mirror of
https://github.com/linux-apfs/apfstests.git
synced 2026-05-01 15:01:44 -07:00
Filipe Manana
2b5cf241ec
Starting with version 2.41 of libcap, the output of the getcap program changed and therefore some existing tests fail when the installed version of libcap is >= 2.41 (the latest version available at the moment is 2.44). The change was made by the following commit of libcap: commit 177cd418031b1acfcf73fe3b1af9f3279828681c Author: Andrew G. Morgan <morgan@kernel.org> Date: Tue Jul 21 22:58:05 2020 -0700 A more compact form for the text representation of capabilities. While this does not change anything about the supported range of equivalent text specifications for capabilities, as accepted by cap_from_text(), this does alter the preferred output format of cap_to_text() to be two characters shorter in most cases. That is, what used to be summarized as: "= cap_foo+..." is now converted to the equivalent text: "cap_foo=..." which is also more intuitive. So add a filter to change the old format to the new one, an helper that calls getcap with that filter, make existing tests use the new helper and update their golden output to match the new output format of getcap. Signed-off-by: Filipe Manana <fdmanana@suse.com> Reviewed-by: Eryu Guan <guaneryu@gmail.com> Signed-off-by: Eryu Guan <guaneryu@gmail.com>
152 lines
4.1 KiB
Bash
Executable File
152 lines
4.1 KiB
Bash
Executable File
#! /bin/bash
|
|
# SPDX-License-Identifier: GPL-2.0
|
|
# Copyright (C) 2020 SUSE Linux Products GmbH. All Rights Reserved.
|
|
#
|
|
# FS QA Test 214
|
|
#
|
|
# Test if the file capabilities aren't lost after full and incremental send
|
|
#
|
|
seq=`basename $0`
|
|
seqres=$RESULT_DIR/$seq
|
|
echo "QA output created by $seq"
|
|
|
|
here=`pwd`
|
|
tmp=/tmp/$$
|
|
status=1 # failure is the default!
|
|
trap "cleanup; exit \$status" 0 1 2 3 15
|
|
|
|
# get standard environment, filters and checks
|
|
. ./common/rc
|
|
. ./common/filter
|
|
|
|
# remove previous $seqres.full before test
|
|
rm -f $seqres.full
|
|
|
|
_supported_fs btrfs
|
|
_require_scratch
|
|
_require_command "$SETCAP_PROG" setcap
|
|
_require_command "$GETCAP_PROG" getcap
|
|
|
|
FS1="$SCRATCH_MNT/fs1"
|
|
FS2="$SCRATCH_MNT/fs2"
|
|
|
|
cleanup()
|
|
{
|
|
cd /
|
|
rm -f $tmp.*
|
|
}
|
|
|
|
check_capabilities()
|
|
{
|
|
local file
|
|
local cap
|
|
local ret
|
|
file="$1"
|
|
cap="$2"
|
|
ret=$(_getcap "$file")
|
|
if [ -z "$ret" ]; then
|
|
echo "$ret"
|
|
echo "missing capability in file $file"
|
|
fi
|
|
if [[ "$ret" != *$cap* ]]; then
|
|
echo "$cap"
|
|
echo "Capabilities do not match. Output: $ret"
|
|
fi
|
|
}
|
|
|
|
setup()
|
|
{
|
|
_scratch_mkfs >/dev/null
|
|
_scratch_mount
|
|
|
|
$BTRFS_UTIL_PROG subvolume create "$FS1" > /dev/null
|
|
$BTRFS_UTIL_PROG subvolume create "$FS2" > /dev/null
|
|
}
|
|
|
|
full_nocap_inc_withcap_send()
|
|
{
|
|
local ret
|
|
|
|
setup
|
|
|
|
# Test full send containing a file without capabilities
|
|
touch "$FS1/foo.bar"
|
|
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_init" >/dev/null
|
|
$BTRFS_UTIL_PROG send "$FS1/snap_init" -q | $BTRFS_UTIL_PROG receive "$FS2" -q
|
|
# ensure that we don't have capabilities set
|
|
ret=$(_getcap "$FS2/snap_init/foo.bar")
|
|
if [ -n "$ret" ]; then
|
|
echo "File contains capabilities when it shouldn't"
|
|
fi
|
|
|
|
# Test if incremental send brings the newly added capability
|
|
$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
|
|
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc" >/dev/null
|
|
$BTRFS_UTIL_PROG send -p "$FS1/snap_init" "$FS1/snap_inc" -q | \
|
|
$BTRFS_UTIL_PROG receive "$FS2" -q
|
|
check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
|
|
|
|
_scratch_unmount
|
|
}
|
|
|
|
roundtrip_send()
|
|
{
|
|
local files
|
|
|
|
# files should include foo.bar
|
|
files="$1"
|
|
|
|
setup
|
|
|
|
# create files on fs1, must contain foo.bar
|
|
for f in $files; do
|
|
touch "$FS1/$f"
|
|
done
|
|
|
|
# Test full send, checking if the receiving side keeps the capabilities
|
|
$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
|
|
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_init" >/dev/null
|
|
$BTRFS_UTIL_PROG send "$FS1/snap_init" -q | $BTRFS_UTIL_PROG receive "$FS2" -q
|
|
check_capabilities "$FS2/snap_init/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
|
|
|
|
# Test incremental send with different owner/group but same capabilities
|
|
chgrp 100 "$FS1/foo.bar"
|
|
$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
|
|
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc" >/dev/null
|
|
check_capabilities "$FS1/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
|
|
$BTRFS_UTIL_PROG send -p "$FS1/snap_init" "$FS1/snap_inc" -q | \
|
|
$BTRFS_UTIL_PROG receive "$FS2" -q
|
|
check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
|
|
|
|
# Test capabilities after incremental send with different group and capabilities
|
|
chgrp 0 "$FS1/foo.bar"
|
|
$SETCAP_PROG "cap_sys_time+ep cap_syslog+ep" "$FS1/foo.bar"
|
|
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc2" >/dev/null
|
|
check_capabilities "$FS1/snap_inc2/foo.bar" "cap_sys_time,cap_syslog=ep"
|
|
$BTRFS_UTIL_PROG send -p "$FS1/snap_inc" "$FS1/snap_inc2" -q | \
|
|
$BTRFS_UTIL_PROG receive "$FS2" -q
|
|
check_capabilities "$FS2/snap_inc2/foo.bar" "cap_sys_time,cap_syslog=ep"
|
|
|
|
_scratch_unmount
|
|
}
|
|
|
|
# real QA test starts here
|
|
|
|
echo "Test full send + file without capabilities, then incremental send bringing a new capability"
|
|
full_nocap_inc_withcap_send
|
|
|
|
echo "Testing if foo.bar alone can keep its capabilities"
|
|
roundtrip_send "foo.bar"
|
|
|
|
echo "Test foo.bar being the first item among other files"
|
|
roundtrip_send "foo.bar foo.bax foo.baz"
|
|
|
|
echo "Test foo.bar with objectid between two other files"
|
|
roundtrip_send "foo1 foo.bar foo3"
|
|
|
|
echo "Test foo.bar being the last item among other files"
|
|
roundtrip_send "foo1 foo2 foo.bar"
|
|
|
|
status=0
|
|
exit
|