1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
|
#! /bin/bash
# SPDX-License-Identifier: GPL-2.0
# Copyright (c) 2022 Christian Brauner (Microsoft). All Rights Reserved.
#
# FS QA Test 692
#
# Test that users can changed group ownership of a file they own to a group
# they are a member of.
#
# Regression test for commit:
#
# 168f91289340 ("fs: account for group membership")
#
. ./common/preamble
_begin_fstest auto quick perms attr idmapped mount
# Override the default cleanup function.
_cleanup()
{
cd /
$UMOUNT_PROG $SCRATCH_MNT/target-mnt 2>/dev/null
$UMOUNT_PROG $SCRATCH_MNT/ovl-merge 2>/dev/null
$UMOUNT_PROG $SCRATCH_MNT 2>/dev/null
rm -r -f $tmp.*
}
# real QA test starts here
_supported_fs ^overlay
_require_extra_fs overlay
_supports_filetype $SCRATCH_MNT || _notrun "overlayfs test requires d_type"
_require_scratch
_require_chown
_require_idmapped_mounts
_require_test_program "vfs/mount-idmapped"
_require_user fsgqa2
_require_group fsgqa2
# Do this SECOND so that qa_user is fsgqa, and _user_do uses that account
_require_user fsgqa
_require_group fsgqa
_scratch_mkfs >> $seqres.full
_scratch_mount
uqid=`id -u fsgqa`
gqid=`id -g fsgqa`
uqid2=`id -u fsgqa2`
gqid2=`id -g fsgqa2`
setup_tree()
{
mkdir -p $SCRATCH_MNT/source-mnt
chmod 0777 $SCRATCH_MNT/source-mnt
touch $SCRATCH_MNT/source-mnt/file1
chown 65534:65534 $SCRATCH_MNT
chown 65534:65534 $SCRATCH_MNT/source-mnt
chown 65534:65535 $SCRATCH_MNT/source-mnt/file1
mkdir -p $SCRATCH_MNT/target-mnt
chmod 0777 $SCRATCH_MNT/target-mnt
}
# Setup an idmapped mount where uid and gid 65534 are mapped to fsgqa and uid
# and gid 65535 are mapped to fsgqa2.
setup_idmapped_mnt()
{
$here/src/vfs/mount-idmapped \
--map-mount=u:65534:$uqid:1 \
--map-mount=g:65534:$gqid:1 \
--map-mount=u:65535:$uqid2:1 \
--map-mount=g:65535:$gqid2:1 \
$SCRATCH_MNT/source-mnt $SCRATCH_MNT/target-mnt
}
# We've created a layout where fsgqa owns the target file but the group of the
# target file is owned by another group. We now test that user fsgqa can change
# the group ownership of the file to a group they control. In this case to the
# fsgqa group.
change_group_ownership()
{
local path="$1"
stat -c '%U:%G' $path
_user_do "id -u --name; id -g --name; chgrp $gqid $path"
stat -c '%U:%G' $path
}
reset_ownership()
{
local path="$SCRATCH_MNT/source-mnt/file1"
echo ""
echo "reset ownership"
chown 65534:65534 $path
stat -c '%u:%g' $path
chown 65534:65535 $path
stat -c '%u:%g' $path
}
# Basic test as explained in the comment for change_group_ownership().
run_base_test()
{
echo ""
echo "base idmapped test"
change_group_ownership "$SCRATCH_MNT/target-mnt/file1"
reset_ownership
}
lower="$SCRATCH_MNT/target-mnt"
upper="$SCRATCH_MNT/ovl-upper"
work="$SCRATCH_MNT/ovl-work"
merge="$SCRATCH_MNT/ovl-merge"
# Prepare overlayfs with metacopy turned off.
setup_overlayfs_idmapped_lower_metacopy_off()
{
mkdir $upper
mkdir $work
mkdir $merge
mount -t overlay overlay -o "lowerdir=$lower,upperdir=$upper,workdir=$work,metacopy=off" $merge || _notrun "overlayfs test doesn't support idmappped layers"
}
# Prepare overlayfs with metacopy turned on.
setup_overlayfs_idmapped_lower_metacopy_on()
{
mkdir $upper
mkdir $work
mkdir $merge
mount -t overlay overlay -o "lowerdir=$lower,upperdir=$upper,workdir=$work,metacopy=on" $merge
}
reset_overlayfs()
{
rm -rf $upper
rm -rf $work
$UMOUNT_PROG $SCRATCH_MNT/ovl-merge 2>/dev/null
rm -rf $merge
}
# Overlayfs can be mounted on top of idmapped layers. Make sure that the basic
# test explained in the comment for change_group_ownership() passes with
# overlayfs mounted on top of it.
# This tests overlayfs with metacopy turned off, i.e., changing a file copies
# up data and metadata.
run_overlayfs_idmapped_lower_metacopy_off()
{
echo ""
echo "overlayfs idmapped lower metacopy off"
change_group_ownership "$SCRATCH_MNT/ovl-merge/file1"
reset_overlayfs
reset_ownership
}
# Overlayfs can be mounted on top of idmapped layers. Make sure that the basic
# test explained in the comment for change_group_ownership() passes with
# overlayfs mounted on top of it.
# This tests overlayfs with metacopy turned on, i.e., changing a file tries to
# only copy up metadata.
run_overlayfs_idmapped_lower_metacopy_on()
{
echo ""
echo "overlayfs idmapped lower metacopy on"
change_group_ownership "$SCRATCH_MNT/ovl-merge/file1"
reset_overlayfs
reset_ownership
}
setup_tree
setup_idmapped_mnt
run_base_test
setup_overlayfs_idmapped_lower_metacopy_off
run_overlayfs_idmapped_lower_metacopy_off
setup_overlayfs_idmapped_lower_metacopy_on
run_overlayfs_idmapped_lower_metacopy_on
# success, all done
status=0
exit
|
