On Tue, Jun 14, 2022 at 12:25:16PM +0800, Zorro Lang wrote:
> On Mon, Jun 13, 2022 at 05:23:14PM +0200, Christian Brauner wrote:
> > When group ownership is changed a caller whose fsuid owns the inode can
> > change the group of the inode to any group they are a member of. When
> > searching through the caller's groups we failed to use the gid mapped
> > according to the idmapped mount otherwise we fail to change ownership.
> > Add a test for this.
> >
> > Cc: Seth Forshee <sforshee@xxxxxxxxxxxxxxxx>
> > Cc: Christoph Hellwig <hch@xxxxxx>
> > Cc: Aleksa Sarai <cyphar@xxxxxxxxxx>
> > Cc: <fstests@xxxxxxxxxxxxxxx>
> > Signed-off-by: Christian Brauner (Microsoft) <brauner@xxxxxxxxxx>
> > ---
>
> Thanks for this test, a few of small review points as below ...
Thanks for the review!
>
> > tests/generic/692 | 74 +++++++++++++++++++++++++++++++++++++++++++
> > tests/generic/692.out | 3 ++
> > 2 files changed, 77 insertions(+)
> > create mode 100755 tests/generic/692
> > create mode 100644 tests/generic/692.out
> >
> > diff --git a/tests/generic/692 b/tests/generic/692
> > new file mode 100755
> > index 00000000..825c836a
> > --- /dev/null
> > +++ b/tests/generic/692
> > @@ -0,0 +1,74 @@
> > +#! /bin/bash
> > +# SPDX-License-Identifier: GPL-2.0
> > +# Copyright (c) 2022 Christian Brauner (Microsoft). All Rights Reserved.
> > +#
> > +# FS QA Test 692
> > +#
> > +# Test that users can changed group ownership of a file they own to a group
> > +# they are a member of.
> > +#
> > +# Regression test for commit:
> > +#
> > +# 263de29d8397 ("fs: account for group membership")
> > +#
> > +. ./common/preamble
> > +_begin_fstest auto quick perms attr idmapped mount
> > +
> > +# Override the default cleanup function.
> > +_cleanup()
> > +{
> > + cd /
> > + $UMOUNT_PROG $TEST_DIR/target-mnt
>
> Do you need to filter out the errors by "2>/dev/null"?
Yeah, good idea.
>
> > + rm -r -f $tmp.*
> > +}
> > +
> > +# Import common functions.
> > +# . ./common/filter
>
> I think you didn't use any filter, right? If so, this can be removed.
Removed.
>
> > +
> > +# real QA test starts here
> > +
> > +# Modify as appropriate.
> ^^^
> This line can be removed too.
Removed.
>
> > +_supported_fs generic
> > +_require_test
> > +_require_chown
> > +_require_idmapped_mounts
> > +_require_user fsgqa
> > +_require_group fsgqa
> > +_require_group fsgqa2
> > +
> > +uqid=`id -u fsgqa`
> > +gqid=`id -g fsgqa`
> > +uqid2=`id -u fsgqa2`
> > +gqid2=`id -g fsgqa2`
> > +
> > +setup_tree()
> > +{
> > + mkdir -p $TEST_DIR/source-mnt
> > + chmod 0777 $TEST_DIR/source-mnt
> > + touch $TEST_DIR/source-mnt/dir1
> > + chown 65534:65534 $TEST_DIR/source-mnt
> > + chown 65534:65535 $TEST_DIR/source-mnt/dir1
> > +
> > + mkdir -p $TEST_DIR/target-mnt
> > + chmod 0777 $TEST_DIR/target-mnt
> > +}
> > +
> > +setup_idmapped_mnt()
> > +{
> > + $here/src/vfs/mount-idmapped \
>
> You might need:
> _require_test_program "vfs/mount-idmapped"
>
> due to _require_idmapped_mounts doesn't guarantee that.
Yes, good point!
Thanks!
Christian
