On Tue, May 25, 2021 at 02:34:22PM +0100, David Howells wrote: > The AFS filesystem has its own distributed permission management system > that's based on a per-cell user and group database used in conjunction with > ACLs. The user is determined by the authentication token acquired from the > kaserver or Kerberos, not by the local fsuid/fsgid. For the most part, the > uid, gid and mask on a file are ignored. > > The generic/123 and generic/128 tests check that the UNIX permission bits do > what would normally be expected of them - but this fails on AFS. Using "su" > to change the user is not effective on AFS. Instead, "keyctl session" would > need to be used and an alternative authentication token would need to be > obtained. > > Provide a "_require_unix_perm_checking" clause so that these tests can be > suppressed in cases such as AFS. > > Signed Looks ok, Reviewed (I'll send the rest when the remainder of the SoB comes in. :P) --D > --- > > common/rc | 9 +++++++++ > doc/requirement-checking.txt | 8 ++++++++ > tests/generic/123 | 1 + > tests/generic/128 | 1 + > 4 files changed, 19 insertions(+) > > diff --git a/common/rc b/common/rc > index a04433da..e25967d9 100644 > --- a/common/rc > +++ b/common/rc > @@ -4631,6 +4631,15 @@ _require_use_local_uidgid() > esac > } > > +_require_unix_perm_checking() > +{ > + case $FSTYP in > + afs) > + _notrun "$FSTYP doesn't perform traditional UNIX perm checking" > + ;; > + esac > +} > + > init_rc > > ################################################################################ > diff --git a/doc/requirement-checking.txt b/doc/requirement-checking.txt > index c945e16a..9be7a84c 100644 > --- a/doc/requirement-checking.txt > +++ b/doc/requirement-checking.txt > @@ -20,6 +20,7 @@ they have. This is done with _require_<xxx> macros, which may take parameters. > _has_mknod > _require_sgid_inheritance > _require_use_local_uidgid > + _require_unix_perm_checking > > (3) System call requirements. > > @@ -121,6 +122,13 @@ _require_use_local_uidgid > filesystems, for example, may choose other settings or not even have these > concepts available. The test will be skipped if not supported. > > +_require_unix_perm_checking > + > + The test requires that the $TEST_DEV filesystem performs traditional UNIX > + file permissions checking. A remote filesystem, for example, might use > + some alternative distributed permissions model involving authentication > + tokens rather than the local fsuid/fsgid. > + > > ======================== > SYSTEM CALL REQUIREMENTS > diff --git a/tests/generic/123 b/tests/generic/123 > index d2362e72..99ee4b9b 100755 > --- a/tests/generic/123 > +++ b/tests/generic/123 > @@ -33,6 +33,7 @@ _supported_fs generic > > _require_test > _require_user > +_require_unix_perm_checking > > my_test_subdir=$TEST_DIR/123subdir > > diff --git a/tests/generic/128 b/tests/generic/128 > index c1eae77a..91fdca1e 100755 > --- a/tests/generic/128 > +++ b/tests/generic/128 > @@ -25,6 +25,7 @@ _supported_fs generic > _require_scratch > _require_user > _require_chmod > +_require_unix_perm_checking > > _scratch_mkfs >/dev/null 2>&1 > _scratch_mount "-o nosuid" > >