| Summary: | [beah] supplementary group access list is empty | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Retired] Beaker | Reporter: | Jan Stancek <jstancek> | ||||
| Component: | beah | Assignee: | Marian Csontos <mcsontos> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |||||
| Severity: | unspecified | Docs Contact: | |||||
| Priority: | unspecified | ||||||
| Version: | 0.6 | CC: | bpeck, czhang, dcallagh, jburke, mcsontos, rmancy, stl | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2011-06-02 09:46:57 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Attachments: |
|
||||||
Created attachment 499778 [details]
experimental patch for beah which will initialise supp. groups if they are empty
Attached patch needs review, as I'm not sure I put it in all places where it needs to be - scripts which then execute actual tests.
Thanks. Patch looks fine, submitted to gerrit. Will build and deploy on stage soon. |
Description of problem: There is difference in environment when tests are started from shell and in beah. Normally what login does is to call initgroups(2) to initialise supplementary groups. Beah is not doing this, which make some tests failing, because kernel checks for it in several places. One such test is ltp 20110228, namely 'chown03' tests. I dissected the offending test and made the reproducer below. If you run it from shell (as root) you get: setegid(99) PASS seteuid(99) PASS mkdir(mydir, 0700) PASS chown(mydir, -1, 0) PASS If you run it from beah you get: setegid(99) PASS seteuid(99) PASS mkdir(mydir, 0700) PASS chown(mydir, -1, 0) FAILED with -1: chown(mydir, -1, 0): Operation not permitted Things start to go different ways at fs/attr.c:inode_change_ok(), where after uid list of supplementary groups is checked. Reproducer: --- cut --- #include <errno.h> #include <sys/types.h> int ret; #define TEST(func) ret=func; \ if (ret != 0) \ { \ perror(#func); \ printf("%s FAILED with %d:\n", #func, ret); \ } \ else \ { \ printf("%s PASS\n", #func); \ } int main() { char mydir[] = "/tmp/testgroups"; if (geteuid() != 0) { printf("I need root.\n"); return 1; } rmdir(mydir); TEST(setegid(99)); TEST(seteuid(99)); TEST(mkdir(mydir, 0700)); TEST(chown(mydir, -1, 0)); return ret; } --- cut --- Actual results: The reproducer running through beah will fail. Expected results: The reproducer should work in beah as it does when run from shell. Additional info: chown03 test in LTP was changed in the meantime to avoid hitting this problem, use reproducer above.