hardcoresushi/libgocryptfs
1
0
Fork 0
Code Issues Pull Requests Releases Activity

tests: test xattr acls

Browse Source 
Fixes https://github.com/rfjakob/gocryptfs/issues/453
This commit is contained in:
Jakob Unterwurzacher 2020-02-29 20:38:48 +01:00
parent ca9e912a28
commit fdfaa849f8
2 changed files with 29 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
README.md
View File

@ -191,6 +191,7 @@ vNEXT, in progress
* Fix [#367](https://github.com/rfjakob/gocryptfs/issues/431) * Fix [#367](https://github.com/rfjakob/gocryptfs/issues/431)
* Fix [#435](https://github.com/rfjakob/gocryptfs/issues/435) * Fix [#435](https://github.com/rfjakob/gocryptfs/issues/435)
* Fix [#440](https://github.com/rfjakob/gocryptfs/pull/440) * Fix [#440](https://github.com/rfjakob/gocryptfs/pull/440)
* Enable ACL support ([#453](https://github.com/rfjakob/gocryptfs/issues/453))
v1.7.1, 2019-10-06 v1.7.1, 2019-10-06
* Support wild cards in reverse mode via `--exclude-wildcard` * Support wild cards in reverse mode via `--exclude-wildcard`

34
tests/xattr/xattr_integration_test.go
View File

@ -44,6 +44,10 @@ func TestMain(m *testing.M) {
} }
func setGetRmList(fn string) error { func setGetRmList(fn string) error {
return setGetRmList3(fn, "user.foo", []byte("123456789"))
}
func setGetRmList3(fn string, attr string, val []byte) error {
// List // List
list, err := xattr.LList(fn) list, err := xattr.LList(fn)
if err != nil { if err != nil {
@ -52,10 +56,7 @@ func setGetRmList(fn string) error {
if len(list) > 0 { if len(list) > 0 {
return fmt.Errorf("Should have gotten empty result, got %v", list) return fmt.Errorf("Should have gotten empty result, got %v", list)
} }
attr := "user.foo" err = xattr.LSet(fn, attr, val)
// Set
val1 := []byte("123456789")
err = xattr.LSet(fn, attr, val1)
if err != nil { if err != nil {
return err return err
} }
@ -64,8 +65,8 @@ func setGetRmList(fn string) error {
if err != nil { if err != nil {
return err return err
} }
if !bytes.Equal(val1, val2) { if !bytes.Equal(val, val2) {
return fmt.Errorf("wrong readback value: %v != %v", val1, val2) return fmt.Errorf("wrong readback value: %v != %v", val, val2)
} }
// Remove // Remove
err = xattr.LRemove(fn, attr) err = xattr.LRemove(fn, attr)
@ -338,3 +339,24 @@ func TestSet0200Dir(t *testing.T) {
t.Error(err) t.Error(err)
} }
} }
func TestAcl(t *testing.T) {
fn := test_helpers.DefaultPlainDir + "/TestAcl"
err := ioutil.WriteFile(fn, nil, 0600)
if err != nil {
t.Fatalf("creating empty file failed: %v", err)
}
// ACLs are blobs generated in userspace, let's steal a valid ACL from
// setfacl using strace:
//
// $ strace -e setxattr setfacl -m u:root:r file
// setxattr("file", "system.posix_acl_access", "\2\0\0\0\1\0\6\0\377\377\377\377\2\0\4\0\0\0\0\0\4\0\4\0\377\377\377\377\20\0\4", 44, 0) = 0
//
// The ACL gives user root additional read rights, in other words, it should
// have no effect at all.
acl := "\002\000\000\000\001\000\006\000\377\377\377\377\002\000\004\000\000\000\000\000\004\000\004\000\377\377\377\377\020\000\004"
err = setGetRmList3(fn, "system.posix_acl_access", []byte(acl))
if err != nil {
t.Error(err)
}
}