| ##/bin/bash |
| # SPDX-License-Identifier: GPL-2.0+ |
| # Copyright (c) 2000-2004 Silicon Graphics, Inc. All Rights Reserved. |
| # |
| # common extended attribute and ACL support |
| |
| # filesystems that want to test maximum supported acl counts need to |
| # add support in here |
| _acl_get_max() |
| { |
| case $FSTYP in |
| xfs) |
| # CRC format filesystems have much larger ACL counts. The actual |
| # number is into the thousands, but testing that meany takes too |
| # long, so just test well past the old limit of 25. |
| $XFS_INFO_PROG $TEST_DIR | _filter_mkfs > /dev/null 2> $tmp.info |
| . $tmp.info |
| rm $tmp.info |
| if [ $_fs_has_crcs -eq 0 ]; then |
| echo 25 |
| else |
| echo 5461 |
| fi |
| ;; |
| jfs) |
| echo 8191 |
| ;; |
| f2fs) |
| # If noinline_xattr is enabled, max xattr size should be: |
| # (4096 - 24) - (24 + 4) = 4044 |
| # then ACL_MAX_ENTRIES should be: |
| # (4044 - (4 + 4 * 4)) / 8 + 4 = 507 |
| _fs_options $TEST_DEV | grep "noinline_xattr" >/dev/null 2>&1 |
| if [ $? -eq 0 ]; then |
| echo 507 |
| else |
| # If inline_xattr is enabled, max xattr size should be: |
| # (4096 - 24 + 200) - (24 + 4) = 4244 |
| # then ACL_MAX_ENTRIES should be: |
| # (4244 - (4 + 4 * 4)) / 8 + 4 = 532 |
| _fs_options $TEST_DEV | grep "inline_xattr" >/dev/null 2>&1 |
| if [ $? -eq 0 ]; then |
| echo 532 |
| else |
| echo 507 |
| fi |
| fi |
| ;; |
| bcachefs) |
| echo 251 |
| ;; |
| *) |
| echo 0 |
| ;; |
| esac |
| } |
| |
| _require_acl_get_max() |
| { |
| if [ $(_acl_get_max) -eq 0 ]; then |
| _notrun "$FSTYP does not define maximum ACL count" |
| fi |
| } |
| |
| # pick three unused user/group ids, store them as $acl[1-3] |
| # |
| _acl_setup_ids() |
| { |
| eval `(_cat_passwd; _cat_group) | awk -F: ' |
| { ids[$3]=1 } |
| END { |
| j=1 |
| for(i=1; i<1000000 && j<=3;i++){ |
| if (! (i in ids)) { |
| printf "acl%d=%d;", j, i; |
| j++ |
| } |
| } |
| }'` |
| } |
| |
| # filter for the acl ids selected above |
| # |
| _acl_filter_id() |
| { |
| sed \ |
| -e "s/u:$acl1/u:id1/" \ |
| -e "s/u:$acl2/u:id2/" \ |
| -e "s/u:$acl3/u:id3/" \ |
| -e "s/g:$acl1/g:id1/" \ |
| -e "s/g:$acl2/g:id2/" \ |
| -e "s/g:$acl3/g:id3/" \ |
| -e "s/ $acl1 / id1 /" \ |
| -e "s/ $acl2 / id2 /" \ |
| -e "s/ $acl3 / id3 /" |
| } |
| |
| _getfacl_filter_id() |
| { |
| sed \ |
| -e "s/user:$acl1/user:id1/" \ |
| -e "s/user:$acl2/user:id2/" \ |
| -e "s/user:$acl3/user:id3/" \ |
| -e "s/group:$acl1/group:id1/" \ |
| -e "s/group:$acl2/group:id2/" \ |
| -e "s/group:$acl3/group:id3/" \ |
| -e "s/: $acl1/: id1/" \ |
| -e "s/: $acl2/: id2/" \ |
| -e "s/: $acl3/: id3/" |
| } |
| |
| # filtered ls |
| # |
| _acl_ls() |
| { |
| _ls_l -n $* | awk '{ print $1, $3, $4, $NF }' | _acl_filter_id |
| } |
| |
| # create an ACL with n ACEs in it |
| # |
| _create_n_aces() |
| { |
| let n=$1-4 |
| acl='u::rwx,g::rwx,o::rwx,m::rwx' # 4 ace acl start |
| while [ $n -ne 0 ]; do |
| acl="$acl,u:$n:rwx" |
| let n=$n-1 |
| done |
| echo $acl |
| } |
| |
| # filter user ace names to user ids |
| # |
| _filter_aces() |
| { |
| tmp_file=`mktemp /tmp/ace.XXXXXX` |
| |
| (_cat_passwd; _cat_group) > $tmp_file |
| |
| $AWK_PROG -v tmpfile=$tmp_file ' |
| BEGIN { |
| FS=":" |
| while ( getline <tmpfile > 0 ) { |
| idlist[$1] = $3 |
| } |
| } |
| /^user/ { if ($2 in idlist) sub($2, idlist[$2]); print; next} |
| /^u/ { if ($2 in idlist) sub($2, idlist[$2]); print; next} |
| /^default:user/ { if ($3 in idlist) sub($3, idlist[$3]); print; next} |
| {print} |
| ' |
| rm -f $tmp_file |
| } |
| |
| _filter_aces_notypes() |
| { |
| tr '\[' '\012' | tr ']' '\012' | tr ',' '\012' | _filter_aces|\ |
| sed -e 's/u:/user:/' -e 's/g:/group:/' -e 's/o:/other:/' -e 's/m:/mask:/' |
| } |
| |
| _require_acls() |
| { |
| [ -n "$CHACL_PROG" ] || _notrun "chacl command not found" |
| |
| # |
| # Test if chacl is able to list ACLs on the target filesystems. On really |
| # old kernels the system calls might not be implemented at all, but the |
| # more common case is that the tested filesystem simply doesn't support |
| # ACLs. |
| # |
| touch $TEST_DIR/syscalltest |
| chacl -l $TEST_DIR/syscalltest > $TEST_DIR/syscalltest.out 2>&1 |
| cat $TEST_DIR/syscalltest.out >> $seqres.full |
| |
| if grep -q 'Function not implemented' $TEST_DIR/syscalltest.out; then |
| _notrun "kernel does not support ACLs" |
| fi |
| if grep -q 'Operation not supported' $TEST_DIR/syscalltest.out; then |
| _notrun "ACLs not supported by this filesystem type: $FSTYP" |
| fi |
| |
| rm -f $TEST_DIR/syscalltest.out |
| } |
| |
| _list_acl() |
| { |
| file=$1 |
| |
| ls -dD $file | _acl_filter_id |
| } |
| |
| _require_attrs() |
| { |
| local args |
| local nsp |
| |
| if [ $# -eq 0 ]; then |
| args="user" |
| else |
| args="$*" |
| fi |
| |
| [ -n "$ATTR_PROG" ] || _notrun "attr command not found" |
| [ -n "$GETFATTR_PROG" ] || _notrun "getfattr command not found" |
| [ -n "$SETFATTR_PROG" ] || _notrun "setfattr command not found" |
| |
| for nsp in $args; do |
| # |
| # Test if chacl is able to write an attribute on the target |
| # filesystems. On really old kernels the system calls might |
| # not be implemented at all, but the more common case is that |
| # the tested filesystem simply doesn't support attributes. |
| # Note that we can't simply list attributes as various security |
| # modules generate synthetic attributes not actually stored on |
| # disk. |
| # |
| touch $TEST_DIR/syscalltest |
| $SETFATTR_PROG -n "$nsp.xfstests" -v "attr" $TEST_DIR/syscalltest > $TEST_DIR/syscalltest.out 2>&1 |
| cat $TEST_DIR/syscalltest.out >> $seqres.full |
| |
| if grep -q 'Function not implemented' $TEST_DIR/syscalltest.out; then |
| _notrun "kernel does not support attrs" |
| fi |
| if grep -q 'Operation not supported' $TEST_DIR/syscalltest.out; then |
| _notrun "attr namespace $nsp not supported by this filesystem type: $FSTYP" |
| fi |
| |
| rm -f $TEST_DIR/syscalltest.out |
| done |
| } |
| |
| _require_attr_v1() |
| { |
| _scratch_mkfs_xfs_supported -i attr=1 >/dev/null 2>&1 \ |
| || _notrun "attr v1 not supported on $SCRATCH_DEV" |
| } |
| |
| # check if we support the noattr2 mount option |
| _require_noattr2() |
| { |
| _scratch_mkfs_xfs > /dev/null 2>&1 \ |
| || _fail "_scratch_mkfs_xfs failed on $SCRATCH_DEV" |
| _try_scratch_mount -o noattr2 > /dev/null 2>&1 \ |
| || _notrun "noattr2 mount option not supported on $SCRATCH_DEV" |
| _scratch_unmount |
| } |
| |
| # getfattr -R returns info in readdir order which varies from fs to fs. |
| # This sorts the output by filename |
| _sort_getfattr_output() |
| { |
| awk '{a[FNR]=$0}END{n = asort(a); for(i=1; i <= n; i++) print a[i]"\n"}' RS='' |
| } |
| |
| # Previously, when getfattr dumps values of all extended attributes, it prints |
| # empty attr as 'user.name', but new getfattr (since attr-2.4.48) prints it as |
| # 'user.name=""'. Filter out the ending '=""' so that both old and new getfattr |
| # pints the same output. |
| # |
| # Note: This function returns the getfattr command result. |
| _getfattr() |
| { |
| $GETFATTR_PROG "$@" | sed -e 's/=\"\"//' |
| return ${PIPESTATUS[0]} |
| } |
| |
| # make sure this script returns success |
| /bin/true |