2 # SPDX-License-Identifier: GPL-2.0
3 # Copyright (c) 2000-2004 Silicon Graphics, Inc. All Rights Reserved.
4 # Copyright (c) 2017 Google, Inc. All Rights Reserved.
8 # Test clearing of capabilities on write.
11 seqres=$RESULT_DIR/$seq
15 status=1 # FAILure is the default!
16 trap "_cleanup; exit \$status" 0 1 2 3 15
18 # get standard environment, filters and checks
25 [ -n "$TEST_DIR" ] && rm -f $file
30 sed -e "s#$file#file#"
33 # real QA test starts here
38 _require_attrs security
40 _require_test_program "writemod"
41 _require_command "$SETCAP_PROG" "setcap"
42 _require_command "$GETCAP_PROG" "getcap"
46 echo "QA output created by $seq"
48 file=$TEST_DIR/$seq.file
53 echo "**** Verifying that appending to file clears capabilities ****"
54 $SETCAP_PROG cap_chown+ep $file
55 $GETCAP_PROG $file | filefilter
58 $GETCAP_PROG $file | filefilter
61 echo "**** Verifying that appending to file doesn't clear other xattrs ****"
62 $SETCAP_PROG cap_chown+ep $file
63 $SETFATTR_PROG -n trusted.name -v value $file
66 _getfattr -m '^trusted\.*' --absolute-names $file | filefilter
68 echo "**** Verifying that chmod doesn't affect open file descriptors ****"
73 # don't use $here/src/writemod, as we're running it as a regular user, and
74 # $here may contain path component that a regular user doesn't have search
76 su $qa_user -c "src/writemod $file" | filefilter