From 81ea0016e62318053f97ec714967047e6191fb2b Mon Sep 17 00:00:00 2001 From: Kevin Krakauer Date: Wed, 10 Feb 2021 17:43:25 -0800 Subject: Support setgid directories in tmpfs and kernfs PiperOrigin-RevId: 356868412 --- test/syscalls/BUILD | 6 +++++- test/syscalls/linux/setgid.cc | 15 ++++++++------- 2 files changed, 13 insertions(+), 8 deletions(-) (limited to 'test/syscalls') diff --git a/test/syscalls/BUILD b/test/syscalls/BUILD index d6658898d..9adb1cea3 100644 --- a/test/syscalls/BUILD +++ b/test/syscalls/BUILD @@ -89,7 +89,7 @@ syscall_test( size = "medium", add_overlay = True, test = "//test/syscalls/linux:chown_test", - use_tmpfs = True, # chwon tests require gofer to be running as root. + use_tmpfs = True, # chown tests require gofer to be running as root. ) syscall_test( @@ -557,7 +557,11 @@ syscall_test( ) syscall_test( + add_overlay = True, test = "//test/syscalls/linux:setgid_test", + # setgid tests require the gofer's user namespace to have multiple groups, + # but bazel only provides one. + use_tmpfs = True, ) syscall_test( diff --git a/test/syscalls/linux/setgid.cc b/test/syscalls/linux/setgid.cc index bfd91ba4f..cd030b094 100644 --- a/test/syscalls/linux/setgid.cc +++ b/test/syscalls/linux/setgid.cc @@ -86,7 +86,7 @@ class SetgidDirTest : public ::testing::Test { original_gid_ = getegid(); // TODO(b/175325250): Enable when setgid directories are supported. - SKIP_IF(IsRunningOnGvisor()); + SKIP_IF(IsRunningWithVFS1()); SKIP_IF(!ASSERT_NO_ERRNO_AND_VALUE(HaveCapability(CAP_SETGID))); temp_dir_ = ASSERT_NO_ERRNO_AND_VALUE( @@ -305,9 +305,7 @@ struct FileModeTestcase { class FileModeTest : public ::testing::TestWithParam {}; TEST_P(FileModeTest, WriteToFile) { - // TODO(b/175325250): Enable when setgid directories are supported. - SKIP_IF(IsRunningOnGvisor()); - + SKIP_IF(IsRunningWithVFS1()); auto temp_dir = ASSERT_NO_ERRNO_AND_VALUE( TempPath::CreateDirWith(GetAbsoluteTestTmpdir(), 0777 /* mode */)); auto path = JoinPath(temp_dir.path(), GetParam().name); @@ -330,9 +328,7 @@ TEST_P(FileModeTest, WriteToFile) { } TEST_P(FileModeTest, TruncateFile) { - // TODO(b/175325250): Enable when setgid directories are supported. - SKIP_IF(IsRunningOnGvisor()); - + SKIP_IF(IsRunningWithVFS1()); auto temp_dir = ASSERT_NO_ERRNO_AND_VALUE( TempPath::CreateDirWith(GetAbsoluteTestTmpdir(), 0777 /* mode */)); auto path = JoinPath(temp_dir.path(), GetParam().name); @@ -343,6 +339,11 @@ TEST_P(FileModeTest, TruncateFile) { ASSERT_THAT(fstat(fd.get(), &stats), SyscallSucceeds()); EXPECT_EQ(stats.st_mode & kDirmodeMask, GetParam().mode); + // Write something to the file, as truncating an empty file is a no-op. + constexpr char c = 'M'; + ASSERT_THAT(write(fd.get(), &c, sizeof(c)), + SyscallSucceedsWithValue(sizeof(c))); + // For security reasons, truncating the file clears the SUID bit, and clears // the SGID bit when the group executable bit is unset (which is not a true // SGID binary). -- cgit v1.2.3