[xfstests] generic/317: Use relative paths to avoid traversal permission problems
diff mbox series

Message ID 1572513557-112797-1-git-send-email-chengzhihao1@huawei.com
State New
Headers show
Series
  • [xfstests] generic/317: Use relative paths to avoid traversal permission problems
Related show

Commit Message

Zhihao Cheng Oct. 31, 2019, 9:19 a.m. UTC
generic/317 will fail because execvp(cmd) is executed without permission,
where cmd is '$here/src/lstat64 $file', which is called by
  $here/src/nsexec -s -U -M "0 $qa_user_id 1000" -G "0 $qa_user_id 1000"\
  $here/src/lstat64 $file

So, you will see following output:
  From user_ns
  ...
  +execvp: Permission denied

nsexec runs the instruction '$here/src/lstat64 $file' as a regular user,
the regular user may not have permission to access path in '$here'.

Actually, it has been fixed in 4818302fbf ("xfstests: generic/317 use
relative paths..."), which then been modified by b7cecbea22 ("fstests:
Add path $here before src/<file>").

Fixes: b7cecbea22 ("fstests: Add path $here before src/<file>")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
---
 tests/generic/317 | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Patch
diff mbox series

diff --git a/tests/generic/317 b/tests/generic/317
index 509887d..8ea9d81 100755
--- a/tests/generic/317
+++ b/tests/generic/317
@@ -61,7 +61,10 @@  _print_numeric_uid()
     $here/src/lstat64 $file |head -3 |_filter_output
 
     echo "From user_ns"
-    $here/src/nsexec -s -U -M "0 $qa_user_id 1000" -G "0 $qa_user_id 1000" $here/src/lstat64 $file |head -3 |_filter_output
+    # don't use $here/src/lstat64, as we're running cmd(src/lstat64) in
+    # nsexec as a regular user, and $here may contain path component that
+    # a regular user doesn't have search permission
+    $here/src/nsexec -s -U -M "0 $qa_user_id 1000" -G "0 $qa_user_id 1000" src/lstat64 $file |head -3 |_filter_output
 }
 
 _scratch_unmount >/dev/null 2>&1