diff options
| author | Kevin Krakauer <krakauer@google.com> | 2021-02-10 17:43:25 -0800 |
|---|---|---|
| committer | gVisor bot <gvisor-bot@google.com> | 2021-02-10 17:45:18 -0800 |
| commit | 81ea0016e62318053f97ec714967047e6191fb2b (patch) | |
| tree | 36cffbaec97f79f8f06f442d28aba077f470b4be /test/syscalls | |
| parent | ff04d019e3d20adf0f5ef3146fa28d3b83a4819a (diff) | |
Support setgid directories in tmpfs and kernfs
PiperOrigin-RevId: 356868412
Diffstat (limited to 'test/syscalls')
| -rw-r--r-- | test/syscalls/BUILD | 6 | ||||
| -rw-r--r-- | test/syscalls/linux/setgid.cc | 15 |
2 files changed, 13 insertions, 8 deletions
diff --git a/test/syscalls/BUILD b/test/syscalls/BUILD index d6658898d..9adb1cea3 100644 --- a/test/syscalls/BUILD +++ b/test/syscalls/BUILD @@ -89,7 +89,7 @@ syscall_test( size = "medium", add_overlay = True, test = "//test/syscalls/linux:chown_test", - use_tmpfs = True, # chwon tests require gofer to be running as root. + use_tmpfs = True, # chown tests require gofer to be running as root. ) syscall_test( @@ -557,7 +557,11 @@ syscall_test( ) syscall_test( + add_overlay = True, test = "//test/syscalls/linux:setgid_test", + # setgid tests require the gofer's user namespace to have multiple groups, + # but bazel only provides one. + use_tmpfs = True, ) syscall_test( diff --git a/test/syscalls/linux/setgid.cc b/test/syscalls/linux/setgid.cc index bfd91ba4f..cd030b094 100644 --- a/test/syscalls/linux/setgid.cc +++ b/test/syscalls/linux/setgid.cc @@ -86,7 +86,7 @@ class SetgidDirTest : public ::testing::Test { original_gid_ = getegid(); // TODO(b/175325250): Enable when setgid directories are supported. - SKIP_IF(IsRunningOnGvisor()); + SKIP_IF(IsRunningWithVFS1()); SKIP_IF(!ASSERT_NO_ERRNO_AND_VALUE(HaveCapability(CAP_SETGID))); temp_dir_ = ASSERT_NO_ERRNO_AND_VALUE( @@ -305,9 +305,7 @@ struct FileModeTestcase { class FileModeTest : public ::testing::TestWithParam<FileModeTestcase> {}; TEST_P(FileModeTest, WriteToFile) { - // TODO(b/175325250): Enable when setgid directories are supported. - SKIP_IF(IsRunningOnGvisor()); - + SKIP_IF(IsRunningWithVFS1()); auto temp_dir = ASSERT_NO_ERRNO_AND_VALUE( TempPath::CreateDirWith(GetAbsoluteTestTmpdir(), 0777 /* mode */)); auto path = JoinPath(temp_dir.path(), GetParam().name); @@ -330,9 +328,7 @@ TEST_P(FileModeTest, WriteToFile) { } TEST_P(FileModeTest, TruncateFile) { - // TODO(b/175325250): Enable when setgid directories are supported. - SKIP_IF(IsRunningOnGvisor()); - + SKIP_IF(IsRunningWithVFS1()); auto temp_dir = ASSERT_NO_ERRNO_AND_VALUE( TempPath::CreateDirWith(GetAbsoluteTestTmpdir(), 0777 /* mode */)); auto path = JoinPath(temp_dir.path(), GetParam().name); @@ -343,6 +339,11 @@ TEST_P(FileModeTest, TruncateFile) { ASSERT_THAT(fstat(fd.get(), &stats), SyscallSucceeds()); EXPECT_EQ(stats.st_mode & kDirmodeMask, GetParam().mode); + // Write something to the file, as truncating an empty file is a no-op. + constexpr char c = 'M'; + ASSERT_THAT(write(fd.get(), &c, sizeof(c)), + SyscallSucceedsWithValue(sizeof(c))); + // For security reasons, truncating the file clears the SUID bit, and clears // the SGID bit when the group executable bit is unset (which is not a true // SGID binary). |