diff options
| author | Christian Brauner <brauner@kernel.org> | 2022-06-11 12:47:15 +0200 |
|---|---|---|
| committer | Christian Brauner (Microsoft) <brauner@kernel.org> | 2022-06-13 17:07:15 +0200 |
| commit | 8c9faf9ddb4436d19802ef6632241115933acb1f (patch) | |
| tree | 6f78f29b693a12a3a33b3d9406bf60d9f5e0c7fd | |
| parent | 568ac9fffeb6afec03e5d6c9936617232fd7fc6d (diff) | |
| download | xfstests-dev-fs.idmapped.group.fix.v1.tar.gz | |
generic/692: test group ownership changefs.idmapped.group.fix.v1
When group ownership is changed a caller whose fsuid owns the inode can
change the group of the inode to any group they are a member of. When
searching through the caller's groups we failed to use the gid mapped
according to the idmapped mount otherwise we fail to change ownership.
Add a test for this.
Cc: Seth Forshee <sforshee@digitalocean.com>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Aleksa Sarai <cyphar@cyphar.com>
Cc: <fstests@vger.kernel.org>
Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
| -rwxr-xr-x | tests/generic/692 | 74 | ||||
| -rw-r--r-- | tests/generic/692.out | 3 |
2 files changed, 77 insertions, 0 deletions
diff --git a/tests/generic/692 b/tests/generic/692 new file mode 100755 index 0000000000..825c836a0d --- /dev/null +++ b/tests/generic/692 @@ -0,0 +1,74 @@ +#! /bin/bash +# SPDX-License-Identifier: GPL-2.0 +# Copyright (c) 2022 Christian Brauner (Microsoft). All Rights Reserved. +# +# FS QA Test 692 +# +# Test that users can changed group ownership of a file they own to a group +# they are a member of. +# +# Regression test for commit: +# +# 263de29d8397 ("fs: account for group membership") +# +. ./common/preamble +_begin_fstest auto quick perms attr idmapped mount + +# Override the default cleanup function. +_cleanup() +{ + cd / + $UMOUNT_PROG $TEST_DIR/target-mnt + rm -r -f $tmp.* +} + +# Import common functions. +# . ./common/filter + +# real QA test starts here + +# Modify as appropriate. +_supported_fs generic +_require_test +_require_chown +_require_idmapped_mounts +_require_user fsgqa +_require_group fsgqa +_require_group fsgqa2 + +uqid=`id -u fsgqa` +gqid=`id -g fsgqa` +uqid2=`id -u fsgqa2` +gqid2=`id -g fsgqa2` + +setup_tree() +{ + mkdir -p $TEST_DIR/source-mnt + chmod 0777 $TEST_DIR/source-mnt + touch $TEST_DIR/source-mnt/dir1 + chown 65534:65534 $TEST_DIR/source-mnt + chown 65534:65535 $TEST_DIR/source-mnt/dir1 + + mkdir -p $TEST_DIR/target-mnt + chmod 0777 $TEST_DIR/target-mnt +} + +setup_idmapped_mnt() +{ + $here/src/vfs/mount-idmapped \ + --map-mount=u:65534:$uqid:1 \ + --map-mount=g:65534:$gqid:1 \ + --map-mount=u:65535:$uqid2:1 \ + --map-mount=g:65535:$gqid2:1 \ + $TEST_DIR/source-mnt $TEST_DIR/target-mnt +} + +setup_tree +setup_idmapped_mnt +stat -c '%U:%G' "$TEST_DIR/target-mnt/dir1" +_user_do "chgrp $gqid $TEST_DIR/target-mnt/dir1" +stat -c '%U:%G' "$TEST_DIR/target-mnt/dir1" + +# success, all done +status=0 +exit diff --git a/tests/generic/692.out b/tests/generic/692.out new file mode 100644 index 0000000000..c963f7f43a --- /dev/null +++ b/tests/generic/692.out @@ -0,0 +1,3 @@ +QA output created by 692 +fsgqa:fsgqa2 +fsgqa:fsgqa |