* [PATCH] generic/062: use more restrictive filter when querying for attributes
@ 2020-07-06 15:32 Jeff Layton
2020-07-06 16:09 ` Jeff Layton
0 siblings, 1 reply; 2+ messages in thread
From: Jeff Layton @ 2020-07-06 15:32 UTC (permalink / raw)
To: fstests; +Cc: zlang
Sometimes we can end up with unexpected xattrs showing up on an inode.
For instance, on an SELinux-enabled host security.selinux may be set and
show up in a listing even though we've never set it.
generic/062 lists out all of the xattrs on an inode in some cases, but
it can't easily account for these "automatic" xattrs being set. Change
it to use a more restrictive regex when filtering attributes, so that we
just get the namespaces we're interested in.
Cc: Zorro Lang <zlang@redhat.com>
Signed-off-by: Jeff Layton <jlayton@kernel.org>
---
tests/generic/062 | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/tests/generic/062 b/tests/generic/062
index d2a0ac9a9a21..cab4b4faac7c 100755
--- a/tests/generic/062
+++ b/tests/generic/062
@@ -77,8 +77,10 @@ invalid_attribute_filter() {
if [ "$USE_ATTR_SECURE" = yes ]; then
ATTR_MODES="user security trusted"
+ ATTR_FILTER="^(user|security|trusted)"
else
ATTR_MODES="user trusted"
+ ATTR_FILTER="^(user|trusted)"
fi
for nsp in $ATTR_MODES; do
for inode in reg dir lnk dev/b dev/c dev/p; do
@@ -121,7 +123,7 @@ for nsp in $ATTR_MODES; do
getfattr -m $nsp -e hex -n $nsp.name2 $SCRATCH_MNT/$inode 2>&1 | invalid_attribute_filter
echo "*** final list (strings, type=$inode, nsp=$nsp)"
- getfattr -m '.' -e hex $SCRATCH_MNT/$inode
+ getfattr -m $ATTR_FILTER -e hex $SCRATCH_MNT/$inode
done
done
@@ -151,11 +153,11 @@ _extend_test_bed
echo
echo "*** directory descent with us following symlinks"
-getfattr -h -L -R -m '.' -e hex $SCRATCH_MNT | _sort_getfattr_output
+getfattr -h -L -R -m "$ATTR_FILTER" -e hex $SCRATCH_MNT | _sort_getfattr_output
echo
echo "*** directory descent without following symlinks"
-getfattr -h -P -R -m '.' -e hex $SCRATCH_MNT | _sort_getfattr_output
+getfattr -h -P -R -m "$ATTR_FILTER" -e hex $SCRATCH_MNT | _sort_getfattr_output
#
# Test the backup/restore code
@@ -168,7 +170,7 @@ _backup()
# we *do* sort the output by path, since it otherwise would depend on
# readdir order, which on some filesystems may change after re-creating
# the files.
- _getfattr --absolute-names -dh -R -m '.' $SCRATCH_MNT | _sort_getfattr_output >$1
+ _getfattr --absolute-names -dh -R -m $ATTR_FILTER $SCRATCH_MNT | _sort_getfattr_output >$1
echo BACKUP $1 >>$seqres.full
cat $1 >> $seqres.full
[ ! -s $1 ] && echo "warning: $1 (backup file) is empty"
--
2.26.2
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] generic/062: use more restrictive filter when querying for attributes
2020-07-06 15:32 [PATCH] generic/062: use more restrictive filter when querying for attributes Jeff Layton
@ 2020-07-06 16:09 ` Jeff Layton
0 siblings, 0 replies; 2+ messages in thread
From: Jeff Layton @ 2020-07-06 16:09 UTC (permalink / raw)
To: fstests; +Cc: zlang
On Mon, 2020-07-06 at 11:32 -0400, Jeff Layton wrote:
> Sometimes we can end up with unexpected xattrs showing up on an inode.
> For instance, on an SELinux-enabled host security.selinux may be set and
> show up in a listing even though we've never set it.
>
> generic/062 lists out all of the xattrs on an inode in some cases, but
> it can't easily account for these "automatic" xattrs being set. Change
> it to use a more restrictive regex when filtering attributes, so that we
> just get the namespaces we're interested in.
>
> Cc: Zorro Lang <zlang@redhat.com>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
> ---
> tests/generic/062 | 10 ++++++----
> 1 file changed, 6 insertions(+), 4 deletions(-)
>
> diff --git a/tests/generic/062 b/tests/generic/062
> index d2a0ac9a9a21..cab4b4faac7c 100755
> --- a/tests/generic/062
> +++ b/tests/generic/062
> @@ -77,8 +77,10 @@ invalid_attribute_filter() {
>
> if [ "$USE_ATTR_SECURE" = yes ]; then
> ATTR_MODES="user security trusted"
> + ATTR_FILTER="^(user|security|trusted)"
> else
> ATTR_MODES="user trusted"
> + ATTR_FILTER="^(user|trusted)"
These should probably be a bit more restrictive so that we include the
'.' delimiter:
ATTR_FILTER="^(user|trusted)\\."
I'll send that in a v2 once I give people a chance to comment on the
rest.
> fi
> for nsp in $ATTR_MODES; do
> for inode in reg dir lnk dev/b dev/c dev/p; do
> @@ -121,7 +123,7 @@ for nsp in $ATTR_MODES; do
> getfattr -m $nsp -e hex -n $nsp.name2 $SCRATCH_MNT/$inode 2>&1 | invalid_attribute_filter
>
> echo "*** final list (strings, type=$inode, nsp=$nsp)"
> - getfattr -m '.' -e hex $SCRATCH_MNT/$inode
> + getfattr -m $ATTR_FILTER -e hex $SCRATCH_MNT/$inode
>
> done
> done
> @@ -151,11 +153,11 @@ _extend_test_bed
>
> echo
> echo "*** directory descent with us following symlinks"
> -getfattr -h -L -R -m '.' -e hex $SCRATCH_MNT | _sort_getfattr_output
> +getfattr -h -L -R -m $ATTR_FILTER -e hex $SCRATCH_MNT | _sort_getfattr_output
>
> echo
> echo "*** directory descent without following symlinks"
> -getfattr -h -P -R -m '.' -e hex $SCRATCH_MNT | _sort_getfattr_output
> +getfattr -h -P -R -m "$ATTR_FILTER -e hex $SCRATCH_MNT | _sort_getfattr_output
>
> #
> # Test the backup/restore code
> @@ -168,7 +170,7 @@ _backup()
> # we *do* sort the output by path, since it otherwise would depend on
> # readdir order, which on some filesystems may change after re-creating
> # the files.
> - _getfattr --absolute-names -dh -R -m '.' $SCRATCH_MNT | _sort_getfattr_output >$1
> + _getfattr --absolute-names -dh -R -m $ATTR_FILTER $SCRATCH_MNT | _sort_getfattr_output >$1
> echo BACKUP $1 >>$seqres.full
> cat $1 >> $seqres.full
> [ ! -s $1 ] && echo "warning: $1 (backup file) is empty"
--
Jeff Layton <jlayton@kernel.org>
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-07-06 16:09 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-06 15:32 [PATCH] generic/062: use more restrictive filter when querying for attributes Jeff Layton
2020-07-06 16:09 ` Jeff Layton
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).