diff options
author | Kevin Krakauer <krakauer@google.com> | 2021-03-23 15:40:17 -0700 |
---|---|---|
committer | gVisor bot <gvisor-bot@google.com> | 2021-03-23 15:42:12 -0700 |
commit | 92374e51976c8a47e4705943f73cecbc6a27073b (patch) | |
tree | 5f267314a82b8dbdc4638c8eb1e2c5b062890ca0 /test/syscalls | |
parent | acb4c62885629d6d3ee977b93c27282abed0b33f (diff) |
setgid directory support in goferfs
Also adds support for clearing the setuid bit when appropriate (writing,
truncating, changing size, changing UID, or changing GID).
VFS2 only.
PiperOrigin-RevId: 364661835
Diffstat (limited to 'test/syscalls')
-rw-r--r-- | test/syscalls/linux/setgid.cc | 21 |
1 files changed, 14 insertions, 7 deletions
diff --git a/test/syscalls/linux/setgid.cc b/test/syscalls/linux/setgid.cc index 163242ace..98f8f3dfe 100644 --- a/test/syscalls/linux/setgid.cc +++ b/test/syscalls/linux/setgid.cc @@ -126,14 +126,15 @@ class SetgidDirTest : public ::testing::Test { SKIP_IF(IsRunningWithVFS1()); - temp_dir_ = ASSERT_NO_ERRNO_AND_VALUE( - TempPath::CreateDirWith(GetAbsoluteTestTmpdir(), 0777 /* mode */)); - // If we can't find two usable groups, we're in an unsupporting environment. // Skip the test. PosixErrorOr<std::pair<gid_t, gid_t>> groups = Groups(); SKIP_IF(!groups.ok()); groups_ = groups.ValueOrDie(); + + auto cleanup = Setegid(groups_.first); + temp_dir_ = ASSERT_NO_ERRNO_AND_VALUE( + TempPath::CreateDirWith(GetAbsoluteTestTmpdir(), 0777 /* mode */)); } void TearDown() override { @@ -348,6 +349,10 @@ class FileModeTest : public ::testing::TestWithParam<FileModeTestcase> {}; TEST_P(FileModeTest, WriteToFile) { SKIP_IF(IsRunningWithVFS1()); + PosixErrorOr<std::pair<gid_t, gid_t>> groups = Groups(); + SKIP_IF(!groups.ok()); + + auto cleanup = Setegid(groups.ValueOrDie().first); auto temp_dir = ASSERT_NO_ERRNO_AND_VALUE( TempPath::CreateDirWith(GetAbsoluteTestTmpdir(), 0777 /* mode */)); auto path = JoinPath(temp_dir.path(), GetParam().name); @@ -371,26 +376,28 @@ TEST_P(FileModeTest, WriteToFile) { TEST_P(FileModeTest, TruncateFile) { SKIP_IF(IsRunningWithVFS1()); + PosixErrorOr<std::pair<gid_t, gid_t>> groups = Groups(); + SKIP_IF(!groups.ok()); + + auto cleanup = Setegid(groups.ValueOrDie().first); auto temp_dir = ASSERT_NO_ERRNO_AND_VALUE( TempPath::CreateDirWith(GetAbsoluteTestTmpdir(), 0777 /* mode */)); auto path = JoinPath(temp_dir.path(), GetParam().name); FileDescriptor fd = ASSERT_NO_ERRNO_AND_VALUE(Open(path.c_str(), O_CREAT | O_RDWR, 0666)); - ASSERT_THAT(fchmod(fd.get(), GetParam().mode), SyscallSucceeds()); - struct stat stats; - ASSERT_THAT(fstat(fd.get(), &stats), SyscallSucceeds()); - EXPECT_EQ(stats.st_mode & kDirmodeMask, GetParam().mode); // Write something to the file, as truncating an empty file is a no-op. constexpr char c = 'M'; ASSERT_THAT(write(fd.get(), &c, sizeof(c)), SyscallSucceedsWithValue(sizeof(c))); + ASSERT_THAT(fchmod(fd.get(), GetParam().mode), SyscallSucceeds()); // For security reasons, truncating the file clears the SUID bit, and clears // the SGID bit when the group executable bit is unset (which is not a true // SGID binary). ASSERT_THAT(ftruncate(fd.get(), 0), SyscallSucceeds()); + struct stat stats; ASSERT_THAT(fstat(fd.get(), &stats), SyscallSucceeds()); EXPECT_EQ(stats.st_mode & kDirmodeMask, GetParam().result_mode); } |