diff options
author | Craig Chi <craigchi@google.com> | 2020-07-31 15:56:18 -0700 |
---|---|---|
committer | Craig Chi <craigchi@google.com> | 2020-07-31 16:18:40 -0700 |
commit | e76c3c1064e2cb6ef79ea010705230a646369c49 (patch) | |
tree | 9c8340c82a161ca5268aa501b623fd1ac18b652c /test | |
parent | 987242716ad75af171467bed8c05154a54d0a484 (diff) |
Fix MountFuseFilesystem tests failing
Before kernel version 4.16-rc6, fuse mount is protected by
capable(CAP_SYS_ADMIN). After this version, it uses
ns_capable(CAP_SYS_ADMIN) to protect. Before the 4.16 kernel,
it was not allowed to mount fuse file systems without the
global CAP_SYS_ADMIN.
Fixes #3360
Diffstat (limited to 'test')
-rw-r--r-- | test/syscalls/linux/mount.cc | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/test/syscalls/linux/mount.cc b/test/syscalls/linux/mount.cc index 97e8d0f7e..46b6f38db 100644 --- a/test/syscalls/linux/mount.cc +++ b/test/syscalls/linux/mount.cc @@ -326,6 +326,14 @@ TEST(MountTest, MountFuseFilesystemNoDevice) { SKIP_IF(IsRunningOnGvisor() && !IsFUSEEnabled()); auto const dir = ASSERT_NO_ERRNO_AND_VALUE(TempPath::CreateDir()); + + // Before kernel version 4.16-rc6, FUSE mount is protected by + // capable(CAP_SYS_ADMIN). After this version, it uses + // ns_capable(CAP_SYS_ADMIN) to protect. Before the 4.16 kernel, it was not + // allowed to mount fuse file systems without the global CAP_SYS_ADMIN. + int res = mount("", dir.path().c_str(), "fuse", 0, ""); + SKIP_IF(!IsRunningOnGvisor() && res == -1 && errno == EPERM); + EXPECT_THAT(mount("", dir.path().c_str(), "fuse", 0, ""), SyscallFailsWithErrno(EINVAL)); } @@ -339,6 +347,12 @@ TEST(MountTest, MountFuseFilesystem) { std::string mopts = "fd=" + std::to_string(fd.get()); auto const dir = ASSERT_NO_ERRNO_AND_VALUE(TempPath::CreateDir()); + + // See comments in MountFuseFilesystemNoDevice for the reason why we skip + // EPERM when running on Linux. + int res = mount("", dir.path().c_str(), "fuse", 0, ""); + SKIP_IF(!IsRunningOnGvisor() && res == -1 && errno == EPERM); + auto const mount = ASSERT_NO_ERRNO_AND_VALUE(Mount("", dir.path(), "fuse", 0, mopts, 0)); } |