generic/123, generic/128, afs: Allow for an fs that does its own perm management

The AFS filesystem has its own distributed permission management system
that's based on a per-cell user and group database used in conjunction with
ACLs.  The user is determined by the authentication token acquired from the
kaserver or Kerberos, not by the local fsuid/fsgid.  For the most part, the
uid, gid and mask on a file are ignored.

The generic/123 and generic/128 tests check that the UNIX permission bits do
what would normally be expected of them - but this fails on AFS.  Using "su"
to change the user is not effective on AFS.  Instead, "keyctl session" would
need to be used and an alternative authentication token would need to be
obtained.

Provide a "_require_unix_perm_checking" clause so that these tests can be
suppressed in cases such as AFS.

Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Zorro Lang <zlang@redhat.com>
Signed-off-by: Zorro Lang <zlang@kernel.org>

diff --git a/common/rc b/common/rc
index 3a7b518263898b81c787fad33c6ab6b427a156d5..cb94a7ab27281df74c5517a8740e77ab5165a6de 100644 (file)
--- a/common/rc
+++ b/common/rc
@@ -5170,6 +5170,15 @@ _require_use_local_uidgid()
        esac
 }
 
+_require_unix_perm_checking()
+{
+       case $FSTYP in
+       afs)
+               _notrun "$FSTYP doesn't perform traditional UNIX perm checking"
+               ;;
+       esac
+}
+
 init_rc
 
 ################################################################################

diff --git a/doc/requirement-checking.txt b/doc/requirement-checking.txt
index f24ecf5c4f30b12a246de54a36f9b099dd37f73a..802bf2a3fb22117d09a1b450065e02335d7e4a10 100644 (file)
--- a/doc/requirement-checking.txt
+++ b/doc/requirement-checking.txt
@@ -18,6 +18,7 @@ they have.  This is done with _require_<xxx> macros, which may take parameters.
        _require_exportfs
        _require_sgid_inheritance
        _require_use_local_uidgid
+       _require_unix_perm_checking
 
  (3) System call requirements.
 
@@ -112,6 +113,13 @@ _require_use_local_uidgid
      filesystems, for example, may choose other settings or not even have these
      concepts available.  The test will be skipped if not supported.
 
+_require_unix_perm_checking
+
+     The test requires that the $TEST_DEV filesystem performs traditional UNIX
+     file permissions checking.  A remote filesystem, for example, might use
+     some alternative distributed permissions model involving authentication
+     tokens rather than the local fsuid/fsgid.
+
 
 ========================
 SYSTEM CALL REQUIREMENTS

diff --git a/tests/generic/123 b/tests/generic/123
index f9b28abb8b91980414fc104f9895d29e3e5b0173..43f90b46e85ced4e5365bffdc82a11134188483e 100755 (executable)
--- a/tests/generic/123
+++ b/tests/generic/123
@@ -28,6 +28,7 @@ _supported_fs generic
 
 _require_test
 _require_user
+_require_unix_perm_checking
 
 my_test_subdir=$TEST_DIR/123subdir
 

diff --git a/tests/generic/128 b/tests/generic/128
index dc1d43f4413472639fb0326f2a5930fc4a54b580..924d6aa834d7d4aba4d1f967897fd0722d4ef531 100755 (executable)
--- a/tests/generic/128
+++ b/tests/generic/128
@@ -18,6 +18,7 @@ _supported_fs generic
 _require_scratch
 _require_user
 _require_chmod
+_require_unix_perm_checking
 
 _scratch_mkfs >/dev/null 2>&1
 _scratch_mount "-o nosuid"