blob: 24d7c9814c4fb7e72c10a1ad6841ed6eb878ed38 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
|
#! /bin/bash
# SPDX-License-Identifier: GPL-2.0
# Copyright (C) 2020 SUSE Linux Products GmbH. All Rights Reserved.
#
# FS QA Test 214
#
# Test if the file capabilities aren't lost after full and incremental send
#
. ./common/preamble
_begin_fstest auto quick send snapshot
_register_cleanup "cleanup"
. ./common/filter
_supported_fs btrfs
_require_scratch
_require_command "$SETCAP_PROG" setcap
_require_command "$GETCAP_PROG" getcap
FS1="$SCRATCH_MNT/fs1"
FS2="$SCRATCH_MNT/fs2"
cleanup()
{
cd /
rm -f $tmp.*
}
check_capabilities()
{
local file
local cap
local ret
file="$1"
cap="$2"
ret=$(_getcap "$file")
if [ -z "$ret" ]; then
echo "$ret"
echo "missing capability in file $file"
fi
if [[ "$ret" != *$cap* ]]; then
echo "$cap"
echo "Capabilities do not match. Output: $ret"
fi
}
setup()
{
_scratch_mkfs >/dev/null
_scratch_mount
$BTRFS_UTIL_PROG subvolume create "$FS1" > /dev/null
$BTRFS_UTIL_PROG subvolume create "$FS2" > /dev/null
}
full_nocap_inc_withcap_send()
{
local ret
setup
# Test full send containing a file without capabilities
touch "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_init" >/dev/null
$BTRFS_UTIL_PROG send "$FS1/snap_init" -q | $BTRFS_UTIL_PROG receive "$FS2" -q
# ensure that we don't have capabilities set
ret=$(_getcap "$FS2/snap_init/foo.bar")
if [ -n "$ret" ]; then
echo "File contains capabilities when it shouldn't"
fi
# Test if incremental send brings the newly added capability
$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc" >/dev/null
$BTRFS_UTIL_PROG send -p "$FS1/snap_init" "$FS1/snap_inc" -q | \
$BTRFS_UTIL_PROG receive "$FS2" -q
check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
_scratch_unmount
}
roundtrip_send()
{
local files
# files should include foo.bar
files="$1"
setup
# create files on fs1, must contain foo.bar
for f in $files; do
touch "$FS1/$f"
done
# Test full send, checking if the receiving side keeps the capabilities
$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_init" >/dev/null
$BTRFS_UTIL_PROG send "$FS1/snap_init" -q | $BTRFS_UTIL_PROG receive "$FS2" -q
check_capabilities "$FS2/snap_init/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
# Test incremental send with different owner/group but same capabilities
chgrp 100 "$FS1/foo.bar"
$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc" >/dev/null
check_capabilities "$FS1/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
$BTRFS_UTIL_PROG send -p "$FS1/snap_init" "$FS1/snap_inc" -q | \
$BTRFS_UTIL_PROG receive "$FS2" -q
check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
# Test capabilities after incremental send with different group and capabilities
chgrp 0 "$FS1/foo.bar"
$SETCAP_PROG "cap_sys_time+ep cap_syslog+ep" "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc2" >/dev/null
check_capabilities "$FS1/snap_inc2/foo.bar" "cap_sys_time,cap_syslog=ep"
$BTRFS_UTIL_PROG send -p "$FS1/snap_inc" "$FS1/snap_inc2" -q | \
$BTRFS_UTIL_PROG receive "$FS2" -q
check_capabilities "$FS2/snap_inc2/foo.bar" "cap_sys_time,cap_syslog=ep"
_scratch_unmount
}
echo "Test full send + file without capabilities, then incremental send bringing a new capability"
full_nocap_inc_withcap_send
echo "Testing if foo.bar alone can keep its capabilities"
roundtrip_send "foo.bar"
echo "Test foo.bar being the first item among other files"
roundtrip_send "foo.bar foo.bax foo.baz"
echo "Test foo.bar with objectid between two other files"
roundtrip_send "foo1 foo.bar foo3"
echo "Test foo.bar being the last item among other files"
roundtrip_send "foo1 foo2 foo.bar"
status=0
exit
|
