#! /bin/bash # SPDX-License-Identifier: GPL-2.0 # Copyright (c) 2022 Christian Brauner (Microsoft). All Rights Reserved. # # FS QA Test 698 # # This's copied from generic/698, extend it to test overlayfs on top of idmapped # mounts specifically. # . ./common/preamble . ./common/overlay _begin_fstest auto quick perms attr idmapped mount # Override the default cleanup function. _cleanup() { cd / $UMOUNT_PROG $SCRATCH_MNT/target-mnt $UMOUNT_PROG $SCRATCH_MNT/ovl-merge 2>/dev/null $UMOUNT_PROG $SCRATCH_MNT 2>/dev/null rm -r -f $tmp.* } # real QA test starts here _supported_fs ^overlay _require_extra_fs overlay _require_scratch _require_chown _require_idmapped_mounts _require_test_program "vfs/mount-idmapped" _require_user fsgqa2 _require_group fsgqa2 # Do this SECOND so that qa_user is fsgqa, and _user_do uses that account _require_user fsgqa _require_group fsgqa user_foo=`id -u fsgqa` group_foo=`id -g fsgqa` user_bar=`id -u fsgqa2` group_bar=`id -g fsgqa2` setup_tree() { mkdir -p $SCRATCH_MNT/source-mnt chmod 0777 $SCRATCH_MNT/source-mnt touch $SCRATCH_MNT/source-mnt/file1 chown 65534:65534 $SCRATCH_MNT chown 65534:65534 $SCRATCH_MNT/source-mnt chown 65534:65535 $SCRATCH_MNT/source-mnt/file1 mkdir -p $SCRATCH_MNT/target-mnt chmod 0777 $SCRATCH_MNT/target-mnt } # Setup an idmapped mount where uid and gid 65534 are mapped to fsgqa and uid # and gid 65535 are mapped to fsgqa2. setup_idmapped_mnt() { $here/src/vfs/mount-idmapped \ --map-mount=u:65534:$user_foo:1 \ --map-mount=g:65534:$group_foo:1 \ --map-mount=u:65535:$user_bar:1 \ --map-mount=g:65535:$group_bar:1 \ $SCRATCH_MNT/source-mnt $SCRATCH_MNT/target-mnt } # We've created a layout where fsgqa owns the target file but the group of the # target file is owned by another group. We now test that user fsgqa can change # the group ownership of the file to a group they control. In this case to the # fsgqa group. change_group_ownership() { local path="$1" stat -c '%U:%G' $path _user_do "id -u --name; id -g --name; chgrp $group_foo $path" stat -c '%U:%G' $path _user_do "id -u --name; id -g --name; chgrp $group_bar $path > /dev/null 2>&1" stat -c '%U:%G' $path } lower="$SCRATCH_MNT/target-mnt" upper="$SCRATCH_MNT/ovl-upper" work="$SCRATCH_MNT/ovl-work" merge="$SCRATCH_MNT/ovl-merge" reset_ownership() { local path="$SCRATCH_MNT/source-mnt/file1" echo "" echo "reset ownership" chown 65534:65534 $path stat -c '%u:%g' $path chown 65534:65535 $path stat -c '%u:%g' $path } # Prepare overlayfs with metacopy turned off. setup_overlayfs_idmapped_lower_metacopy_off() { mkdir -p $upper $work $merge _overlay_mount_dirs $lower $upper $work \ overlay $merge -ometacopy=off || \ _notrun "overlayfs doesn't support idmappped layers" } # Prepare overlayfs with metacopy turned on. setup_overlayfs_idmapped_lower_metacopy_on() { mkdir -p $upper $work $merge _overlay_mount_dirs $lower $upper $work overlay $merge -ometacopy=on } reset_overlayfs() { $UMOUNT_PROG $SCRATCH_MNT/ovl-merge 2>/dev/null rm -rf $upper $work $merge } # Overlayfs can be mounted on top of idmapped layers. Make sure that the basic # test explained in the comment for change_group_ownership() passes with # overlayfs mounted on top of it. # This tests overlayfs with metacopy turned off, i.e., changing a file copies # up data and metadata. run_overlayfs_idmapped_lower_metacopy_off() { echo "" echo "overlayfs idmapped lower metacopy off" change_group_ownership "$SCRATCH_MNT/ovl-merge/file1" reset_overlayfs reset_ownership } # Overlayfs can be mounted on top of idmapped layers. Make sure that the basic # test explained in the comment for change_group_ownership() passes with # overlayfs mounted on top of it. # This tests overlayfs with metacopy turned on, i.e., changing a file tries to # only copy up metadata. run_overlayfs_idmapped_lower_metacopy_on() { echo "" echo "overlayfs idmapped lower metacopy on" change_group_ownership "$SCRATCH_MNT/ovl-merge/file1" reset_overlayfs reset_ownership } _scratch_mkfs >> $seqres.full _scratch_mount _supports_filetype $SCRATCH_MNT || _notrun "overlayfs test requires d_type" setup_tree setup_idmapped_mnt setup_overlayfs_idmapped_lower_metacopy_off run_overlayfs_idmapped_lower_metacopy_off setup_overlayfs_idmapped_lower_metacopy_on run_overlayfs_idmapped_lower_metacopy_on # success, all done status=0 exit