summary |
shortlog |
log |
commit | commitdiff |
tree
raw |
patch |
inline | side by side (from parent 1:
dedd370)
With SElinux enforced on client, sanity.sh test_103a fails because
the "ls -l" command produces an extra '.' at the end to indicate
extra security attributes are set.
So update filter by removing this trailing '.' in the output.
Test-Parameters: trivial testlist=sanity envdefinitions=ONLY=103a
Test-Parameters: clientselinux testlist=sanity envdefinitions=ONLY=103a
Signed-off-by: Sebastien Buisson <sbuisson@ddn.com>
Change-Id: Ie684a3fe02f0f2821c8059855165a0f9dd585b72
Reviewed-on: https://review.whamcloud.com/34818
Tested-by: Jenkins
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: James Simmons <uja.ornl@yahoo.com>
Reviewed-by: James Nunez <jnunez@whamcloud.com>
Reviewed-by: Mike Pershin <mpershin@whamcloud.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
LU-974 ignore umask when default acl with mask is set
LU-974 ignore umask when default acl with mask is set
+# Need to remove trailing '.' when SELinux is enabled
$ umask 022
$ lfs mkdir -i 1 974
$ touch 974/f1
$ umask 022
$ lfs mkdir -i 1 974
$ touch 974/f1
- $ ls -dl 974/f1 | awk '{ print $1 }'
+ $ ls -dl 974/f1 | awk '{ sub(/\\.$/, "", $1); print $1 }'
> -rw-r--r--
$ setfacl -R -d -m mask:007 974
$ touch 974/f2
> -rw-r--r--
$ setfacl -R -d -m mask:007 974
$ touch 974/f2
- $ ls -dl 974/f2 | awk '{ print $1 }'
+ $ ls -dl 974/f2 | awk '{ sub(/\\.$/, "", $1); print $1 }'
> -rw-rw-r--+
$ umask 077
$ touch f3
> -rw-rw-r--+
$ umask 077
$ touch f3
- $ ls -dl f3 | awk '{ print $1 }'
+ $ ls -dl f3 | awk '{ sub(/\\.$/, "", $1); print $1 }'
> -rw-------
$ rm -rf 974
> -rw-------
$ rm -rf 974
First, set up a temporary directory and create a regular file with
defined permissions.
First, set up a temporary directory and create a regular file with
defined permissions.
+# Need to remove trailing '.' when SELinux is enabled
$ mkdir d
$ cd d
$ umask 027
$ touch f
$ chown nobody:nobody f
$ mkdir d
$ cd d
$ umask 027
$ touch f
$ chown nobody:nobody f
- $ ls -l f | awk -- '{ print $1, $3, $4 }'
+ $ ls -l f | awk -- '{ sub(/\\.$/, "", $1); print $1, $3, $4 }'
> -rw-r----- nobody nobody
$ su nobody
$ echo nobody > f
> -rw-r----- nobody nobody
$ su nobody
$ echo nobody > f
Test if symlinks are properly followed.
Test if symlinks are properly followed.
+# Need to remove trailing '.' when SELinux is enabled
- $ ls -l l | awk -- '{ print $1, $3, $4 }'
+ $ ls -l l | awk -- '{ sub(/\\.$/, "", $1); print $1, $3, $4 }'
> lrwxrwxrwx root root
$ su bin
$ getfattr -d l
> lrwxrwxrwx root root
$ su bin
$ getfattr -d l
Test the sticky directories. Only the owner and privileged user can
write attributes.
Test the sticky directories. Only the owner and privileged user can
write attributes.
+# Need to remove trailing '.' when SELinux is enabled
$ su
$ mkdir t
$ chown nobody:nobody t
$ chmod 1750 t
$ su
$ mkdir t
$ chown nobody:nobody t
$ chmod 1750 t
- $ ls -dl t | awk -- '{ print $1, $3, $4 }'
+ $ ls -dl t | awk -- '{ sub(/\\.$/, "", $1); print $1, $3, $4 }'
> drwxr-x--T nobody nobody
$ su nobody
$ setfacl -m g:bin:rwx t
> drwxr-x--T nobody nobody
$ su nobody
$ setfacl -m g:bin:rwx t
Verify that the additional ACL entry grants user bin permission
to set extended attributes in user.* namespace for directories.
Verify that the additional ACL entry grants user bin permission
to set extended attributes in user.* namespace for directories.
+# Need to remove trailing '.' when SELinux is enabled
$ su
$ mkdir d
$ chown nobody:nobody d
$ chmod 750 d
$ su
$ mkdir d
$ chown nobody:nobody d
$ chmod 750 d
- $ ls -dl d | awk -- '{ print $1, $3, $4 }'
+ $ ls -dl d | awk -- '{ sub(/\\.$/, "", $1); print $1, $3, $4 }'
> drwxr-x--- nobody nobody
$ su nobody
$ setfacl -m g:bin:rwx d
> drwxr-x--- nobody nobody
$ su nobody
$ setfacl -m g:bin:rwx d