set -e
ONLY=${ONLY:-"$*"}
-# bug number for skipped test:
-ALWAYS_EXCEPT=${ALWAYS_EXCEPT:-"$SANITY_SELINUX_EXCEPT"}
-# UPDATE THE COMMENT ABOVE WITH BUG NUMBERS WHEN CHANGING ALWAYS_EXCEPT!
-
-SRCDIR=$(dirname $0)
-SAVE_PWD=$PWD
LUSTRE=${LUSTRE:-$(dirname $0)/..}
. $LUSTRE/tests/test-framework.sh
-init_test_env $@
-. ${CONFIG:=$LUSTRE/tests/cfg/$NAME.sh}
+init_test_env "$@"
init_logging
-require_dsh_mds || exit 0
+ALWAYS_EXCEPT="$SANITY_SELINUX_EXCEPT"
[ "$SLOW" = "no" ] && EXCEPT_SLOW="xxx"
+build_test_filter
+
+require_dsh_mds || exit 0
+
RUNAS_CMD=${RUNAS_CMD:-runas}
# $RUNAS_ID may get set incorrectly somewhere else
[ $UID -eq 0 -a $RUNAS_ID -eq 0 ] &&
check_runas_id $RUNAS_ID $RUNAS_ID $RUNAS
-build_test_filter
-
umask 077
check_selinux_xattr() {
local mds=$1
local mds_path=$2
- local mds_dev=$(facet_device $mds)
local mntpt="/tmp/mdt_"
- local opts
- do_facet $mds mkdir -p $mntpt || error "mkdir $mntpt failed"
+ do_facet $mds mkdir -p $mntpt || error "mkdir $mntpt failed"
mount_fstype $mds $mntpt || error "mount $mds failed"
local xattrval=$(do_facet $mds getfattr -n security.selinux \
}
test_1() {
- local devname=$(mdsdevname 1)
local filename=${DIR}/${tdir}/df1
local mds_path=${filename#$MOUNT}
run_test 1 "create file and check security.selinux xattr is set on MDT"
test_2a() {
- local devname=$(mdsdevname 1)
local dirname=${DIR}/${tdir}/dir2a
local mds_path=${dirname#$MOUNT}
mds_path=${mds_path#/}
- $LFS setdirstripe -i0 -c1 ${DIR}/$tdir || error "create dir failed"
+ mkdir_on_mdt0 ${DIR}/$tdir || error "create dir failed"
mkdir $dirname || error "cannot mkdir $dirname"
local xattrval=$(check_selinux_xattr "mds1" $mds_path)
run_test 2a "create dir (mkdir) and check security.selinux xattr is set on MDT"
test_2b() {
- local devname=$(mdsdevname 1)
local dirname1=${DIR}/$tdir/dir2b1
local dirname2=${DIR}/$tdir/dir2b2
local mds_path=${dirname1#$MOUNT}
check_nodemap $nm trusted_nodemap 1
sleep 10
+ l_getsepol || error "cannot get sepol"
sepol=$(l_getsepol | cut -d':' -f2- | xargs)
+ [ -n "$sepol" ] || error "sepol is empty"
do_facet mgs $LCTL set_param -P nodemap.$nm.sepol="$sepol"
check_nodemap $nm sepol $sepol
export SK_UNIQUE_NM=true
# load specific key on servers
- do_nodes $(comma_list $(all_server_nodes)) "lgss_sk -t server \
+ do_nodes $(comma_list $(all_server_nodes)) "$LGSS_SK -t server \
-l $SK_PATH/nodemap/c0.key"
# set perms for per-nodemap keys else permission denied
[ "$MDS1_VERSION" -lt $(version_code 2.11.56) ] &&
skip "Need MDS >= 2.11.56"
+ stack_trap "restore_opencache" EXIT
+ disable_opencache
+
local sepol
- mkdir -p $DIR/$tdir || error "failed to create $DIR/$tdir"
+ mkdir_on_mdt0 $DIR/$tdir || error "failed to create $DIR/$tdir"
echo test > $DIR/$tdir/toopen ||
error "failed to write to $DIR/$tdir/toopen"
touch $DIR/$tdir/ftoremove ||
export SK_UNIQUE_NM=true
# load specific key on servers
- do_nodes $(comma_list $(all_server_nodes)) "lgss_sk -t server \
+ do_nodes $(comma_list $(all_server_nodes)) "$LGSS_SK -t server \
-l $SK_PATH/nodemap/c0.key"
# set perms for per-nodemap keys else permission denied
ln $DIR/$tdir/toopen $DIR/$tdir/toopen_hl3 && error "hardlink (3)"
# reset correct sepol
+ l_getsepol || error "cannot get sepol"
sepol=$(l_getsepol | cut -d':' -f2- | xargs)
+ [ -n "$sepol" ] || error "sepol is empty"
do_facet mgs $LCTL set_param -P nodemap.c0.sepol="$sepol"
check_nodemap c0 sepol $sepol
}
run_test 21b "Send sepol for metadata ops"
-complete $SECONDS
+complete_test $SECONDS
check_and_cleanup_lustre
exit_status