* [PATCH] fstests: add a filter for the new getcap output
@ 2020-10-10 12:57 fdmanana
2020-10-11 5:13 ` Eryu Guan
2020-10-11 12:38 ` [PATCH v2] " fdmanana
0 siblings, 2 replies; 3+ messages in thread
From: fdmanana @ 2020-10-10 12:57 UTC (permalink / raw)
To: fstests; +Cc: linux-btrfs, Filipe Manana
From: Filipe Manana <fdmanana@suse.com>
Starting with version 2.41 of libcap, the output of the getcap program
changed and therefore some existing tests fail when the installed version
of libcap is >= 2.41 (the latest version available at the moment is 2.44).
The change was made by the following commit of libcap:
commit 177cd418031b1acfcf73fe3b1af9f3279828681c
Author: Andrew G. Morgan <morgan@kernel.org>
Date: Tue Jul 21 22:58:05 2020 -0700
A more compact form for the text representation of capabilities.
While this does not change anything about the supported range of
equivalent text specifications for capabilities, as accepted by
cap_from_text(), this does alter the preferred output format of
cap_to_text() to be two characters shorter in most cases. That is,
what used to be summarized as:
"= cap_foo+..."
is now converted to the equivalent text:
"cap_foo=..."
which is also more intuitive.
So add a filter to change the old format to the new one and adapt existing
tests to use it and expect the new format in the golden output.
Signed-off-by: Filipe Manana <fdmanana@suse.com>
---
common/filter | 28 ++++++++++++++++++++++++++++
tests/btrfs/214 | 14 +++++++-------
tests/generic/093 | 2 +-
tests/generic/093.out | 2 +-
tests/overlay/064 | 4 ++--
tests/overlay/064.out | 4 ++--
tests/xfs/296 | 2 +-
tests/xfs/296.out | 4 ++--
8 files changed, 44 insertions(+), 16 deletions(-)
diff --git a/common/filter b/common/filter
index 2477f386..64844c98 100644
--- a/common/filter
+++ b/common/filter
@@ -603,5 +603,33 @@ _filter_assert_dmesg()
-e "s#$warn2#Intentional warnings in assfail#"
}
+# With version 2.41 of libcap, the output format of getcap changed.
+# More specifically such change was added by the following commit:
+#
+# commit 177cd418031b1acfcf73fe3b1af9f3279828681c
+# Author: Andrew G. Morgan <morgan@kernel.org>
+# Date: Tue Jul 21 22:58:05 2020 -0700
+#
+# A more compact form for the text representation of capabilities.
+#
+# While this does not change anything about the supported range of
+# equivalent text specifications for capabilities, as accepted by
+# cap_from_text(), this does alter the preferred output format of
+# cap_to_text() to be two characters shorter in most cases. That is,
+# what used to be summarized as:
+#
+# "= cap_foo+..."
+#
+# is now converted to the equivalent text:
+#
+# "cap_foo=..."
+#
+# which is also more intuitive.
+#
+_filter_getcap()
+{
+ sed -e "s/ = / /" -e "s/\+/=/"
+}
+
# make sure this script returns success
/bin/true
diff --git a/tests/btrfs/214 b/tests/btrfs/214
index 35c4656c..6d08b991 100755
--- a/tests/btrfs/214
+++ b/tests/btrfs/214
@@ -43,7 +43,7 @@ check_capabilities()
local ret
file="$1"
cap="$2"
- ret=$($GETCAP_PROG "$file")
+ ret=$($GETCAP_PROG "$file" | _filter_getcap)
if [ -z "$ret" ]; then
echo "$ret"
echo "missing capability in file $file"
@@ -84,7 +84,7 @@ full_nocap_inc_withcap_send()
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc" >/dev/null
$BTRFS_UTIL_PROG send -p "$FS1/snap_init" "$FS1/snap_inc" -q | \
$BTRFS_UTIL_PROG receive "$FS2" -q
- check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
+ check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
_scratch_unmount
}
@@ -107,25 +107,25 @@ roundtrip_send()
$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_init" >/dev/null
$BTRFS_UTIL_PROG send "$FS1/snap_init" -q | $BTRFS_UTIL_PROG receive "$FS2" -q
- check_capabilities "$FS2/snap_init/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
+ check_capabilities "$FS2/snap_init/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
# Test incremental send with different owner/group but same capabilities
chgrp 100 "$FS1/foo.bar"
$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc" >/dev/null
- check_capabilities "$FS1/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
+ check_capabilities "$FS1/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
$BTRFS_UTIL_PROG send -p "$FS1/snap_init" "$FS1/snap_inc" -q | \
$BTRFS_UTIL_PROG receive "$FS2" -q
- check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
+ check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
# Test capabilities after incremental send with different group and capabilities
chgrp 0 "$FS1/foo.bar"
$SETCAP_PROG "cap_sys_time+ep cap_syslog+ep" "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc2" >/dev/null
- check_capabilities "$FS1/snap_inc2/foo.bar" "cap_sys_time,cap_syslog+ep"
+ check_capabilities "$FS1/snap_inc2/foo.bar" "cap_sys_time,cap_syslog=ep"
$BTRFS_UTIL_PROG send -p "$FS1/snap_inc" "$FS1/snap_inc2" -q | \
$BTRFS_UTIL_PROG receive "$FS2" -q
- check_capabilities "$FS2/snap_inc2/foo.bar" "cap_sys_time,cap_syslog+ep"
+ check_capabilities "$FS2/snap_inc2/foo.bar" "cap_sys_time,cap_syslog=ep"
_scratch_unmount
}
diff --git a/tests/generic/093 b/tests/generic/093
index 0f835e7e..ed5f6f50 100755
--- a/tests/generic/093
+++ b/tests/generic/093
@@ -51,7 +51,7 @@ touch $file
echo "**** Verifying that appending to file clears capabilities ****"
$SETCAP_PROG cap_chown+ep $file
-$GETCAP_PROG $file | filefilter
+$GETCAP_PROG $file | filefilter | _filter_getcap
echo data1 >> $file
cat $file
$GETCAP_PROG $file | filefilter
diff --git a/tests/generic/093.out b/tests/generic/093.out
index cb29153e..fe6dfe5c 100644
--- a/tests/generic/093.out
+++ b/tests/generic/093.out
@@ -1,7 +1,7 @@
QA output created by 093
**** Verifying that appending to file clears capabilities ****
-file = cap_chown+ep
+file cap_chown=ep
data1
**** Verifying that appending to file doesn't clear other xattrs ****
diff --git a/tests/overlay/064 b/tests/overlay/064
index f5d5df1b..7ec3e420 100755
--- a/tests/overlay/064
+++ b/tests/overlay/064
@@ -55,7 +55,7 @@ _scratch_mount "-o metacopy=on"
$XFS_IO_PROG -c "stat" ${SCRATCH_MNT}/file1 >>$seqres.full
# Make sure cap_setuid is still there
-$GETCAP_PROG ${SCRATCH_MNT}/file1 | _filter_scratch
+$GETCAP_PROG ${SCRATCH_MNT}/file1 | _filter_scratch | _filter_getcap
# Trigger metadata only copy-up
chmod 000 ${SCRATCH_MNT}/file2
@@ -64,7 +64,7 @@ chmod 000 ${SCRATCH_MNT}/file2
$XFS_IO_PROG -c "stat" ${SCRATCH_MNT}/file2 >>$seqres.full
# Make sure cap_setuid is still there
-$GETCAP_PROG ${SCRATCH_MNT}/file2 | _filter_scratch
+$GETCAP_PROG ${SCRATCH_MNT}/file2 | _filter_scratch | _filter_getcap
# success, all done
status=0
diff --git a/tests/overlay/064.out b/tests/overlay/064.out
index cdd3064d..07f89fbd 100644
--- a/tests/overlay/064.out
+++ b/tests/overlay/064.out
@@ -1,3 +1,3 @@
QA output created by 064
-SCRATCH_MNT/file1 = cap_setuid+ep
-SCRATCH_MNT/file2 = cap_setuid+ep
+SCRATCH_MNT/file1 cap_setuid=ep
+SCRATCH_MNT/file2 cap_setuid=ep
diff --git a/tests/xfs/296 b/tests/xfs/296
index 915ffa0c..f67b8386 100755
--- a/tests/xfs/296
+++ b/tests/xfs/296
@@ -49,7 +49,7 @@ $SETCAP_PROG cap_setgid,cap_setuid+ep $dump_dir/testfile
echo "Checking for xattr on source file"
getfattr --absolute-names -m user.name $dump_dir/testfile | _dir_filter
echo "Checking for capability on source file"
-$GETCAP_PROG $dump_dir/testfile | _dir_filter
+$GETCAP_PROG $dump_dir/testfile | _dir_filter | _filter_getcap
getfattr --absolute-names -m security.capability $dump_dir/testfile | _dir_filter
_do_dump_file -f $tmp.df.0
diff --git a/tests/xfs/296.out b/tests/xfs/296.out
index c279465c..f5cc624e 100644
--- a/tests/xfs/296.out
+++ b/tests/xfs/296.out
@@ -4,7 +4,7 @@ Checking for xattr on source file
user.name
Checking for capability on source file
-DUMP_DIR/testfile = cap_setgid,cap_setuid+ep
+DUMP_DIR/testfile cap_setgid,cap_setuid=ep
# file: DUMP_DIR/testfile
security.capability
@@ -50,7 +50,7 @@ Checking for xattr on restored file
user.name
Checking for capability on restored file
-RESTORE_DIR/DUMP_SUBDIR/testfile = cap_setgid,cap_setuid+ep
+RESTORE_DIR/DUMP_SUBDIR/testfile cap_setgid,cap_setuid=ep
# file: RESTORE_DIR/DUMP_SUBDIR/testfile
security.capability
--
2.28.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] fstests: add a filter for the new getcap output
2020-10-10 12:57 [PATCH] fstests: add a filter for the new getcap output fdmanana
@ 2020-10-11 5:13 ` Eryu Guan
2020-10-11 12:38 ` [PATCH v2] " fdmanana
1 sibling, 0 replies; 3+ messages in thread
From: Eryu Guan @ 2020-10-11 5:13 UTC (permalink / raw)
To: fdmanana; +Cc: fstests, linux-btrfs, Filipe Manana
On Sat, Oct 10, 2020 at 01:57:31PM +0100, fdmanana@kernel.org wrote:
> From: Filipe Manana <fdmanana@suse.com>
>
> Starting with version 2.41 of libcap, the output of the getcap program
> changed and therefore some existing tests fail when the installed version
> of libcap is >= 2.41 (the latest version available at the moment is 2.44).
>
> The change was made by the following commit of libcap:
>
> commit 177cd418031b1acfcf73fe3b1af9f3279828681c
> Author: Andrew G. Morgan <morgan@kernel.org>
> Date: Tue Jul 21 22:58:05 2020 -0700
>
> A more compact form for the text representation of capabilities.
>
> While this does not change anything about the supported range of
> equivalent text specifications for capabilities, as accepted by
> cap_from_text(), this does alter the preferred output format of
> cap_to_text() to be two characters shorter in most cases. That is,
> what used to be summarized as:
>
> "= cap_foo+..."
>
> is now converted to the equivalent text:
>
> "cap_foo=..."
>
> which is also more intuitive.
>
> So add a filter to change the old format to the new one and adapt existing
> tests to use it and expect the new format in the golden output.
>
> Signed-off-by: Filipe Manana <fdmanana@suse.com>
> ---
> common/filter | 28 ++++++++++++++++++++++++++++
> tests/btrfs/214 | 14 +++++++-------
> tests/generic/093 | 2 +-
> tests/generic/093.out | 2 +-
> tests/overlay/064 | 4 ++--
> tests/overlay/064.out | 4 ++--
> tests/xfs/296 | 2 +-
> tests/xfs/296.out | 4 ++--
> 8 files changed, 44 insertions(+), 16 deletions(-)
>
> diff --git a/common/filter b/common/filter
> index 2477f386..64844c98 100644
> --- a/common/filter
> +++ b/common/filter
> @@ -603,5 +603,33 @@ _filter_assert_dmesg()
> -e "s#$warn2#Intentional warnings in assfail#"
> }
>
> +# With version 2.41 of libcap, the output format of getcap changed.
> +# More specifically such change was added by the following commit:
> +#
> +# commit 177cd418031b1acfcf73fe3b1af9f3279828681c
> +# Author: Andrew G. Morgan <morgan@kernel.org>
> +# Date: Tue Jul 21 22:58:05 2020 -0700
> +#
> +# A more compact form for the text representation of capabilities.
> +#
> +# While this does not change anything about the supported range of
> +# equivalent text specifications for capabilities, as accepted by
> +# cap_from_text(), this does alter the preferred output format of
> +# cap_to_text() to be two characters shorter in most cases. That is,
> +# what used to be summarized as:
> +#
> +# "= cap_foo+..."
> +#
> +# is now converted to the equivalent text:
> +#
> +# "cap_foo=..."
> +#
> +# which is also more intuitive.
> +#
> +_filter_getcap()
> +{
> + sed -e "s/ = / /" -e "s/\+/=/"
> +}
> +
Thanks for the fix!
I' wondering if we could introduce a new _getcap helper which calls
_filter_getcap internally, so external users could just call _getcap
instead of "$GETCAP_PROG ... | _filter_getcap", like what we did in
commit 794f4594fbf4 ("fstests: filter redundant output by getfattr")
Thanks,
Eryu
> # make sure this script returns success
> /bin/true
> diff --git a/tests/btrfs/214 b/tests/btrfs/214
> index 35c4656c..6d08b991 100755
> --- a/tests/btrfs/214
> +++ b/tests/btrfs/214
> @@ -43,7 +43,7 @@ check_capabilities()
> local ret
> file="$1"
> cap="$2"
> - ret=$($GETCAP_PROG "$file")
> + ret=$($GETCAP_PROG "$file" | _filter_getcap)
> if [ -z "$ret" ]; then
> echo "$ret"
> echo "missing capability in file $file"
> @@ -84,7 +84,7 @@ full_nocap_inc_withcap_send()
> $BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc" >/dev/null
> $BTRFS_UTIL_PROG send -p "$FS1/snap_init" "$FS1/snap_inc" -q | \
> $BTRFS_UTIL_PROG receive "$FS2" -q
> - check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
> + check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
>
> _scratch_unmount
> }
> @@ -107,25 +107,25 @@ roundtrip_send()
> $SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
> $BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_init" >/dev/null
> $BTRFS_UTIL_PROG send "$FS1/snap_init" -q | $BTRFS_UTIL_PROG receive "$FS2" -q
> - check_capabilities "$FS2/snap_init/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
> + check_capabilities "$FS2/snap_init/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
>
> # Test incremental send with different owner/group but same capabilities
> chgrp 100 "$FS1/foo.bar"
> $SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
> $BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc" >/dev/null
> - check_capabilities "$FS1/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
> + check_capabilities "$FS1/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
> $BTRFS_UTIL_PROG send -p "$FS1/snap_init" "$FS1/snap_inc" -q | \
> $BTRFS_UTIL_PROG receive "$FS2" -q
> - check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
> + check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
>
> # Test capabilities after incremental send with different group and capabilities
> chgrp 0 "$FS1/foo.bar"
> $SETCAP_PROG "cap_sys_time+ep cap_syslog+ep" "$FS1/foo.bar"
> $BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc2" >/dev/null
> - check_capabilities "$FS1/snap_inc2/foo.bar" "cap_sys_time,cap_syslog+ep"
> + check_capabilities "$FS1/snap_inc2/foo.bar" "cap_sys_time,cap_syslog=ep"
> $BTRFS_UTIL_PROG send -p "$FS1/snap_inc" "$FS1/snap_inc2" -q | \
> $BTRFS_UTIL_PROG receive "$FS2" -q
> - check_capabilities "$FS2/snap_inc2/foo.bar" "cap_sys_time,cap_syslog+ep"
> + check_capabilities "$FS2/snap_inc2/foo.bar" "cap_sys_time,cap_syslog=ep"
>
> _scratch_unmount
> }
> diff --git a/tests/generic/093 b/tests/generic/093
> index 0f835e7e..ed5f6f50 100755
> --- a/tests/generic/093
> +++ b/tests/generic/093
> @@ -51,7 +51,7 @@ touch $file
>
> echo "**** Verifying that appending to file clears capabilities ****"
> $SETCAP_PROG cap_chown+ep $file
> -$GETCAP_PROG $file | filefilter
> +$GETCAP_PROG $file | filefilter | _filter_getcap
> echo data1 >> $file
> cat $file
> $GETCAP_PROG $file | filefilter
> diff --git a/tests/generic/093.out b/tests/generic/093.out
> index cb29153e..fe6dfe5c 100644
> --- a/tests/generic/093.out
> +++ b/tests/generic/093.out
> @@ -1,7 +1,7 @@
> QA output created by 093
>
> **** Verifying that appending to file clears capabilities ****
> -file = cap_chown+ep
> +file cap_chown=ep
> data1
>
> **** Verifying that appending to file doesn't clear other xattrs ****
> diff --git a/tests/overlay/064 b/tests/overlay/064
> index f5d5df1b..7ec3e420 100755
> --- a/tests/overlay/064
> +++ b/tests/overlay/064
> @@ -55,7 +55,7 @@ _scratch_mount "-o metacopy=on"
> $XFS_IO_PROG -c "stat" ${SCRATCH_MNT}/file1 >>$seqres.full
>
> # Make sure cap_setuid is still there
> -$GETCAP_PROG ${SCRATCH_MNT}/file1 | _filter_scratch
> +$GETCAP_PROG ${SCRATCH_MNT}/file1 | _filter_scratch | _filter_getcap
>
> # Trigger metadata only copy-up
> chmod 000 ${SCRATCH_MNT}/file2
> @@ -64,7 +64,7 @@ chmod 000 ${SCRATCH_MNT}/file2
> $XFS_IO_PROG -c "stat" ${SCRATCH_MNT}/file2 >>$seqres.full
>
> # Make sure cap_setuid is still there
> -$GETCAP_PROG ${SCRATCH_MNT}/file2 | _filter_scratch
> +$GETCAP_PROG ${SCRATCH_MNT}/file2 | _filter_scratch | _filter_getcap
>
> # success, all done
> status=0
> diff --git a/tests/overlay/064.out b/tests/overlay/064.out
> index cdd3064d..07f89fbd 100644
> --- a/tests/overlay/064.out
> +++ b/tests/overlay/064.out
> @@ -1,3 +1,3 @@
> QA output created by 064
> -SCRATCH_MNT/file1 = cap_setuid+ep
> -SCRATCH_MNT/file2 = cap_setuid+ep
> +SCRATCH_MNT/file1 cap_setuid=ep
> +SCRATCH_MNT/file2 cap_setuid=ep
> diff --git a/tests/xfs/296 b/tests/xfs/296
> index 915ffa0c..f67b8386 100755
> --- a/tests/xfs/296
> +++ b/tests/xfs/296
> @@ -49,7 +49,7 @@ $SETCAP_PROG cap_setgid,cap_setuid+ep $dump_dir/testfile
> echo "Checking for xattr on source file"
> getfattr --absolute-names -m user.name $dump_dir/testfile | _dir_filter
> echo "Checking for capability on source file"
> -$GETCAP_PROG $dump_dir/testfile | _dir_filter
> +$GETCAP_PROG $dump_dir/testfile | _dir_filter | _filter_getcap
> getfattr --absolute-names -m security.capability $dump_dir/testfile | _dir_filter
>
> _do_dump_file -f $tmp.df.0
> diff --git a/tests/xfs/296.out b/tests/xfs/296.out
> index c279465c..f5cc624e 100644
> --- a/tests/xfs/296.out
> +++ b/tests/xfs/296.out
> @@ -4,7 +4,7 @@ Checking for xattr on source file
> user.name
>
> Checking for capability on source file
> -DUMP_DIR/testfile = cap_setgid,cap_setuid+ep
> +DUMP_DIR/testfile cap_setgid,cap_setuid=ep
> # file: DUMP_DIR/testfile
> security.capability
>
> @@ -50,7 +50,7 @@ Checking for xattr on restored file
> user.name
>
> Checking for capability on restored file
> -RESTORE_DIR/DUMP_SUBDIR/testfile = cap_setgid,cap_setuid+ep
> +RESTORE_DIR/DUMP_SUBDIR/testfile cap_setgid,cap_setuid=ep
> # file: RESTORE_DIR/DUMP_SUBDIR/testfile
> security.capability
>
> --
> 2.28.0
^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH v2] fstests: add a filter for the new getcap output
2020-10-10 12:57 [PATCH] fstests: add a filter for the new getcap output fdmanana
2020-10-11 5:13 ` Eryu Guan
@ 2020-10-11 12:38 ` fdmanana
1 sibling, 0 replies; 3+ messages in thread
From: fdmanana @ 2020-10-11 12:38 UTC (permalink / raw)
To: fstests; +Cc: linux-btrfs, guan, Filipe Manana
From: Filipe Manana <fdmanana@suse.com>
Starting with version 2.41 of libcap, the output of the getcap program
changed and therefore some existing tests fail when the installed version
of libcap is >= 2.41 (the latest version available at the moment is 2.44).
The change was made by the following commit of libcap:
commit 177cd418031b1acfcf73fe3b1af9f3279828681c
Author: Andrew G. Morgan <morgan@kernel.org>
Date: Tue Jul 21 22:58:05 2020 -0700
A more compact form for the text representation of capabilities.
While this does not change anything about the supported range of
equivalent text specifications for capabilities, as accepted by
cap_from_text(), this does alter the preferred output format of
cap_to_text() to be two characters shorter in most cases. That is,
what used to be summarized as:
"= cap_foo+..."
is now converted to the equivalent text:
"cap_foo=..."
which is also more intuitive.
So add a filter to change the old format to the new one, an helper that
calls getcap with that filter, make existing tests use the new helper and
update their golden output to match the new output format of getcap.
Signed-off-by: Filipe Manana <fdmanana@suse.com>
---
V2: Added _getcap() helper that makes use of the filter, make tests use it.
common/filter | 28 ++++++++++++++++++++++++++++
common/rc | 6 ++++++
tests/btrfs/214 | 16 ++++++++--------
tests/generic/093 | 4 ++--
tests/generic/093.out | 2 +-
tests/generic/513 | 4 ++--
tests/overlay/064 | 4 ++--
tests/overlay/064.out | 4 ++--
tests/xfs/296 | 4 ++--
tests/xfs/296.out | 4 ++--
10 files changed, 55 insertions(+), 21 deletions(-)
diff --git a/common/filter b/common/filter
index 2477f386..a8b3882f 100644
--- a/common/filter
+++ b/common/filter
@@ -603,5 +603,33 @@ _filter_assert_dmesg()
-e "s#$warn2#Intentional warnings in assfail#"
}
+# With version 2.41 of libcap, the output format of getcap changed.
+# More specifically such change was added by the following commit:
+#
+# commit 177cd418031b1acfcf73fe3b1af9f3279828681c
+# Author: Andrew G. Morgan <morgan@kernel.org>
+# Date: Tue Jul 21 22:58:05 2020 -0700
+#
+# A more compact form for the text representation of capabilities.
+#
+# While this does not change anything about the supported range of
+# equivalent text specifications for capabilities, as accepted by
+# cap_from_text(), this does alter the preferred output format of
+# cap_to_text() to be two characters shorter in most cases. That is,
+# what used to be summarized as:
+#
+# "= cap_foo+..."
+#
+# is now converted to the equivalent text:
+#
+# "cap_foo=..."
+#
+# which is also more intuitive.
+#
+_filter_getcap()
+{
+ sed -e "s/= //" -e "s/\+/=/g"
+}
+
# make sure this script returns success
/bin/true
diff --git a/common/rc b/common/rc
index 23095d4f..27a27ea3 100644
--- a/common/rc
+++ b/common/rc
@@ -4315,6 +4315,12 @@ _require_mknod()
rm -f $TEST_DIR/$seq.null
}
+_getcap()
+{
+ $GETCAP_PROG "$@" | _filter_getcap
+ return ${PIPESTATUS[0]}
+}
+
init_rc
################################################################################
diff --git a/tests/btrfs/214 b/tests/btrfs/214
index 35c4656c..123c4cbf 100755
--- a/tests/btrfs/214
+++ b/tests/btrfs/214
@@ -43,7 +43,7 @@ check_capabilities()
local ret
file="$1"
cap="$2"
- ret=$($GETCAP_PROG "$file")
+ ret=$(_getcap "$file")
if [ -z "$ret" ]; then
echo "$ret"
echo "missing capability in file $file"
@@ -74,7 +74,7 @@ full_nocap_inc_withcap_send()
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_init" >/dev/null
$BTRFS_UTIL_PROG send "$FS1/snap_init" -q | $BTRFS_UTIL_PROG receive "$FS2" -q
# ensure that we don't have capabilities set
- ret=$($GETCAP_PROG "$FS2/snap_init/foo.bar")
+ ret=$(_getcap "$FS2/snap_init/foo.bar")
if [ -n "$ret" ]; then
echo "File contains capabilities when it shouldn't"
fi
@@ -84,7 +84,7 @@ full_nocap_inc_withcap_send()
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc" >/dev/null
$BTRFS_UTIL_PROG send -p "$FS1/snap_init" "$FS1/snap_inc" -q | \
$BTRFS_UTIL_PROG receive "$FS2" -q
- check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
+ check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
_scratch_unmount
}
@@ -107,25 +107,25 @@ roundtrip_send()
$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_init" >/dev/null
$BTRFS_UTIL_PROG send "$FS1/snap_init" -q | $BTRFS_UTIL_PROG receive "$FS2" -q
- check_capabilities "$FS2/snap_init/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
+ check_capabilities "$FS2/snap_init/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
# Test incremental send with different owner/group but same capabilities
chgrp 100 "$FS1/foo.bar"
$SETCAP_PROG "cap_sys_ptrace+ep cap_sys_nice+ep" "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc" >/dev/null
- check_capabilities "$FS1/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
+ check_capabilities "$FS1/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
$BTRFS_UTIL_PROG send -p "$FS1/snap_init" "$FS1/snap_inc" -q | \
$BTRFS_UTIL_PROG receive "$FS2" -q
- check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice+ep"
+ check_capabilities "$FS2/snap_inc/foo.bar" "cap_sys_ptrace,cap_sys_nice=ep"
# Test capabilities after incremental send with different group and capabilities
chgrp 0 "$FS1/foo.bar"
$SETCAP_PROG "cap_sys_time+ep cap_syslog+ep" "$FS1/foo.bar"
$BTRFS_UTIL_PROG subvolume snapshot -r "$FS1" "$FS1/snap_inc2" >/dev/null
- check_capabilities "$FS1/snap_inc2/foo.bar" "cap_sys_time,cap_syslog+ep"
+ check_capabilities "$FS1/snap_inc2/foo.bar" "cap_sys_time,cap_syslog=ep"
$BTRFS_UTIL_PROG send -p "$FS1/snap_inc" "$FS1/snap_inc2" -q | \
$BTRFS_UTIL_PROG receive "$FS2" -q
- check_capabilities "$FS2/snap_inc2/foo.bar" "cap_sys_time,cap_syslog+ep"
+ check_capabilities "$FS2/snap_inc2/foo.bar" "cap_sys_time,cap_syslog=ep"
_scratch_unmount
}
diff --git a/tests/generic/093 b/tests/generic/093
index 0f835e7e..48ffec5c 100755
--- a/tests/generic/093
+++ b/tests/generic/093
@@ -51,10 +51,10 @@ touch $file
echo "**** Verifying that appending to file clears capabilities ****"
$SETCAP_PROG cap_chown+ep $file
-$GETCAP_PROG $file | filefilter
+_getcap $file | filefilter
echo data1 >> $file
cat $file
-$GETCAP_PROG $file | filefilter
+_getcap $file | filefilter
echo
echo "**** Verifying that appending to file doesn't clear other xattrs ****"
diff --git a/tests/generic/093.out b/tests/generic/093.out
index cb29153e..fe6dfe5c 100644
--- a/tests/generic/093.out
+++ b/tests/generic/093.out
@@ -1,7 +1,7 @@
QA output created by 093
**** Verifying that appending to file clears capabilities ****
-file = cap_chown+ep
+file cap_chown=ep
data1
**** Verifying that appending to file doesn't clear other xattrs ****
diff --git a/tests/generic/513 b/tests/generic/513
index 15b4aded..70687877 100755
--- a/tests/generic/513
+++ b/tests/generic/513
@@ -40,14 +40,14 @@ $XFS_IO_PROG -f -c "pwrite -S 0x20 0 1m" $SCRATCH_MNT/bar >>$seqres.full
$SETCAP_PROG cap_setgid,cap_setuid+ep $SCRATCH_MNT/bar
-before_cap="$($GETCAP_PROG -v $SCRATCH_MNT/bar)"
+before_cap="$(_getcap -v $SCRATCH_MNT/bar)"
before_ctime="$(stat -c '%z' $SCRATCH_MNT/bar)"
sleep 1
$XFS_IO_PROG -c "reflink $SCRATCH_MNT/foo" $SCRATCH_MNT/bar >> $seqres.full 2>&1
-after_cap="$($GETCAP_PROG -v $SCRATCH_MNT/bar)"
+after_cap="$(_getcap -v $SCRATCH_MNT/bar)"
after_ctime="$(stat -c '%z' $SCRATCH_MNT/bar)"
echo "$before_cap $before_ctime" >> $seqres.full
diff --git a/tests/overlay/064 b/tests/overlay/064
index f5d5df1b..8d3d1e4c 100755
--- a/tests/overlay/064
+++ b/tests/overlay/064
@@ -55,7 +55,7 @@ _scratch_mount "-o metacopy=on"
$XFS_IO_PROG -c "stat" ${SCRATCH_MNT}/file1 >>$seqres.full
# Make sure cap_setuid is still there
-$GETCAP_PROG ${SCRATCH_MNT}/file1 | _filter_scratch
+_getcap ${SCRATCH_MNT}/file1 | _filter_scratch
# Trigger metadata only copy-up
chmod 000 ${SCRATCH_MNT}/file2
@@ -64,7 +64,7 @@ chmod 000 ${SCRATCH_MNT}/file2
$XFS_IO_PROG -c "stat" ${SCRATCH_MNT}/file2 >>$seqres.full
# Make sure cap_setuid is still there
-$GETCAP_PROG ${SCRATCH_MNT}/file2 | _filter_scratch
+_getcap ${SCRATCH_MNT}/file2 | _filter_scratch
# success, all done
status=0
diff --git a/tests/overlay/064.out b/tests/overlay/064.out
index cdd3064d..07f89fbd 100644
--- a/tests/overlay/064.out
+++ b/tests/overlay/064.out
@@ -1,3 +1,3 @@
QA output created by 064
-SCRATCH_MNT/file1 = cap_setuid+ep
-SCRATCH_MNT/file2 = cap_setuid+ep
+SCRATCH_MNT/file1 cap_setuid=ep
+SCRATCH_MNT/file2 cap_setuid=ep
diff --git a/tests/xfs/296 b/tests/xfs/296
index 915ffa0c..77726e54 100755
--- a/tests/xfs/296
+++ b/tests/xfs/296
@@ -49,7 +49,7 @@ $SETCAP_PROG cap_setgid,cap_setuid+ep $dump_dir/testfile
echo "Checking for xattr on source file"
getfattr --absolute-names -m user.name $dump_dir/testfile | _dir_filter
echo "Checking for capability on source file"
-$GETCAP_PROG $dump_dir/testfile | _dir_filter
+_getcap $dump_dir/testfile | _dir_filter
getfattr --absolute-names -m security.capability $dump_dir/testfile | _dir_filter
_do_dump_file -f $tmp.df.0
@@ -62,7 +62,7 @@ _diff_compare
echo "Checking for xattr on restored file"
getfattr --absolute-names -m user.name $restore_dir/$dump_sdir/testfile | _dir_filter
echo "Checking for capability on restored file"
-$GETCAP_PROG $restore_dir/$dump_sdir/testfile | _dir_filter
+_getcap $restore_dir/$dump_sdir/testfile | _dir_filter
getfattr --absolute-names -m security.capability $restore_dir/$dump_sdir/testfile | _dir_filter
status=0
diff --git a/tests/xfs/296.out b/tests/xfs/296.out
index c279465c..f5cc624e 100644
--- a/tests/xfs/296.out
+++ b/tests/xfs/296.out
@@ -4,7 +4,7 @@ Checking for xattr on source file
user.name
Checking for capability on source file
-DUMP_DIR/testfile = cap_setgid,cap_setuid+ep
+DUMP_DIR/testfile cap_setgid,cap_setuid=ep
# file: DUMP_DIR/testfile
security.capability
@@ -50,7 +50,7 @@ Checking for xattr on restored file
user.name
Checking for capability on restored file
-RESTORE_DIR/DUMP_SUBDIR/testfile = cap_setgid,cap_setuid+ep
+RESTORE_DIR/DUMP_SUBDIR/testfile cap_setgid,cap_setuid=ep
# file: RESTORE_DIR/DUMP_SUBDIR/testfile
security.capability
--
2.28.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-10-11 12:39 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-10 12:57 [PATCH] fstests: add a filter for the new getcap output fdmanana
2020-10-11 5:13 ` Eryu Guan
2020-10-11 12:38 ` [PATCH v2] " fdmanana
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).