2 # SPDX-License-Identifier: GPL-2.0
3 # Copyright (c) 2019 Alibaba Group. All Rights Reserved.
7 # Check that we can't set the FS_APPEND_FL and FS_IMMUTABLE_FL inode
8 # flags without capbility CAP_LINUX_IMMUTABLE
11 seqres=$RESULT_DIR/$seq
12 echo "QA output created by $seq"
16 status=1 # failure is the default!
17 trap "_cleanup; exit \$status" 0 1 2 3 15
21 # Cleanup of flags on both file in case test is aborted
22 # (i.e. CTRL-C), so we have no immutable/append-only files
23 $CHATTR_PROG -ia $workdir/file1 >/dev/null 2>&1
24 $CHATTR_PROG -ia $workdir/file2 >/dev/null 2>&1
27 rm -rf $tmp.* $workdir
30 # get standard environment, filters and checks
35 # real QA test starts here
42 _require_command "$CAPSH_PROG" "capsh"
44 workdir="$TEST_DIR/test-$seq"
48 echo "Create the original files"
54 grep -o "Operation not permitted"
57 echo "Try to chattr +ia with capabilities CAP_LINUX_IMMUTABLE"
58 $CHATTR_PROG +a $workdir/file1
59 $CHATTR_PROG +i $workdir/file1
61 echo "Try to chattr +ia/-ia without capability CAP_LINUX_IMMUTABLE"
62 $CAPSH_PROG --drop=cap_linux_immutable -- -c "$CHATTR_PROG +a $workdir/file2" 2>&1 | do_filter_output
63 $CAPSH_PROG --drop=cap_linux_immutable -- -c "$CHATTR_PROG +i $workdir/file2" 2>&1 | do_filter_output
65 $CAPSH_PROG --drop=cap_linux_immutable -- -c "$CHATTR_PROG -i $workdir/file1" 2>&1 | do_filter_output
66 $CAPSH_PROG --drop=cap_linux_immutable -- -c "$CHATTR_PROG -a $workdir/file1" 2>&1 | do_filter_output
68 echo "Try to chattr -ia with capability CAP_LINUX_IMMUTABLE"
69 $CHATTR_PROG -i $workdir/file1
70 $CHATTR_PROG -a $workdir/file1