apfs/apfstests
0
0
Fork 0
mirror of https://github.com/linux-apfs/apfstests.git synced 2026-05-01 15:01:44 -07:00
Code Issues Packages Projects Releases Wiki Activity
Files
aae8fbecf42b99581984f2d4ad7830e9e2f3f6d0
apfstests/tests/generic/598
T
Yong Sun 1ce2a82c14 fstests: modify user name beginning with non-digit 
openSUSE and SLE don't support username begin with digit, so it will
skip test generic/597 and generic/598 by lack of 123456-fsgqa user.
generic/597 and 598 are not test username begin with digit on purpose
(different with generic/381). It's will be helpful to use an username
begin with non-digit in this case.

Signed-off-by: Sun Yong <yosun@suse.com>
Reviewed-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
2020-06-21 22:21:29 +08:00

127 lines
3.2 KiB
Bash
Executable File
Raw Blame History

#! /bin/bash
# SPDX-License-Identifier: GPL-2.0
# Copyright (c) 2020 Red Hat, Inc. All Rights Reserved.
#
# FS QA Test No. 598
#
# Test protected_regular and protected_fifos sysctls
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
rm -rf $TEST_DIR/$seq
[ ! -z "$REGULAR_PROTECTION" ] \
&& sysctl -qw fs.protected_regular=$REGULAR_PROTECTION
[ ! -z "$FIFO_PROTECTION" ] \
&& sysctl -qw fs.protected_fifos=$FIFO_PROTECTION
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
. ./common/filter
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
# Modify as appropriate.
_supported_fs generic
_supported_os Linux
_require_test
_require_sysctl_variable fs.protected_regular
_require_sysctl_variable fs.protected_fifos
_require_user fsgqa2
# Do this SECOND so that qa_user is fsgqa, and _user_do uses that account
_require_user fsgqa
USER1=fsgqa2
USER2=fsgqa
# Save current system state to reset when done
REGULAR_PROTECTION=`sysctl -n fs.protected_regular`
FIFO_PROTECTION=`sysctl -n fs.protected_fifos`
test_access()
{
FILENAME=$1
# sticky dir is world & group writable:
echo "= group & world writable dir"
chmod og+w $TEST_DIR/$seq/sticky_dir
# "open -f" opens O_CREAT
_user_do "$XFS_IO_PROG -c \"open -f $TEST_DIR/$seq/sticky_dir/$FILENAME\""
# sticky dir is only group writable:
echo "= only group writable dir"
chmod o-w $TEST_DIR/$seq/sticky_dir
_user_do "$XFS_IO_PROG -c \"open -f $TEST_DIR/$seq/sticky_dir/$FILENAME\""
}
setup_tree()
{
# Create sticky dir owned by $USER2
mkdir -p $TEST_DIR/$seq
mkdir -p $TEST_DIR/$seq/sticky_dir
chmod 1777 $TEST_DIR/$seq/sticky_dir
chown $USER2.$USER2 $TEST_DIR/$seq/sticky_dir
# Create file & fifo in that dir owned by $USER1, and open
# normal read/write privs for world & group
$XFS_IO_PROG -c "open -f $TEST_DIR/$seq/sticky_dir/file"
chown $USER1.$USER1 $TEST_DIR/$seq/sticky_dir/file
chmod o+rw $TEST_DIR/$seq/sticky_dir/file
mkfifo $TEST_DIR/$seq/sticky_dir/fifo
chown $USER1.$USER1 $TEST_DIR/$seq/sticky_dir/fifo
chmod o+rw $TEST_DIR/$seq/sticky_dir/fifo
}
setup_tree
# First test fs.protected_regular
# With protection set to 1, O_CREAT opens in a world-writable sticky
# directory should fail if the file exists, is owned by another, and
# file owner != dir owner
#
# With protection set to 2, the same goes for group-writable
# sticky directories
echo "== Test file open when owned by another and file owner != dir owner"
sysctl -w fs.protected_regular=0
test_access file
sysctl -w fs.protected_regular=1
test_access file
sysctl -w fs.protected_regular=2
test_access file
echo
# Now test fs.protected_fifos
# With protection set to 1, O_CREAT opens in a world-writable sticky
# directory should fail if the fifo exists, is owned by another, and
# file owner != dir owner
#
# With protection set to 2, the same goes for group-writable
# sticky directories
echo "== Test fifo open when owned by another and fifo owner != dir owner"
sysctl -w fs.protected_fifos=0
test_access fifo
sysctl -w fs.protected_fifos=1
test_access fifo
sysctl -w fs.protected_fifos=2
test_access fifo
# success, all done
status=0
exit
Reference in New Issue View Git Blame Copy Permalink