Re: [PATCH] generic/062: use more restrictive filter when querying for attributes

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]



On Mon, 2020-07-06 at 11:32 -0400, Jeff Layton wrote:
> Sometimes we can end up with unexpected xattrs showing up on an inode.
> For instance, on an SELinux-enabled host security.selinux may be set and
> show up in a listing even though we've never set it.
> 
> generic/062 lists out all of the xattrs on an inode in some cases, but
> it can't easily account for these "automatic" xattrs being set. Change
> it to use a more restrictive regex when filtering attributes, so that we
> just get the namespaces we're interested in.
> 
> Cc: Zorro Lang <zlang@xxxxxxxxxx>
> Signed-off-by: Jeff Layton <jlayton@xxxxxxxxxx>
> ---
>  tests/generic/062 | 10 ++++++----
>  1 file changed, 6 insertions(+), 4 deletions(-)
> 
> diff --git a/tests/generic/062 b/tests/generic/062
> index d2a0ac9a9a21..cab4b4faac7c 100755
> --- a/tests/generic/062
> +++ b/tests/generic/062
> @@ -77,8 +77,10 @@ invalid_attribute_filter() {
>  
>  if [ "$USE_ATTR_SECURE" = yes ]; then
>      ATTR_MODES="user security trusted"
> +    ATTR_FILTER="^(user|security|trusted)"
>  else
>      ATTR_MODES="user trusted"
> +    ATTR_FILTER="^(user|trusted)"

These should probably be a bit more restrictive so that we include the
'.' delimiter:

	ATTR_FILTER="^(user|trusted)\\."

I'll send that in a v2 once I give people a chance to comment on the
rest.

>  fi
>  for nsp in $ATTR_MODES; do
>  	for inode in reg dir lnk dev/b dev/c dev/p; do
> @@ -121,7 +123,7 @@ for nsp in $ATTR_MODES; do
>  		getfattr -m $nsp -e hex -n $nsp.name2 $SCRATCH_MNT/$inode 2>&1 | invalid_attribute_filter
>  
>  		echo "*** final list (strings, type=$inode, nsp=$nsp)"
> -		getfattr -m '.' -e hex $SCRATCH_MNT/$inode
> +		getfattr -m $ATTR_FILTER -e hex $SCRATCH_MNT/$inode
>  	
>  	done
>  done
> @@ -151,11 +153,11 @@ _extend_test_bed
>  
>  echo
>  echo "*** directory descent with us following symlinks"
> -getfattr -h -L -R -m '.' -e hex $SCRATCH_MNT | _sort_getfattr_output
> +getfattr -h -L -R -m $ATTR_FILTER -e hex $SCRATCH_MNT | _sort_getfattr_output
>  
>  echo
>  echo "*** directory descent without following symlinks"
> -getfattr -h -P -R -m '.' -e hex $SCRATCH_MNT | _sort_getfattr_output
> +getfattr -h -P -R -m "$ATTR_FILTER -e hex $SCRATCH_MNT | _sort_getfattr_output
>  
>  # 
>  # Test the backup/restore code
> @@ -168,7 +170,7 @@ _backup()
>  	# we *do* sort the output by path, since it otherwise would depend on
>  	# readdir order, which on some filesystems may change after re-creating
>  	# the files.
> -	_getfattr --absolute-names -dh -R -m '.' $SCRATCH_MNT | _sort_getfattr_output >$1
> +	_getfattr --absolute-names -dh -R -m $ATTR_FILTER $SCRATCH_MNT | _sort_getfattr_output >$1
>  	echo BACKUP $1 >>$seqres.full
>  	cat $1 >> $seqres.full
>  	[ ! -s $1 ] && echo "warning: $1 (backup file) is empty"

-- 
Jeff Layton <jlayton@xxxxxxxxxx>




[Index of Archives]     [Linux Filesystems Development]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux