1#!/bin/ksh -p 2# SPDX-License-Identifier: CDDL-1.0 3# 4# CDDL HEADER START 5# 6# The contents of this file are subject to the terms of the 7# Common Development and Distribution License (the "License"). 8# You may not use this file except in compliance with the License. 9# 10# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 11# or https://opensource.org/licenses/CDDL-1.0. 12# See the License for the specific language governing permissions 13# and limitations under the License. 14# 15# When distributing Covered Code, include this CDDL HEADER in each 16# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 17# If applicable, add the following below this CDDL HEADER, with the 18# fields enclosed by brackets "[]" replaced with your own identifying 19# information: Portions Copyright [yyyy] [name of copyright owner] 20# 21# CDDL HEADER END 22# 23 24. $STF_SUITE/tests/functional/idmap_mount/idmap_mount_common.kshlib 25 26# 27# 28# DESCRIPTION: 29# Test setgid bit is set properly on the idmapped mount 30# in a user namespace. 31# 32# STRATEGY: 33# 1. Create folder "idmap_test", set gid bit on it 34# 2. Idmap the folder to "idmap_dest" 35# 3. Create file and folder in the idmapped folder in the user 36# namespace having the same idmap info 37# 4. Verify the gid bit of the file and folder is set 38# 39 40verify_runnable "global" 41 42export WORKDIR=$TESTDIR/idmap_test 43export IDMAPDIR=$TESTDIR/idmap_dest 44 45function cleanup 46{ 47 kill -TERM ${unshared_pid} 48 log_must rm -rf $IDMAPDIR/* 49 if mountpoint $IDMAPDIR; then 50 log_must umount $IDMAPDIR 51 fi 52 log_must rm -rf $IDMAPDIR $WORKDIR 53} 54 55log_onexit cleanup 56 57if ! idmap_util -c $TESTDIR; then 58 log_unsupported "Idmap mount not supported." 59fi 60 61log_must mkdir -p $WORKDIR 62log_must mkdir -p $IDMAPDIR 63 64log_must chown $UID1:$GID1 $WORKDIR 65# set gid bit 66log_must chmod 2755 $WORKDIR 67log_must idmap_util -m "u:${UID1}:${UID2}:1" -m "g:${GID1}:${GID2}:1" $WORKDIR $IDMAPDIR 68log_must test -g $IDMAPDIR 69 70# Create a user namespace with the same idmapping 71unshare -Urm echo test 72if [ "$?" -ne "0" ]; then 73 log_unsupported "Failed to create user namespace" 74fi 75unshare -Um /usr/bin/sleep 2h & 76unshared_pid=$! 77if [ "$?" -ne "0" ]; then 78 log_unsupported "Failed to create user namespace" 79fi 80# wait for userns to be ready 81sleep 1 82echo "${UID1} ${UID2} 1" > /proc/$unshared_pid/uid_map 83if [ "$?" -ne "0" ]; then 84 log_unsupported "Failed to write to uid_map" 85fi 86echo "${GID1} ${GID2} 1" > /proc/$unshared_pid/gid_map 87if [ "$?" -ne "0" ]; then 88 log_unsupported "Failed to write to gid_map" 89fi 90 91NSENTER="nsenter -t $unshared_pid --all -S ${UID1} -G ${GID1}" 92 93# gid bit can be set on the file 94log_must $NSENTER touch $IDMAPDIR/file1 95log_must $NSENTER chmod 2654 $IDMAPDIR/file1 96log_must test -g $WORKDIR/file1 97log_must test -g $IDMAPDIR/file1 98log_must test "$UID1 $GID1" = "$($NSENTER stat -c '%u %g' $IDMAPDIR/file1)" 99 100# gid bit is carried over to new folder 101log_must $NSENTER mkdir $IDMAPDIR/subdir 102log_must test -g $WORKDIR/subdir 103log_must test -g $IDMAPDIR/subdir 104log_must test "$UID1 $GID1" = "$($NSENTER stat -c '%u %g' $IDMAPDIR/subdir)" 105 106log_pass "Verification of setting gid bit in userns is successful." 107 108