Reviewed-by: Ben Myers <bpm@sgi.com> Signed-off-by: Ben Myers <bpm@sgi.com>
2026-05-01 15:01:44 -07:00 · 2013-01-03 18:05:23 -06:00
parent 2388d7d861
commit 8322038f2b
3 changed files with 139 additions and 0 deletions
@@ -0,0 +1,83 @@
+#! /bin/bash
+# FS QA Test No. 296
+#
+# Test that xfsdump/restore preserves file capabilities
+#
+#-----------------------------------------------------------------------
+# Copyright (c) 2013 Red Hat, Inc.  All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it would be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write the Free Software Foundation,
+# Inc.,  51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#-----------------------------------------------------------------------
+#
+# creator
+owner=sandeen@sandeen.net
+
+seq=`basename $0`
+echo "QA output created by $seq"
+
+here=`pwd`
+tmp=/tmp/$$
+status=1	# failure is the default!
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+_cleanup()
+{
+    cd /
+    rm -f $tmp.*
+}
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+. ./common.dump
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs xfs
+_supported_os Linux
+_require_scratch
+
+rm -f $seq.full
+
+_wipe_fs
+
+mkdir -p $dump_dir
+echo test > $dump_dir/testfile
+# Set a generic xattr
+setfattr -n user.name -v value $dump_dir/testfile
+# Now set the cap (which is also an xattr)
+setcap cap_setgid,cap_setuid+ep $dump_dir/testfile
+# And make sure they are there on the source
+echo "Checking for xattr on source file"
+getfattr --absolute-names -m user.name $dump_dir/testfile | _dir_filter
+echo "Checking for capability on source file"
+getcap $dump_dir/testfile | _dir_filter
+getfattr --absolute-names -m security.capability $dump_dir/testfile | _dir_filter
+
+_do_dump_file -f $tmp.df.0
+_prepare_restore_dir
+_do_restore_file
+# Basic dump/restore checks first - the file is there, right?
+_ls_compare_sub
+_diff_compare
+
+echo "Checking for xattr on restored file"
+getfattr --absolute-names -m user.name $restore_dir/$dump_sdir/testfile | _dir_filter
+echo "Checking for capability on restored file"
+getcap $restore_dir/$dump_sdir/testfile | _dir_filter
+getfattr --absolute-names -m security.capability $restore_dir/$dump_sdir/testfile | _dir_filter
+
+status=0
+exit
@@ -0,0 +1,55 @@
+QA output created by 296
+Checking for xattr on source file
+# file: DUMP_DIR/testfile
+user.name
+
+Checking for capability on source file
+DUMP_DIR/testfile = cap_setgid,cap_setuid+ep
+# file: DUMP_DIR/testfile
+security.capability
+
+Dumping to file...
+xfsdump  -f DUMP_FILE -M stress_tape_media -L stress_296 SCRATCH_MNT
+xfsdump: using file dump (drive_simple) strategy
+xfsdump: level 0 dump of HOSTNAME:SCRATCH_MNT
+xfsdump: dump date: DATE
+xfsdump: session id: ID
+xfsdump: session label: "stress_296"
+xfsdump: ino map <PHASES>
+xfsdump: ino map construction complete
+xfsdump: estimated dump size: NUM bytes
+xfsdump: /var/xfsdump/inventory created
+xfsdump: creating dump session media file 0 (media 0, file 0)
+xfsdump: dumping ino map
+xfsdump: dumping directories
+xfsdump: dumping non-directory files
+xfsdump: ending media file
+xfsdump: media file size NUM bytes
+xfsdump: dump size (non-dir files) : NUM bytes
+xfsdump: dump complete: SECS seconds elapsed
+xfsdump: Dump Status: SUCCESS
+Restoring from file...
+xfsrestore  -f DUMP_FILE  -L stress_296 RESTORE_DIR
+xfsrestore: using file dump (drive_simple) strategy
+xfsrestore: using online session inventory
+xfsrestore: searching media for directory dump
+xfsrestore: examining media file 0
+xfsrestore: reading directories
+xfsrestore: 2 directories and 2 entries processed
+xfsrestore: directory post-processing
+xfsrestore: restoring non-directory files
+xfsrestore: restore complete: SECS seconds elapsed
+xfsrestore: Restore Status: SUCCESS
+Comparing listing of dump directory with restore directory
+Files TMP.dump_dir and TMP.restore_dir are identical
+Comparing dump directory with restore directory
+Files DUMP_DIR/testfile and RESTORE_DIR/DUMP_SUBDIR/testfile are identical
+Only in SCRATCH_MNT: RESTORE_SUBDIR
+Checking for xattr on restored file
+# file: RESTORE_DIR/DUMP_SUBDIR/testfile
+user.name
+
+Checking for capability on restored file
+RESTORE_DIR/DUMP_SUBDIR/testfile cap_setgid,cap_setuid+ep
+# file: RESTORE_DIR/DUMP_SUBDIR/testfile
+security.capability
@@ -414,3 +414,4 @@ deprecated
 293 auto quick
 294 auto quick
 295 auto logprint quick
+296 dump auto quick