On Thu, Mar 17, 2022 at 08:30:38AM -0700, Darrick J. Wong wrote:
> On Thu, Mar 17, 2022 at 06:08:42PM +0800, bxue@xxxxxxxxxx wrote:
> > From: Boyang Xue <bxue@xxxxxxxxxx>
> >
>
> Er... what does this patch do, and why?
I think he's trying to avoid this failure on NFS:
# setcap cap_net_raw=eip /mnt/nfs/file
Failed to set capabilities on file `/mnt/nfs/file' (Operation not supported)
NFS doesn't support capabilities for long time, some other filesystems
might have same problem. So maybe we can have a helper [1], then call it as:
_require_capabilities
or
_require_capabilities cap_setuid cap_setgid
And test cases need capabilites as [2], I think we can add this requirement
in generic test at least (or all of them). What do you think?
Thanks,
Zorro
[1]
_require_capabilities()
{
local capabilities=$*
local tmp=`mktemp -u $TEST_DIR/capbility-XXXXXX`
# Try all capabilities by default
if [ -z "$capabilities" ];then
capabilities="all"
fi
_require_command "$SETCAP_PROG" setcap
rm -f $tmp.test
rm -f $tmp.out
for cap in $capabilities; do
touch $tmp.test
$SETCAP_PROG ${cap}=eip $tmp.test > $tmp.out 2>&1
cat $tmp.out >> $seqres.full
if grep -q 'Operation not supported' $tmp.out; then
_notrun "Filesystem $FSTYP does not support to set $cap capability"
fi
if grep -q 'Invalid argument' $tmp.out; then
_notrun "Capability $cap might not be supported by current system"
fi
rm -f $tmp.out
rm -f $tmp.test
done
}
[2]
[zorro@zlang-laptop xfstests-dev]$ grep -rsni SETCAP tests/
tests/btrfs/214:19:_require_command "$SETCAP_PROG" setcap
tests/btrfs/214:75: $SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
tests/btrfs/214:99: $SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
tests/btrfs/214:106: $SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
tests/btrfs/214:115: $SETCAP_PROG "cap_sys_time+ep cap_syslog+ep" "$FS1/foo.bar"
tests/btrfs/235:29:_require_command "$SETCAP_PROG" setcap
tests/btrfs/235:48:$SETCAP_PROG cap_net_raw=p $SCRATCH_MNT/foo
tests/btrfs/235:67:$SETCAP_PROG cap_net_raw=p $SCRATCH_MNT/bar
tests/btrfs/235:71:$SETCAP_PROG cap_sys_nice=ep $SCRATCH_MNT/foo2
tests/overlay/064:18:_require_command "$SETCAP_PROG" setcap
tests/overlay/064:31:$SETCAP_PROG cap_setuid+ep ${lowerdir}/file1
tests/overlay/064:32:$SETCAP_PROG cap_setuid+ep ${lowerdir}/file2
tests/xfs/296:29:_require_command "$SETCAP_PROG" setcap
tests/xfs/296:39:$SETCAP_PROG cap_setgid,cap_setuid+ep $dump_dir/testfile
tests/generic/675:22:_require_command "$SETCAP_PROG" setcap
tests/generic/675:34: $SETCAP_PROG cap_setgid,cap_setuid+ep $SCRATCH_MNT/a
tests/generic/513:20:_require_command "$SETCAP_PROG" setcap
tests/generic/513:28:$SETCAP_PROG cap_setgid,cap_setuid+ep $SCRATCH_MNT/bar
tests/generic/093:35:_require_command "$SETCAP_PROG" "setcap"
tests/generic/093:45:$SETCAP_PROG cap_chown+ep $file
tests/generic/093:53:$SETCAP_PROG cap_chown+ep $file
tests/generic/270:31: $SETCAP_PROG cap_chown=epi $tmp.fsstress.bin
tests/generic/270:60:_require_command "$SETCAP_PROG" setcap
>
> --D
>
> > Signed-off-by: Boyang Xue <bxue@xxxxxxxxxx>
> > ---
> > tests/generic/513 | 2 ++
> > tests/generic/675 | 2 ++
> > 2 files changed, 4 insertions(+)
> >
> > diff --git a/tests/generic/513 b/tests/generic/513
> > index dc082787..6e897fa0 100755
> > --- a/tests/generic/513
> > +++ b/tests/generic/513
> > @@ -12,10 +12,12 @@ _begin_fstest auto quick clone
> > # Import common functions.
> > . ./common/filter
> > . ./common/reflink
> > +. ./common/attr
> >
> > # real QA test starts here
> > _supported_fs generic
> > _require_scratch_reflink
> > +_require_attrs security
> > _require_command "$GETCAP_PROG" getcap
> > _require_command "$SETCAP_PROG" setcap
> >
> > diff --git a/tests/generic/675 b/tests/generic/675
> > index 23b7e545..311860dc 100755
> > --- a/tests/generic/675
> > +++ b/tests/generic/675
> > @@ -12,12 +12,14 @@ _begin_fstest auto clone quick
> > # Import common functions.
> > . ./common/filter
> > . ./common/reflink
> > +. ./common/attr
> >
> > # real QA test starts here
> >
> > # Modify as appropriate.
> > _supported_fs generic
> > _require_user
> > +_require_attrs security
> > _require_command "$GETCAP_PROG" getcap
> > _require_command "$SETCAP_PROG" setcap
> > _require_scratch_reflink
> > --
> > 2.27.0
> >
>
