xfs
[Top] [All Lists]

Re: [PATCH 3/3] xfstests 314: user namespace uid/gids in an ACL

To: Rich Johnston <rjohnston@xxxxxxx>
Subject: Re: [PATCH 3/3] xfstests 314: user namespace uid/gids in an ACL
From: Dwight Engen <dwight.engen@xxxxxxxxxx>
Date: Mon, 19 Aug 2013 13:34:34 -0400
Cc: Dave Chinner <david@xxxxxxxxxxxxx>, <xfs@xxxxxxxxxxx>
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <5212277D.2070307@xxxxxxx>
Organization: Oracle Corporation
References: <20130625153443.08142635@xxxxxxxxxx> <20130626010931.GA29376@dastard> <20130627120340.20e494ad@xxxxxxxxxx> <5212277D.2070307@xxxxxxx>
On Mon, 19 Aug 2013 09:11:09 -0500
Rich Johnston <rjohnston@xxxxxxx> wrote:

> 
> 
> On 06/27/2013 11:03 AM, Dwight Engen wrote:
> > Signed-off-by: Dwight Engen <dwight.engen@xxxxxxxxxx>
> 
> > +#! /bin/bash
> > +# FS QA Test No. 314
> > +#
> > +# Check get/set ACLs to/from disk with a user namespace. A new file
> > +# will be created and ACLs set on it from both inside a userns and
> > +# from init_user_ns. We check that the ACL is is correct from both
> > +# inside the userns and also from init_user_ns. We will then
> > unmount +# and remount the file system and check the ACL from both
> > inside the +# userns and from init_user_ns to show that the correct
> > uid/gid in +# the ACL was flushed and brought back from disk.
> > +#
> ...
> > +
> > +_print_getfacls()
> > +{
> > +    echo "From init_user_ns"
> > +    getfacl -n $file 2>/dev/null | _getfacl_filter_id | sed -e
> > "s!$SCRATCH_MNT!\$SCRATCH_MNT!"
> 
> I think you need to loose the last sed command and use the getfacl
> flag --absolute-names and pipe it to _filter_scratch like this:
> 
> getfacl --absolute-names -n $file 2>/dev/null | _filter_scratch | 
> _getfacl_filter_id

Yep good catch, the scratch mount point was making it into the .out file.

> > +
> > +    echo "From user_ns"
> > +    $nsexec -U -M "0 $acl1 1000" -G "0 $acl2 1000" getfacl -n
> > $file  2>/dev/null | _getfacl_filter_id | sed -e
> > "s!$SCRATCH_MNT!\$SCRATCH_MNT!"
> Same as above.
> ...
> Also need to update 314.out
> 
> I tested with these changes as test 316 but not sure if the new
> output is correct.

Yes it looks correct with these changes, updated patch to follow.

> --Rich

<Prev in Thread] Current Thread [Next in Thread>