1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
#!/usr/bin/env bash
# group: rw
#
# Test FUSE exports' allow-other option
#
# Copyright (C) 2021 Red Hat, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
#
seq=$(basename "$0")
echo "QA output created by $seq"
status=1 # failure is the default!
_cleanup()
{
_cleanup_qemu
_cleanup_test_img
rm -f "$EXT_MP"
}
trap "_cleanup; exit \$status" 0 1 2 3 15
# get standard environment, filters and checks
. ../common.rc
. ../common.filter
. ../common.qemu
_supported_fmt generic
_supported_proto file # We create the FUSE export manually
sudo -n -u nobody true || \
_notrun 'Password-less sudo as nobody required to test allow_other'
# $1: Export ID
# $2: Options (beyond the node-name and ID)
# $3: Expected return value (defaults to 'return')
# $4: Node to export (defaults to 'node-format')
fuse_export_add()
{
allow_other_not_supported='option allow_other only allowed if'
output=$(
success_or_failure=yes _send_qemu_cmd $QEMU_HANDLE \
"{'execute': 'block-export-add',
'arguments': {
'type': 'fuse',
'id': '$1',
'node-name': '${4:-node-format}',
$2
} }" \
"${3:-return}" \
"$allow_other_not_supported" \
| _filter_imgfmt
)
if echo "$output" | grep -q "$allow_other_not_supported"; then
# Shut down qemu gracefully so it can unmount the export
_send_qemu_cmd $QEMU_HANDLE \
"{'execute': 'quit'}" \
'return'
wait=yes _cleanup_qemu
_notrun "allow_other not supported"
fi
echo "$output"
}
EXT_MP="$TEST_DIR/fuse-export"
_make_test_img 64k
touch "$EXT_MP"
echo
echo '=== Test permissions ==='
# $1: allow-other value ('on'/'off'/'auto')
run_permission_test()
{
_launch_qemu \
-blockdev \
"$IMGFMT,node-name=node-format,file.driver=file,file.filename=$TEST_IMG"
_send_qemu_cmd $QEMU_HANDLE \
"{'execute': 'qmp_capabilities'}" \
'return'
fuse_export_add 'export' \
"'mountpoint': '$EXT_MP',
'allow-other': '$1'"
# Should always work
echo '(Removing all permissions)'
chmod 000 "$EXT_MP" 2>&1 | _filter_testdir | _filter_imgfmt
stat -c 'Permissions post-chmod: %a' "$EXT_MP"
# Should always work
echo '(Granting u+r)'
chmod u+r "$EXT_MP" 2>&1 | _filter_testdir | _filter_imgfmt
stat -c 'Permissions post-chmod: %a' "$EXT_MP"
# Should only work with allow-other: Otherwise, no permissions can be
# granted to the group or others
echo '(Granting read permissions for everyone)'
chmod 444 "$EXT_MP" 2>&1 | _filter_testdir | _filter_imgfmt
stat -c 'Permissions post-chmod: %a' "$EXT_MP"
echo 'Doing operations as nobody:'
# Change to TEST_DIR, so nobody will not have to attempt a lookup
pushd "$TEST_DIR" >/dev/null
# This is already prevented by the permissions (without allow-other, FUSE
# exports always have o-r), but test it anyway
sudo -n -u nobody cat fuse-export >/dev/null
# If the only problem were the lack of permissions, we should still be able
# to stat the export as nobody; it should not work without allow-other,
# though
sudo -n -u nobody \
stat -c 'Permissions seen by nobody: %a' fuse-export 2>&1 \
| _filter_imgfmt
# To prove the point, revoke read permissions for others and try again
chmod o-r fuse-export 2>&1 | _filter_testdir | _filter_imgfmt
# Should fail
sudo -n -u nobody cat fuse-export >/dev/null
# Should work with allow_other
sudo -n -u nobody \
stat -c 'Permissions seen by nobody: %a' fuse-export 2>&1 \
| _filter_imgfmt
popd >/dev/null
_send_qemu_cmd $QEMU_HANDLE \
"{'execute': 'quit'}" \
'return'
wait=yes _cleanup_qemu
}
# 'auto' should behave exactly like 'on', because 'on' tests that
# allow_other works (otherwise, this test is skipped)
for ao in off on auto; do
echo
echo "--- allow-other=$ao ---"
run_permission_test "$ao"
done
# success, all done
echo "*** done"
rm -f $seq.full
status=0
|
