2 # SPDX-License-Identifier: GPL-2.0
3 # Copyright (C) 2013 Oracle, Inc. All Rights Reserved.
7 # Check get/set ACLs to/from disk with a user namespace. A new file
8 # will be created and ACLs set on it from both inside a userns and
9 # from init_user_ns. We check that the ACL is is correct from both
10 # inside the userns and also from init_user_ns. We will then unmount
11 # and remount the file system and check the ACL from both inside the
12 # userns and from init_user_ns to show that the correct uid/gid in
13 # the ACL was flushed and brought back from disk.
16 _begin_fstest acl attr auto quick
18 # Override the default cleanup function.
22 _scratch_unmount >/dev/null 2>&1
25 # Import common functions.
29 nsexec=$here/src/nsexec
30 file=$SCRATCH_MNT/file1
32 # real QA test starts here
34 # only Linux supports user namespace
42 ns_acl2=`expr $acl2 - $acl1`
43 ns_acl3=`expr $acl3 - $acl1`
45 _getfacl_filter_nsid()
48 -e "s/user:$ns_acl1/user:nsid1/" \
49 -e "s/user:$ns_acl2/user:nsid2/" \
50 -e "s/user:$ns_acl3/user:nsid3/" \
51 -e "s/group:$ns_acl1/group:nsid1/" \
52 -e "s/group:$ns_acl2/group:nsid2/" \
53 -e "s/group:$ns_acl3/group:nsid3/" \
54 -e "s/: $ns_acl1/: nsid1/" \
55 -e "s/: $ns_acl2/: nsid2/" \
56 -e "s/: $ns_acl3/: nsid3/"
61 echo "From init_user_ns"
62 getfacl --absolute-names -n $file 2>/dev/null | _filter_scratch | _getfacl_filter_id
65 $nsexec -U -M "0 $acl1 1000" -G "0 $acl1 1000" getfacl --absolute-names -n $file 2>/dev/null | _filter_scratch | _getfacl_filter_nsid
68 _scratch_unmount >/dev/null 2>&1
69 echo "*** MKFS ***" >>$seqres.full
70 echo "" >>$seqres.full
71 _scratch_mkfs >>$seqres.full 2>&1 || _fail "mkfs failed"
75 chown $acl1.$acl1 $file
77 # set acls from init_user_ns, to be checked from inside the userns
78 setfacl -n -m u:$acl2:rw,g:$acl2:r $file
79 # set acls from inside userns, to be checked from init_user_ns
80 $nsexec -s -U -M "0 $acl1 1000" -G "0 $acl1 1000" setfacl -n -m u:root:rx,g:$ns_acl2:x $file
84 echo "*** Remounting ***"
87 _scratch_cycle_mount >>$seqres.full 2>&1 || _fail "remount failed"
91 _scratch_unmount >/dev/null 2>&1