diff mbox

btrfs: should add a permission check for setfacl

Message ID 4BFA1F03.6030909@cn.fujitsu.com (mailing list archive)
State New, archived
Headers show

Commit Message

Shi Weihua May 24, 2010, 6:38 a.m. UTC 
None
diff mbox

Patch

diff -urpN xfstests.orig.229/230 xfstests/230
--- xfstests.orig.229/230	1970-01-01 08:00:00.000000000 +0800
+++ xfstests/230	2010-05-28 14:27:02.000000000 +0800
@@ -0,0 +1,80 @@ 
+#! /bin/bash
+# FS QA Test No. 230
+#
+# Check user B can setfacl a file which belongs to user A
+# See also http://marc.info/?l=linux-btrfs&m=127434445620298&w=2
+#
+#-----------------------------------------------------------------------
+# Copyright (c) 2010 FUJITSU LIMITED. All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it would be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write the Free Software Foundation,
+# Inc.,  51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
+#
+#-----------------------------------------------------------------------
+#
+# creator
+owner=shiwh@cn.fujitsu.com
+
+seq=`basename $0`
+echo "QA output created by $seq"
+
+here=`pwd`
+tmp=/tmp/$$
+runas=$here/src/runas
+status=1        # FAILure is the default!
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+# get standard environment, filters and checks
+. ./common.rc
+. ./common.filter
+. ./common.attr
+
+_cleanup()
+{
+	cd /
+	rm -f $tmp.*
+	[ -n "$testdir" ] && rm -rf $testdir/$seq.dir1
+	_cleanup_testdir
+}
+
+# real QA test starts here
+_supported_fs generic
+# only Linux supports fallocate
+_supported_os Linux
+
+[ -x $runas ] || _notrun "$runas executable not found"
+
+rm -f $seq.full
+
+_setup_testdir
+
+_need_to_be_root
+_acl_setup_ids
+_require_acls
+
+# get dir
+cd $testdir
+rm -rf $seq.dir1
+mkdir $seq.dir1
+cd $seq.dir1
+
+touch file1
+chown $acl1.$acl1 file1
+
+echo "Expect to FAIL"
+$runas -u $acl2 -g $acl2 -- `which setfacl` -m u::rwx file1 2>&1
+
+echo "Test over."
+# success, all done
+status=0
+exit
diff -urpN xfstests.orig.229/230.out xfstests/230.out
--- xfstests.orig.229/230.out	1970-01-01 08:00:00.000000000 +0800
+++ xfstests/230.out	2010-05-28 14:27:05.000000000 +0800
@@ -0,0 +1,4 @@ 
+QA output created by 230
+Expect to FAIL
+setfacl: file1: Operation not permitted
+Test over.
diff -urpN xfstests.orig.229/group xfstests/group
--- xfstests.orig.229/group	2010-05-28 11:29:31.000000000 +0800
+++ xfstests/group	2010-05-28 14:26:48.000000000 +0800
@@ -343,3 +343,4 @@  deprecated
 227 auto fsr
 228 rw auto prealloc quick
 229 auto
+230 acl auto