| #! /bin/bash |
| # FS QA Test No. 093 |
| # |
| # Test out for IRIX the removal of file capabilities when |
| # writing to the file (when it doesn't have CAP_FSETID & CAP_SETFCAP) |
| # i.e. not root. |
| # Test out fix for pv#901019 |
| # |
| #----------------------------------------------------------------------- |
| # Copyright (c) 2000-2004 Silicon Graphics, Inc. All Rights Reserved. |
| # |
| # This program is free software; you can redistribute it and/or |
| # modify it under the terms of the GNU General Public License as |
| # published by the Free Software Foundation. |
| # |
| # This program is distributed in the hope that it would be useful, |
| # but WITHOUT ANY WARRANTY; without even the implied warranty of |
| # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
| # GNU General Public License for more details. |
| # |
| # You should have received a copy of the GNU General Public License |
| # along with this program; if not, write the Free Software Foundation, |
| # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA |
| # |
| #----------------------------------------------------------------------- |
| # |
| # creator |
| owner=tes@sgi.com |
| |
| seq=`basename $0` |
| |
| here=`pwd` |
| tmp=/tmp/$$ |
| runas=$here/src/runas |
| status=1 # FAILure is the default! |
| trap "_cleanup; exit \$status" 0 1 2 3 15 |
| |
| # get standard environment, filters and checks |
| . ./common.rc |
| . ./common.filter |
| . ./common.attr |
| |
| _cleanup() |
| { |
| [ -n "$testdir" ] && rm -f $file |
| _cleanup_testdir |
| } |
| |
| _testfilter() |
| { |
| sed -e "s#$testdir#TESTDIR#g" |
| } |
| |
| _filefilter() |
| { |
| sed -e "s#$tmp##" -e "s#$file#file#" |
| } |
| |
| # real QA test starts here |
| _supported_fs generic |
| _supported_os IRIX |
| |
| _require_attrs |
| |
| [ -x $runas ] || _notrun "$runas executable not found" |
| |
| rm -f $seq.full |
| |
| _setup_testdir |
| _need_to_be_root |
| |
| echo "QA output created by $seq" |
| echo "" |
| file=$testdir/$seq.file |
| |
| user=`grep ':all=:all=' /etc/capability | tail -1 | $AWK_PROG -F: '{print $1}'` |
| uid=`_cat_passwd | grep $user | $AWK_PROG -F: '{print $3}'` |
| |
| cat >$tmp.append <<EOF |
| #!/bin/bash |
| echo data >>$file |
| EOF |
| chmod ugo+x $tmp.append |
| |
| echo "touch file" |
| touch $file |
| chmod ugo+w $file |
| |
| echo "chcap on file" |
| chcap CAP_CHOWN+p $file |
| |
| echo "ls -P on file" |
| ls -P $file | _testfilter |
| |
| echo "append to file as root" |
| $tmp.append |
| |
| echo "ls -P on file" |
| ls -P $file | _testfilter |
| |
| echo "cat file" |
| echo "----" |
| cat $file |
| echo "----" |
| |
| echo "append to file as user without caps" |
| # in particular user doesn't have FSETID or SETFCAP |
| $runas -u $uid $tmp.append |
| |
| echo "cat file" |
| echo "----" |
| cat $file |
| echo "----" |
| |
| echo "ls -P on file" |
| ls -P $file | _testfilter |
| |
| # try again when it doesn't have the EA |
| echo "append to file as user without caps a 2nd time" |
| $runas -u $uid $tmp.append |
| |
| echo "ls -P on file" |
| ls -P $file | _testfilter |
| |
| echo "cat file" |
| echo "----" |
| cat $file |
| echo "----" |
| |
| echo "only let root write to file" |
| chmod 700 $file |
| chown root $file |
| |
| echo "as non-root try to append to file" |
| $runas -u $uid $tmp.append 2>&1 | _filefilter |
| |
| echo "restore perms on file" |
| chmod 777 $file |
| |
| echo "set a root EA on file" |
| ${ATTR_PROG} -R -s test -V testval $file | _filefilter |
| |
| echo "list EA on file" |
| ${ATTR_PROG} -R -l $file | _filefilter |
| |
| echo "as non-root try to append to file" |
| $runas -u $uid $tmp.append 2>&1 | _filefilter |
| |
| echo "list EA on file" |
| ${ATTR_PROG} -R -l $file | _filefilter |
| |
| chown $uid $file |
| chmod ugo+w $testdir |
| echo "as non-root call writemod" |
| $runas -u $uid src/writemod $file 2>&1 | _filefilter |
| |
| echo "cat file" |
| echo "----" |
| cat $file |
| echo "----" |
| |
| # success, all done |
| status=0 |
| exit |