4 # Test permission checks in ->setattr
6 #-----------------------------------------------------------------------
7 # Copyright (c) 2008 Christoph Hellwig.
9 # This program is free software; you can redistribute it and/or
10 # modify it under the terms of the GNU General Public License as
11 # published by the Free Software Foundation.
13 # This program is distributed in the hope that it would be useful,
14 # but WITHOUT ANY WARRANTY; without even the implied warranty of
15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 # GNU General Public License for more details.
18 # You should have received a copy of the GNU General Public License
19 # along with this program; if not, write the Free Software Foundation,
20 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21 #-----------------------------------------------------------------------
25 seqres=$RESULT_DIR/$seq
26 echo "QA output created by $seq"
30 status=1 # failure is the default!
31 trap "_cleanup_files; exit \$status" 0 1 2 3 15
32 tag="added by qa $seq"
35 # For some tests we need a secondary group for the qa_user. Currently
36 # that's not available in the framework, so the tests using it are
42 # Create two files, one owned by root, one by the qa_user
48 chown ${qa_user}:${qa_user} $test_user
52 # Remove our files again
62 sed -e "s,$test_root,test.root,g" -e "s,$test_user,test.user,g"
65 # get standard environment, filters and checks
69 # real QA test starts here
76 test_root=$TEST_DIR/$seq.$$.root
77 test_user=$TEST_DIR/$seq.$$.user
80 # make sure we have a normal umask set
85 # Test the ATTR_UID case
88 echo "testing ATTR_UID"
93 echo "user: chown root owned file to qa_user (should fail)"
94 su ${qa_user} -c "chown ${qa_user} $test_root" 2>&1 | _filter_files
96 echo "user: chown root owned file to root (should fail)"
97 su ${qa_user} -c "chown root $test_root" 2>&1 | _filter_files
99 echo "user: chown qa_user owned file to qa_user (should succeed)"
100 su ${qa_user} -c "chown ${qa_user} $test_user"
102 # this would work without _POSIX_CHOWN_RESTRICTED
103 echo "user: chown qa_user owned file to root (should fail)"
104 su ${qa_user} -c "chown root $test_user" 2>&1 | _filter_files
109 # Test the ATTR_GID case
112 echo "testing ATTR_GID"
117 echo "user: chgrp root owned file to root (should fail)"
118 su ${qa_user} -c "chgrp root $test_root" 2>&1 | _filter_files
120 echo "user: chgrp qa_user owned file to root (should fail)"
121 su ${qa_user} -c "chgrp root $test_user" 2>&1 | _filter_files
123 echo "user: chgrp root owned file to qa_user (should fail)"
124 su ${qa_user} -c "chgrp ${qa_user} $test_root" 2>&1 | _filter_files
126 echo "user: chgrp qa_user owned file to qa_user (should succeed)"
127 su ${qa_user} -c "chgrp ${qa_user} $test_user"
129 #echo "user: chgrp qa_user owned file to secondary group (should succeed)"
130 #su ${qa_user} -c "chgrp ${group2} $test_user"
135 # Test the ATTR_MODE case
138 echo "testing ATTR_MODE"
143 echo "user: chmod a+r on qa_user owned file (should succeed)"
144 su ${qa_user} -c "chmod a+r $test_user"
146 echo "user: chmod a+r on root owned file (should fail)"
147 su ${qa_user} -c "chmod a+r $test_root" 2>&1 | _filter_files
150 # Setup a file owned by the qa_user, but with a group ID that
151 # is not present in the qa_users group list (use root to make it easier for it)
152 # and mark it with set sgid bit
154 # From Posix (www.opengroup.org) for chmod:
155 # "If the calling process does not have appropriate privileges, and
156 # if the group ID of the file does not match the effective group ID
157 # or one of the supplementary group IDs and if the file is a regular
158 # file, bit S_ISGID (set-group-ID on execution) in the file's mode
159 # shall be cleared upon successful return from chmod()."
161 # reg file + file's gid not in process' group set + no approp. privileges -> clear sgid
163 echo "check that the sgid bit is cleared"
164 chown ${qa_user}:root $test_user
167 # and let the qa_user change permission bits
168 su ${qa_user} -c "chmod a+w $test_user"
169 stat -c '%A' $test_user
172 # Setup a file owned by the qa_user and with the suid bit set.
173 # A chmod by root should not clear the suid bit.
174 # There is nothing in Posix that says it should but just checking.
176 echo "check that suid bit is not cleared"
179 stat -c '%A' $test_user
184 # Now test out the clear of suid/sgid for chown
186 # From Posix (www.opengroup.org) for chown:
187 # "If the specified file is a regular file, one or more of the S_IXUSR,
188 # S_IXGRP, or S_IXOTH bits of the file mode are set, and the process
189 # does not have appropriate privileges, the set-user-ID (S_ISUID) and
190 # set-group-ID (S_ISGID) bits of the file mode shall be cleared upon
191 # successful return from chown(). If the specified file is a regular
192 # file, one or more of the S_IXUSR, S_IXGRP, or S_IXOTH bits of the
193 # file mode are set, and the process has appropriate privileges, it
194 # is implementation-defined whether the set-user-ID and set-group-ID
195 # bits are altered. If the chown() function is successfully invoked
196 # on a file that is not a regular file and one or more of the S_IXUSR,
197 # S_IXGRP, or S_IXOTH bits of the file mode are set, the set-user-ID
198 # and set-group-ID bits may be cleared."
200 # reg file + exec-mode-bits set + no appropriate privileges -> clear suid,sgid
201 # reg file + exec-mode-bits set + appropriate privileges -> maybe clear suid,sgid
202 # non reg file + exec-mode-bits set + chown success on file (??) -> maybe clear suid/sgid
204 echo "check that suid/sgid bits are cleared after successful chown..."
206 echo "with no exec perm"
207 chmod ug+s $test_user
208 echo -n "before: "; stat -c '%A' $test_user
209 chown root $test_user
210 echo -n "after: "; stat -c '%A' $test_user
212 echo "with user exec perm"
213 chmod ug+s $test_user
215 echo -n "before: "; stat -c '%A' $test_user
216 chown root $test_user
217 echo -n "after: "; stat -c '%A' $test_user
219 echo "with group exec perm"
220 chmod ug+s $test_user
223 echo -n "before: "; stat -c '%A' $test_user
224 chown root $test_user
225 echo -n "after: "; stat -c '%A' $test_user
227 echo "with user+group exec perm"
228 chmod ug+s $test_user
229 chmod ug+x $test_user
230 echo -n "before: "; stat -c '%A' $test_user
231 chown root $test_user
232 echo -n "after: "; stat -c '%A' $test_user
237 # Now test out the clear of suid/sgid for truncate
239 echo "check that suid/sgid bits are cleared after successful truncate..."
241 echo "with no exec perm"
242 echo frobnozzle >> $test_user
243 chmod ug+s $test_user
244 echo -n "before: "; stat -c '%A' $test_user
245 su ${qa_user} -c "echo > $test_user"
246 echo -n "after: "; stat -c '%A' $test_user
248 echo "with user exec perm"
249 echo frobnozzle >> $test_user
250 chmod ug+s $test_user
252 echo -n "before: "; stat -c '%A' $test_user
253 su ${qa_user} -c "echo > $test_user"
254 echo -n "after: "; stat -c '%A' $test_user
256 echo "with group exec perm"
257 echo frobnozzle >> $test_user
258 chmod ug+s $test_user
261 echo -n "before: "; stat -c '%A' $test_user
262 su ${qa_user} -c "echo > $test_user"
263 echo -n "after: "; stat -c '%A' $test_user
265 echo "with user+group exec perm"
266 echo frobnozzle >> $test_user
267 chmod ug+s $test_user
268 chmod ug+x $test_user
269 echo -n "before: "; stat -c '%A' $test_user
270 su ${qa_user} -c "echo > $test_user"
271 echo -n "after: "; stat -c '%A' $test_user
274 # Test ATTR_*TIMES_SET
277 echo "testing ATTR_*TIMES_SET"
282 echo "user: touch qa_user file (should succeed)"
283 su ${qa_user} -c "touch $test_user"
285 echo "user: touch root file (should fail)"
286 su ${qa_user} -c "touch $test_root" 2>&1 | _filter_files