4 # Test permission checks in ->setattr
6 #-----------------------------------------------------------------------
7 # Copyright (c) 2008 Christoph Hellwig.
8 #-----------------------------------------------------------------------
14 echo "QA output created by $seq"
18 status=1 # failure is the default!
19 trap "_cleanup_files; exit \$status" 0 1 2 3 15
20 tag="added by qa $seq"
23 # For some tests we need a secondary group for the qa_user. Currently
24 # that's not available in the framework, so the tests using it are
30 # Create two files, one owned by root, one by the qa_user
36 chown ${qa_user}:${qa_user} test.${qa_user}
40 # Remove our files again
48 # get standard environment, filters and checks
52 # real QA test starts here
53 _supported_fs xfs nfs udf
61 # make sure we have a normal umask set
67 # Test the ATTR_UID case
70 echo "testing ATTR_UID"
75 echo "user: chown root owned file to qa_user (should fail)"
76 su ${qa_user} -c "chown ${qa_user} test.root"
78 echo "user: chown root owned file to root (should fail)"
79 su ${qa_user} -c "chown root test.root"
81 echo "user: chown qa_user owned file to qa_user (should succeed)"
82 su ${qa_user} -c "chown ${qa_user} test.${qa_user}"
84 # this would work without _POSIX_CHOWN_RESTRICTED
85 echo "user: chown qa_user owned file to root (should fail)"
86 su ${qa_user} -c "chown root test.${qa_user}"
91 # Test the ATTR_GID case
94 echo "testing ATTR_GID"
99 echo "user: chgrp root owned file to root (should fail)"
100 su ${qa_user} -c "chgrp root test.root"
102 echo "user: chgrp qa_user owned file to root (should fail)"
103 su ${qa_user} -c "chgrp root test.${qa_user}"
105 echo "user: chgrp root owned file to qa_user (should fail)"
106 su ${qa_user} -c "chgrp ${qa_user} test.root"
108 echo "user: chgrp qa_user owned file to qa_user (should succeed)"
109 su ${qa_user} -c "chgrp ${qa_user} test.${qa_user}"
111 #echo "user: chgrp qa_user owned file to secondary group (should succeed)"
112 #su ${qa_user} -c "chgrp ${group2} test.${qa_user}"
118 # Test the ATTR_MODE case
121 echo "testing ATTR_MODE"
126 echo "user: chmod a+r on qa_user owned file (should succeed)"
127 su ${qa_user} -c "chmod a+r test.${qa_user}"
129 echo "user: chmod a+r on root owned file (should fail)"
130 su ${qa_user} -c "chmod a+r test.root"
133 # Setup a file owned by the qa_user, but with a group ID that
134 # is not present in the qa_users group list (use root to make it easier for it)
135 # and mark it with set sgid bit
137 # From Posix (www.opengroup.org) for chmod:
138 # "If the calling process does not have appropriate privileges, and
139 # if the group ID of the file does not match the effective group ID
140 # or one of the supplementary group IDs and if the file is a regular
141 # file, bit S_ISGID (set-group-ID on execution) in the file's mode
142 # shall be cleared upon successful return from chmod()."
144 # reg file + file's gid not in process' group set + no approp. privileges -> clear sgid
146 echo "check that the sgid bit is cleared"
147 chown ${qa_user}:root test.${qa_user}
148 chmod g+s test.${qa_user}
150 # and let the qa_user change permission bits
151 su ${qa_user} -c "chmod a+w test.${qa_user}"
152 stat -c '%A' test.${qa_user}
155 # Setup a file owned by the qa_user and with the suid bit set.
156 # A chmod by root should not clear the suid bit.
157 # There is nothing in Posix that says it should but just checking.
159 echo "check that suid bit is not cleared"
160 chmod u+s test.${qa_user}
161 chmod a+w test.${qa_user}
162 stat -c '%A' test.${qa_user}
167 # Now test out the clear of suid/sgid for chown
169 # From Posix (www.opengroup.org) for chown:
170 # "If the specified file is a regular file, one or more of the S_IXUSR,
171 # S_IXGRP, or S_IXOTH bits of the file mode are set, and the process
172 # does not have appropriate privileges, the set-user-ID (S_ISUID) and
173 # set-group-ID (S_ISGID) bits of the file mode shall be cleared upon
174 # successful return from chown(). If the specified file is a regular
175 # file, one or more of the S_IXUSR, S_IXGRP, or S_IXOTH bits of the
176 # file mode are set, and the process has appropriate privileges, it
177 # is implementation-defined whether the set-user-ID and set-group-ID
178 # bits are altered. If the chown() function is successfully invoked
179 # on a file that is not a regular file and one or more of the S_IXUSR,
180 # S_IXGRP, or S_IXOTH bits of the file mode are set, the set-user-ID
181 # and set-group-ID bits may be cleared."
183 # reg file + exec-mode-bits set + no appropriate privileges -> clear suid,sgid
184 # reg file + exec-mode-bits set + appropriate privileges -> maybe clear suid,sgid
185 # non reg file + exec-mode-bits set + chown success on file (??) -> maybe clear suid/sgid
187 echo "check that suid/sgid bits are cleared after successful chown..."
189 echo "with no exec perm"
190 chmod ug+s test.${qa_user}
191 echo -n "before: "; stat -c '%A' test.${qa_user}
192 chown root test.${qa_user}
193 echo -n "after: "; stat -c '%A' test.${qa_user}
195 echo "with user exec perm"
196 chmod ug+s test.${qa_user}
197 chmod u+x test.${qa_user}
198 echo -n "before: "; stat -c '%A' test.${qa_user}
199 chown root test.${qa_user}
200 echo -n "after: "; stat -c '%A' test.${qa_user}
202 echo "with group exec perm"
203 chmod ug+s test.${qa_user}
204 chmod g+x test.${qa_user}
205 chmod u-x test.${qa_user}
206 echo -n "before: "; stat -c '%A' test.${qa_user}
207 chown root test.${qa_user}
208 echo -n "after: "; stat -c '%A' test.${qa_user}
210 echo "with user+group exec perm"
211 chmod ug+s test.${qa_user}
212 chmod ug+x test.${qa_user}
213 echo -n "before: "; stat -c '%A' test.${qa_user}
214 chown root test.${qa_user}
215 echo -n "after: "; stat -c '%A' test.${qa_user}
221 # Test ATTR_*TIMES_SET
224 echo "testing ATTR_*TIMES_SET"
229 echo "user: touch qa_user file (should succeed)"
230 su ${qa_user} -c "touch test.${qa_user}"
232 echo "user: touch root file (should fail)"
233 su ${qa_user} -c "touch test.root"