generic: Check clearing of SGID in chmod and acl_set_file

Check if SGID is cleared upon chmod / setfacl when the owner is not in the owning group. As of today, the kernel fails to clear SGID in setxattr (which is what acl_set_file is implemented on top of) in that case; see this patch: https://patchwork.kernel.org/patch/9290507/ Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> Cc: Jan Kara <jack@suse.cz> Reviewed-by: Eryu Guan <eguan@redhat.com> Signed-off-by: Eryu Guan <eguan@redhat.com>
2026-05-01 15:01:44 -07:00 · 2016-08-23 23:51:39 +02:00
parent d6a6cf579f
commit d8fe99a265
3 changed files with 91 additions and 0 deletions
@@ -0,0 +1,81 @@
+#! /bin/bash
+# FS QA Test 375
+#
+# Check if SGID is cleared upon chmod / setfacl when the owner is not in the
+# owning group.
+#
+#-----------------------------------------------------------------------
+# Copyright (c) 2016 Red Hat.  All Rights Reserved.
+#
+# Author: Andreas gruenbacher <agruenba@redhat.com>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it would be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write the Free Software Foundation,
+# Inc.,  51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#-----------------------------------------------------------------------
+#
+
+seq=`basename $0`
+seqres=$RESULT_DIR/$seq
+echo "QA output created by $seq"
+
+here=`pwd`
+tmp=/tmp/$$
+status=1	# failure is the default!
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+_cleanup()
+{
+	cd /
+	rm -f $tmp.*
+}
+
+# get standard environment, filters and checks
+. ./common/rc
+. ./common/filter
+. ./common/attr
+
+# real QA test starts here
+_supported_fs generic
+_supported_os Linux
+_require_test
+_require_runas
+_require_acls
+
+cd $TEST_DIR
+testfile=testfile.$seq
+rm -f $testfile
+
+touch $testfile
+chown 100:100 $testfile
+
+echo '*** SGID should remain set (twice)'
+chmod 2755 $testfile
+_runas -u 100 -g 100 -- chmod 2777 $testfile
+stat -c %A $testfile
+chmod 2755 $testfile
+_runas -u 100 -g 100 -- setfacl -m u::rwx,g::rwx,o::rwx $testfile
+stat -c %A $testfile
+
+echo '*** SGID should be cleared (twice)'
+chmod 2755 $testfile
+_runas -u 100 -g 101 -- chmod 2777 $testfile
+stat -c %A $testfile
+chmod 2755 $testfile
+_runas -u 100 -g 101 -- setfacl -m u::rwx,g::rwx,o::rwx $testfile
+stat -c %A $testfile
+
+echo '*** Expected failure'
+_runas -u 101 -g 101 -- chmod 2777 $testfile
+
+status=0
+exit
@@ -0,0 +1,9 @@
+QA output created by 375
+*** SGID should remain set (twice)
+-rwxrwsrwx
+-rwxrwsrwx
+*** SGID should be cleared (twice)
+-rwxrwxrwx
+-rwxrwxrwx
+*** Expected failure
+chmod: changing permissions of 'testfile.375': Operation not permitted
@@ -377,3 +377,4 @@
 372 auto quick clone
 373 auto quick clone
 374 auto quick clone dedupe
+375 auto quick acl