1#!/bin/ksh -p
2#
3# CDDL HEADER START
4#
5# The contents of this file are subject to the terms of the
6# Common Development and Distribution License (the "License").
7# You may not use this file except in compliance with the License.
8#
9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10# or https://opensource.org/licenses/CDDL-1.0.
11# See the License for the specific language governing permissions
12# and limitations under the License.
13#
14# When distributing Covered Code, include this CDDL HEADER in each
15# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16# If applicable, add the following below this CDDL HEADER, with the
17# fields enclosed by brackets "[]" replaced with your own identifying
18# information: Portions Copyright [yyyy] [name of copyright owner]
19#
20# CDDL HEADER END
21#
22
23. $STF_SUITE/tests/functional/idmap_mount/idmap_mount_common.kshlib
24
25#
26#
27# DESCRIPTION:
28#       Test setgid bit is set properly on the idmapped mount
29#       in a user namespace.
30#
31# STRATEGY:
32#       1. Create folder "idmap_test", set gid bit on it
33#       2. Idmap the folder to "idmap_dest"
34#       3. Create file and folder in the idmapped folder in the user
35#          namespace having the same idmap info
36#       4. Verify the gid bit of the file and folder is set
37#
38
39verify_runnable "global"
40
41export WORKDIR=$TESTDIR/idmap_test
42export IDMAPDIR=$TESTDIR/idmap_dest
43
44function cleanup
45{
46	kill -TERM ${unshared_pid}
47	log_must rm -rf $IDMAPDIR/*
48	if mountpoint $IDMAPDIR; then
49		log_must umount $IDMAPDIR
50	fi
51	log_must rm -rf $IDMAPDIR $WORKDIR
52}
53
54log_onexit cleanup
55
56if ! idmap_util -c $TESTDIR; then
57	log_unsupported "Idmap mount not supported."
58fi
59
60log_must mkdir -p $WORKDIR
61log_must mkdir -p $IDMAPDIR
62
63log_must chown $UID1:$GID1 $WORKDIR
64# set gid bit
65log_must chmod 2755 $WORKDIR
66log_must idmap_util -m "u:${UID1}:${UID2}:1" -m "g:${GID1}:${GID2}:1" $WORKDIR $IDMAPDIR
67log_must test -g $IDMAPDIR
68
69# Create a user namespace with the same idmapping
70unshare -Urm echo test
71if [ "$?" -ne "0" ]; then
72	log_unsupported "Failed to create user namespace"
73fi
74unshare -Um /usr/bin/sleep 2h &
75unshared_pid=$!
76if [ "$?" -ne "0" ]; then
77	log_unsupported "Failed to create user namespace"
78fi
79# wait for userns to be ready
80sleep 1
81echo "${UID1} ${UID2} 1" > /proc/$unshared_pid/uid_map
82if [ "$?" -ne "0" ]; then
83	log_unsupported "Failed to write to uid_map"
84fi
85echo "${GID1} ${GID2} 1" > /proc/$unshared_pid/gid_map
86if [ "$?" -ne "0" ]; then
87	log_unsupported "Failed to write to gid_map"
88fi
89
90NSENTER="nsenter -t $unshared_pid --all -S ${UID1} -G ${GID1}"
91
92# gid bit can be set on the file
93log_must $NSENTER touch $IDMAPDIR/file1
94log_must $NSENTER chmod 2654 $IDMAPDIR/file1
95log_must test -g $WORKDIR/file1
96log_must test -g $IDMAPDIR/file1
97log_must test "$UID1 $GID1" = "$($NSENTER stat -c '%u %g' $IDMAPDIR/file1)"
98
99# gid bit is carried over to new folder
100log_must $NSENTER mkdir $IDMAPDIR/subdir
101log_must test -g $WORKDIR/subdir
102log_must test -g $IDMAPDIR/subdir
103log_must test "$UID1 $GID1" = "$($NSENTER stat -c '%u %g' $IDMAPDIR/subdir)"
104
105log_pass "Verification of setting gid bit in userns is successful."
106
107