diff options
author | Peter Seebach <peter.seebach@windriver.com> | 2016-05-18 16:30:47 -0500 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2016-05-20 10:20:22 +0100 |
commit | 0f1054e7db74bb4a196e00773915d7997b55bdf2 (patch) | |
tree | 7108d96cd2afa1661d5217b590c9e1c6fa186b01 /meta/recipes-support/attr/acl/run-ptest | |
parent | 7e96806d1282865761fcc047abcb72970279d82d (diff) | |
download | openembedded-core-0f1054e7db74bb4a196e00773915d7997b55bdf2.tar.gz openembedded-core-0f1054e7db74bb4a196e00773915d7997b55bdf2.tar.bz2 openembedded-core-0f1054e7db74bb4a196e00773915d7997b55bdf2.zip |
acl.inc, run-ptest: improve ptest functionality on limited rootfs
ACL's ptest has a handful of failure modes which can be triggered by
a restrictive or small system. First, the ptest requires that daemon
be in the bin group, which run-ptest attempts to do using gpasswd,
but gpasswd is part of shadow, and oe-core removes shadow when it
doesn't think shadow will be needed. Even if, say, a package has
RDEPENDS on it. Whoops. So we manually sed the group file. This
will probably work.
Second, the filesystem used for the test has to support ACLs,
so we create a dummy ext3 filesystem and use that.
Third, the root/permissions test relies on the assumption that
"mkdir d" produces a directory which non-root users can access,
but in a secure product which defaults to umask 077, this doesn't
work. (That fix has been separately reported to upstream acl
through their bug report form.)
(This may prevent the test from running without mkfs.ext3, but it
allows the test to run on targets where root doesn't have ACL
support. Tradeoffs, tradeoffs everywhere.)
Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Diffstat (limited to 'meta/recipes-support/attr/acl/run-ptest')
-rw-r--r-- | meta/recipes-support/attr/acl/run-ptest | 67 |
1 files changed, 62 insertions, 5 deletions
diff --git a/meta/recipes-support/attr/acl/run-ptest b/meta/recipes-support/attr/acl/run-ptest index 3b31cc99af..a56946d8e6 100644 --- a/meta/recipes-support/attr/acl/run-ptest +++ b/meta/recipes-support/attr/acl/run-ptest @@ -1,7 +1,64 @@ #!/bin/sh +# +#This script is used to run acl test suites -gpasswd -a daemon bin -make -C test -k tests root-tests |sed \ - -e 's|^\[.*\] \(.*\) -- ok$|PASS: \1|' \ - -e 's|^\[.*\] \(.*\) -- failed|FAIL: \1|' -gpasswd -d daemon bin +#umask 077 + +EXT3_IMAGE=ext3.img +EXT3_MOUNT_POINT=/mnt/ext3 + +trap 'rm -f ${EXT3_IMAGE}' EXIT + +dd if=/dev/zero of=${EXT3_IMAGE} bs=1M count=1 +if [ "$?" -eq 0 ]; then + echo "PASS: dump ext3.img" +else + echo "FAIL: dump ext3.img" + exit 1 +fi + +mkfs.ext3 -F ${EXT3_IMAGE} +if [ "$?" -eq 0 ]; then + echo "PASS: mkfs.ext3 -F ext3.img" +else + echo "FAIL: mkfs.ext3 -F ext3.img" + exit 1 +fi + +if [ -d $EXT3_MOUNT_POINT ]; then + echo "mount point exist" +else + mkdir -p $EXT3_MOUNT_POINT +fi + + +mount -o loop,rw,acl ${EXT3_IMAGE} $EXT3_MOUNT_POINT +if [ "$?" -eq 0 ]; then + echo "PASS: mount ext3.img" +else + echo "FAIL: mount ext3.img" + exit 1 +fi + +cp -rf ./test/ $EXT3_MOUNT_POINT + +cd $EXT3_MOUNT_POINT/test/ + +if sed -e 's!^bin:x:2:$!bin:x:2:daemon!' < /etc/group > gtmp +then if cp /etc/group group.orig; + then cp gtmp /etc/group + make -k tests root-tests | sed \ + -e 's|^\[.*\] \(.*\) -- ok$|PASS: \1|' \ + -e 's|^\[.*\] \(.*\) -- failed|FAIL: \1|' + cp group.orig /etc/group + else echo "FAIL: couldn't save original group file." + exit 1 + fi +else echo "FAIL: couldn't create modified group file." + exit 1 +fi + +cd - +umount $EXT3_MOUNT_POINT +rm -rf $EXT3_MOUNT_POINT +rm $EXT3_IMAGE |