blob: 368abf0d857c9852e1ae26dc34bcddd60e6b969e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
|
#!/bin/bash
#
# Copyright (C) 2011 Colin Walters <walters@verbum.org>
#
# SPDX-License-Identifier: LGPL-2.0+
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
# License as published by the Free Software Foundation; either
# version 2 of the License, or (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public
# License along with this library. If not, see <https://www.gnu.org/licenses/>.
set -euo pipefail
. $(dirname $0)/libtest.sh
mode="bare-user-only"
setup_test_repository "$mode"
extra_basic_tests=6
. $(dirname $0)/basic-test.sh
$CMD_PREFIX ostree --version > version.yaml
python3 -c 'import yaml; yaml.safe_load(open("version.yaml"))'
echo "ok yaml version"
# Reset things so we don't inherit a lot of state from earlier tests
cd ${test_tmpdir}
rm repo files -rf
ostree_repo_init repo init --mode=bare-user-only
# Init an archive repo where we'll store content that can't go into bare-user
cd ${test_tmpdir}
rm repo-input -rf
ostree_repo_init repo-input init --mode=archive
cd ${test_tmpdir}
cat > statoverride.txt <<EOF
2048 /some-setuid
EOF
mkdir -p files/
echo "a setuid file" > files/some-setuid
chmod 0644 files/some-setuid
$CMD_PREFIX ostree --repo=repo-input commit -b content-with-suid --statoverride=statoverride.txt --tree=dir=files
if $CMD_PREFIX ostree pull-local --repo=repo repo-input 2>err.txt; then
assert_not_reached "copying suid file into bare-user worked?"
fi
assert_file_has_content err.txt "Content object.*invalid mode.*with bits 040.*"
echo "ok failed to commit suid"
cd ${test_tmpdir}
rm repo-input -rf
ostree_repo_init repo-input init --mode=archive
rm files -rf && mkdir files
echo "a group writable file" > files/some-group-writable
chmod 0664 files/some-group-writable
$CMD_PREFIX ostree --repo=repo-input commit -b content-with-group-writable --tree=dir=files
$OSTREE pull-local repo-input
$OSTREE checkout -U -H content-with-group-writable groupwritable-co
assert_file_has_mode groupwritable-co/some-group-writable 664
echo "ok supported group writable"
cd ${test_tmpdir}
rm repo-input -rf
ostree_repo_init repo-input init --mode=archive
rm files -rf && mkdir files
mkdir files/worldwritable-dir
chmod a+w files/worldwritable-dir
$CMD_PREFIX ostree --repo=repo-input commit -b content-with-dir-world-writable --tree=dir=files
$OSTREE pull-local repo-input
$OSTREE checkout -U -H content-with-dir-world-writable dir-co
assert_file_has_mode dir-co/worldwritable-dir 775
echo "ok didn't make world-writable dir"
if ! skip_one_without_user_xattrs; then
cd ${test_tmpdir}
rm repo-input -rf
rm repo -rf
ostree_repo_init repo init --mode=bare-user-only
ostree_repo_init repo-input init --mode=bare-user
rm files -rf && mkdir files
echo afile > files/afile
ln -s afile files/afile-link
$CMD_PREFIX ostree --repo=repo-input commit --canonical-permissions -b testtree --tree=dir=files
afile_relobjpath=$(ostree_file_path_to_relative_object_path repo-input testtree /afile)
afile_link_relobjpath=$(ostree_file_path_to_relative_object_path repo-input testtree /afile-link)
$CMD_PREFIX ostree pull-local --repo=repo repo-input
assert_files_hardlinked repo/${afile_relobjpath} repo-input/${afile_relobjpath}
if files_are_hardlinked repo/${afile_link_relobjpath} repo-input/${afile_link_relobjpath}; then
assert_not_reached "symlinks hardlinked across bare-user?"
fi
$OSTREE fsck -q
echo "ok hardlink pull from bare-user"
fi
cd ${test_tmpdir}
rm repo -rf
ostree_repo_init repo init --mode=bare-user-only
rm files -rf && mkdir files
echo afile > files/afile
chmod 0777 files/afile
$OSTREE commit ${COMMIT_ARGS} -b perms files
$OSTREE fsck
rm out -rf
$OSTREE checkout --force-copy perms out
assert_file_has_mode out/afile 755
$OSTREE checkout ${CHECKOUT_H_ARGS} --union-identical perms out
assert_file_has_mode out/afile 755
echo "ok automatic canonical perms for bare-user-only"
|
