mirror of
https://github.com/linux-apfs/apfstests.git
synced 2026-05-01 15:01:44 -07:00
Tim Shimmin
841b609ec9
Merge of master-melb:xfs-cmds:32058a by kenmcd. Run all the tests in xfstests/nfs4acl
64 lines
1.5 KiB
Plaintext
64 lines
1.5 KiB
Plaintext
$ mkdir d
|
|
$ cd d
|
|
|
|
$ whoami
|
|
> root
|
|
|
|
$ id -Gn daemon
|
|
> daemon bin
|
|
|
|
$ touch a
|
|
|
|
Chown and chgrp with no take ownership permission fails:
|
|
$ su daemon
|
|
$ chown daemon a
|
|
> chown: changing ownership of `a': Operation not permitted
|
|
$ chgrp daemon a
|
|
> chgrp: changing group of `a': Operation not permitted
|
|
$ nfs4acl --set 'daemon:rwo::allow' a
|
|
> a: Operation not permitted
|
|
|
|
Add the take_ownership permission. This is reflected in the file masks; the
|
|
file mode cannot show this though:
|
|
$ su
|
|
$ nfs4acl --set 'daemon:rwo::allow' a
|
|
|
|
Chown and chgrp to an arbitrary other user or group fails:
|
|
$ su daemon
|
|
$ chown root a
|
|
> chown: changing ownership of `a': Operation not permitted
|
|
$ chgrp root a
|
|
> chgrp: changing group of `a': Operation not permitted
|
|
|
|
Changing the mode makes that an upper bound of the permissions granted, even
|
|
when the file mode stays the same:
|
|
$ su
|
|
$ ls -l a | cut -d ' ' -f1
|
|
> -rw-rw----
|
|
$ chmod 660 a
|
|
|
|
Chown and chgrp to the same user or a group the process is in now fails
|
|
because the masks now do not grant change_ownership access:
|
|
$ su daemon
|
|
$ chown daemon a
|
|
> chown: changing ownership of `a': Operation not permitted
|
|
$ chgrp daemon a
|
|
> chgrp: changing group of `a': Operation not permitted
|
|
$ chgrp bin a
|
|
> chgrp: changing group of `a': Operation not permitted
|
|
|
|
Add back change_ownership:
|
|
$ su
|
|
$ nfs4acl --set 'daemon:rwo::allow' a
|
|
|
|
Now, chgrp to one of the groups the process is in and chown to the same user
|
|
succeeds:
|
|
$ su daemon
|
|
$ chgrp daemon a
|
|
$ chgrp bin a
|
|
$ chown daemon a
|
|
|
|
$ su
|
|
$ cd ..
|
|
$ rm -rf d
|