tests: port generic/093 to Linux

This IRIX-specific test mainly tested whether a file's capabilities are
cleared when it is written to.  Port the test to the Linux libcap tools
and update it to expect the Linux semantics which are a little simpler:
capabilities are always cleared even if the program is root (or has
CAP_FSETID).  The test also tests that chmod doesn't affect open file
descriptors; this is mostly unrelated, but keep it in for now.

[eguan: add _require_test_program rule for src/writemod]

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <eguan@redhat.com>
Signed-off-by: Eryu Guan <eguan@redhat.com>

diff --git a/src/writemod.c b/src/writemod.c
index 0c9ff1a58663d5b3240841b74418e603f5d3e08f..16b3fa0c2dd39c30ddff984dfc5142c94eeda829 100644 (file)
--- a/src/writemod.c
+++ b/src/writemod.c
@@ -35,7 +35,7 @@ main(int argc, char* argv[])
 {
     char *path;
     int fd;
-    char *buf = "hi there";
+    char *buf = "hi there\n";
     ssize_t x;
     int sts;
 
@@ -59,7 +59,7 @@ main(int argc, char* argv[])
         return 1;
     }
     printf("write to the file\n");
-    x = write(fd, buf, strlen(buf)+1); 
+    x = write(fd, buf, strlen(buf));
     if (x == -1) {
        perror("write");
         return 1;

diff --git a/tests/generic/093 b/tests/generic/093
index 824e9b27618d490f85678dbd7f49a50a1f2fca96..197e6722f22cdf514a4050359fff449c718f93e0 100755 (executable)
--- a/tests/generic/093
+++ b/tests/generic/093
@@ -1,13 +1,11 @@
 #! /bin/bash
 # FS QA Test No. 093
 #
-# Test out for IRIX the removal of file capabilities when
-# writing to the file (when it doesn't have CAP_FSETID & CAP_SETFCAP)
-# i.e. not root.
-# Test out fix for pv#901019
+# Test clearing of capabilities on write.
 #
 #-----------------------------------------------------------------------
 # Copyright (c) 2000-2004 Silicon Graphics, Inc.  All Rights Reserved.
+# Copyright (c) 2017 Google, Inc.  All Rights Reserved.
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
@@ -43,23 +41,19 @@ _cleanup()
     [ -n "$TEST_DIR" ] && rm -f $file
 }
 
-_testfilter()
+filefilter()
 {
-    sed -e "s#$TEST_DIR#TESTDIR#g"
-}
-
-_filefilter()
-{
-    sed -e "s#$tmp##" -e "s#$file#file#"
+    sed -e "s#$file#file#"
 }
 
 # real QA test starts here
 _supported_fs generic
-_supported_os IRIX
+_supported_os Linux
 
 _require_test
 _require_attrs
-_require_runas
+_require_user
+_require_test_program "writemod"
 
 rm -f $seqres.full
 
@@ -67,91 +61,31 @@ echo "QA output created by $seq"
 echo ""
 file=$TEST_DIR/$seq.file
 
-user=`grep ':all=:all=' /etc/capability | tail -1 | $AWK_PROG -F: '{print $1}'`
-uid=`_cat_passwd | grep $user | $AWK_PROG -F: '{print $3}'`
-
-cat >$tmp.append <<EOF
-#!/bin/bash
-echo data >>$file
-EOF
-chmod ugo+x $tmp.append
-
-echo "touch file"
+rm -f $file
 touch $file
-chmod ugo+w $file 
-
-echo "chcap on file"
-chcap CAP_CHOWN+p $file
-
-echo "ls -P on file"
-ls -P $file | _testfilter
-
-echo "append to file as root"
-$tmp.append
-
-echo "ls -P on file"
-ls -P $file | _testfilter
-
-echo "cat file"
-echo "----"
-cat $file
-echo "----"
-
-echo "append to file as user without caps"
-# in particular user doesn't have FSETID or SETFCAP
-_runas -u $uid $tmp.append
 
-echo "cat file"
-echo "----"
+echo "**** Verifying that appending to file clears capabilities ****"
+setcap cap_chown+ep $file
+getcap $file | filefilter
+echo data1 >> $file
 cat $file
-echo "----"
+getcap $file | filefilter
+echo
 
-echo "ls -P on file"
-ls -P $file | _testfilter
-
-# try again when it doesn't have the EA
-echo "append to file as user without caps a 2nd time"
-_runas -u $uid $tmp.append
-
-echo "ls -P on file"
-ls -P $file | _testfilter
-
-echo "cat file"
-echo "----"
+echo "**** Verifying that appending to file doesn't clear other xattrs ****"
+setcap cap_chown+ep $file
+$SETFATTR_PROG -n trusted.name -v value $file
+echo data2 >> $file
 cat $file
-echo "----"
-
-echo "only let root write to file"
-chmod 700 $file
-chown root $file 
-
-echo "as non-root try to append to file"
-_runas -u $uid $tmp.append 2>&1 | _filefilter
-
-echo "restore perms on file"
-chmod 777 $file
+$GETFATTR_PROG -m '^trusted\.*' --absolute-names $file | filefilter
 
-echo "set a root EA on file"
-${ATTR_PROG} -R -s test -V testval $file | _filefilter
-
-echo "list EA on file"
-${ATTR_PROG} -R -l $file | _filefilter
-
-echo "as non-root try to append to file"
-_runas -u $uid $tmp.append 2>&1 | _filefilter
-
-echo "list EA on file"
-${ATTR_PROG} -R -l $file | _filefilter
-
-chown $uid $file
+echo "**** Verifying that chmod doesn't affect open file descriptors ****"
+rm -f $file
+touch $file
+chown $qa_user $file
 chmod ugo+w $TEST_DIR
-echo "as non-root call writemod"
-_runas -u $uid src/writemod $file 2>&1 | _filefilter
-
-echo "cat file"
-echo "----"
+su $qa_user -c "src/writemod $file" | filefilter
 cat $file
-echo "----"
 
 # success, all done
 status=0

diff --git a/tests/generic/093.out b/tests/generic/093.out
index 0113a48ca00c2637080cbaa3bcf9bb5cc90dd473..cb29153ebfb94b066e2c1c77eebb4a1c097dbd0d 100644 (file)
Binary files a/tests/generic/093.out and b/tests/generic/093.out differ

diff --git a/tests/generic/group b/tests/generic/group
index a04cc9000ebca35effbab13a2842e6e95d896fc2..490948cb1dc356c3a565333a47efc6bd24a2b372 100644 (file)
--- a/tests/generic/group
+++ b/tests/generic/group
@@ -95,7 +95,7 @@
 090 metadata auto quick
 091 rw auto quick
 092 auto quick prealloc
-093 attr cap udf auto
+093 attr cap auto
 094 auto quick prealloc
 095 auto rw stress
 096 auto prealloc quick zero