* [PATCH] linux: return UNSUPPORTED in tst-mount if support_become_root fails
@ 2022-07-14 3:23 Michael Hudson-Doyle
2022-07-14 11:24 ` Adhemerval Zanella Netto
` (2 more replies)
0 siblings, 3 replies; 19+ messages in thread
From: Michael Hudson-Doyle @ 2022-07-14 3:23 UTC (permalink / raw)
To: libc-alpha
Otherwise the test fails if run in a chroot by a non-root user:
warning: could not become root outside namespace (Operation not permitted)
../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
left: 1 (0x1); from: errno
right: 19 (0x13); from: ENODEV
error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
left: 1 (0x1); from: errno
right: 9 (0x9); from: EBADF
error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
left: 1 (0x1); from: errno
right: 2 (0x2); from: ENOENT
error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
left: 1 (0x1); from: errno
right: 2 (0x2); from: ENOENT
error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
left: 1 (0x1); from: errno
right: 38 (0x26); from: ENOSYS
error: 12 test failures
---
sysdeps/unix/sysv/linux/tst-mount.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sysdeps/unix/sysv/linux/tst-mount.c b/sysdeps/unix/sysv/linux/tst-mount.c
index 502d7e3433..bd75c9e704 100644
--- a/sysdeps/unix/sysv/linux/tst-mount.c
+++ b/sysdeps/unix/sysv/linux/tst-mount.c
@@ -103,7 +103,8 @@ subprocess (void)
static int
do_test (void)
{
- support_become_root ();
+ if (!support_become_root ())
+ FAIL_UNSUPPORTED("could not become root");
pid_t pid = xfork ();
if (pid == 0)
--
2.34.1
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH] linux: return UNSUPPORTED in tst-mount if support_become_root fails
2022-07-14 3:23 [PATCH] linux: return UNSUPPORTED in tst-mount if support_become_root fails Michael Hudson-Doyle
@ 2022-07-14 11:24 ` Adhemerval Zanella Netto
2022-07-14 19:03 ` Carlos O'Donell
2022-07-14 19:18 ` DJ Delorie
2022-07-15 0:06 ` [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot Michael Hudson-Doyle
2 siblings, 1 reply; 19+ messages in thread
From: Adhemerval Zanella Netto @ 2022-07-14 11:24 UTC (permalink / raw)
To: Michael Hudson-Doyle, libc-alpha
On 14/07/22 00:23, Michael Hudson-Doyle via Libc-alpha wrote:
> Otherwise the test fails if run in a chroot by a non-root user:
>
> warning: could not become root outside namespace (Operation not permitted)
> ../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 19 (0x13); from: ENODEV
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 9 (0x9); from: EBADF
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 2 (0x2); from: ENOENT
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 2 (0x2); from: ENOENT
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 38 (0x26); from: ENOSYS
> error: 12 test failures
> ---
> sysdeps/unix/sysv/linux/tst-mount.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/sysdeps/unix/sysv/linux/tst-mount.c b/sysdeps/unix/sysv/linux/tst-mount.c
> index 502d7e3433..bd75c9e704 100644
> --- a/sysdeps/unix/sysv/linux/tst-mount.c
> +++ b/sysdeps/unix/sysv/linux/tst-mount.c
> @@ -103,7 +103,8 @@ subprocess (void)
> static int
> do_test (void)
> {
> - support_become_root ();
> + if (!support_become_root ())
> + FAIL_UNSUPPORTED("could not become root");
>
I think the usual way is to check if process can chroot:
support_become_root ();
if (!support_can_chroot ())
return EXIT_UNSUPPORTED;
As done by other tests.
> pid_t pid = xfork ();
> if (pid == 0)
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH] linux: return UNSUPPORTED in tst-mount if support_become_root fails
2022-07-14 11:24 ` Adhemerval Zanella Netto
@ 2022-07-14 19:03 ` Carlos O'Donell
0 siblings, 0 replies; 19+ messages in thread
From: Carlos O'Donell @ 2022-07-14 19:03 UTC (permalink / raw)
To: Adhemerval Zanella Netto, Michael Hudson-Doyle, libc-alpha
On 7/14/22 07:24, Adhemerval Zanella Netto via Libc-alpha wrote:
>
>
> On 14/07/22 00:23, Michael Hudson-Doyle via Libc-alpha wrote:
>> Otherwise the test fails if run in a chroot by a non-root user:
>>
>> warning: could not become root outside namespace (Operation not permitted)
>> ../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 19 (0x13); from: ENODEV
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 9 (0x9); from: EBADF
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 2 (0x2); from: ENOENT
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 2 (0x2); from: ENOENT
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 38 (0x26); from: ENOSYS
>> error: 12 test failures
>> ---
>> sysdeps/unix/sysv/linux/tst-mount.c | 3 ++-
>> 1 file changed, 2 insertions(+), 1 deletion(-)
>>
>> diff --git a/sysdeps/unix/sysv/linux/tst-mount.c b/sysdeps/unix/sysv/linux/tst-mount.c
>> index 502d7e3433..bd75c9e704 100644
>> --- a/sysdeps/unix/sysv/linux/tst-mount.c
>> +++ b/sysdeps/unix/sysv/linux/tst-mount.c
>> @@ -103,7 +103,8 @@ subprocess (void)
>> static int
>> do_test (void)
>> {
>> - support_become_root ();
>> + if (!support_become_root ())
>> + FAIL_UNSUPPORTED("could not become root");
>>
>
> I think the usual way is to check if process can chroot:
>
> support_become_root ();
> if (!support_can_chroot ())
> return EXIT_UNSUPPORTED;
>
> As done by other tests.
Agreed. We need this same fix for Fedora. I didn't catch this in my review.
>> pid_t pid = xfork ();
>> if (pid == 0)
>
--
Cheers,
Carlos.
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH] linux: return UNSUPPORTED in tst-mount if support_become_root fails
2022-07-14 3:23 [PATCH] linux: return UNSUPPORTED in tst-mount if support_become_root fails Michael Hudson-Doyle
2022-07-14 11:24 ` Adhemerval Zanella Netto
@ 2022-07-14 19:18 ` DJ Delorie
2022-07-14 22:50 ` Michael Hudson-Doyle
2022-07-15 0:06 ` [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot Michael Hudson-Doyle
2 siblings, 1 reply; 19+ messages in thread
From: DJ Delorie @ 2022-07-14 19:18 UTC (permalink / raw)
To: Michael Hudson-Doyle; +Cc: libc-alpha
Michael Hudson-Doyle via Libc-alpha <libc-alpha@sourceware.org> writes:
> Otherwise the test fails if run in a chroot by a non-root user:
Can this test run in the test-container container? I'm wondering if
there's some subtle difference between support_become_root() and a more
complete containerization that might enable it to run in more cases.
(yes, I know the test-container might not have tmpfs pre-mounted. But
then again, not all real systems will either)
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH] linux: return UNSUPPORTED in tst-mount if support_become_root fails
2022-07-14 19:18 ` DJ Delorie
@ 2022-07-14 22:50 ` Michael Hudson-Doyle
2022-07-14 23:16 ` DJ Delorie
0 siblings, 1 reply; 19+ messages in thread
From: Michael Hudson-Doyle @ 2022-07-14 22:50 UTC (permalink / raw)
To: DJ Delorie; +Cc: libc-alpha
On Fri, 15 Jul 2022 at 07:19, DJ Delorie <dj@redhat.com> wrote:
>
> Michael Hudson-Doyle via Libc-alpha <libc-alpha@sourceware.org> writes:
> > Otherwise the test fails if run in a chroot by a non-root user:
>
> Can this test run in the test-container container? I'm wondering if
> there's some subtle difference between support_become_root() and a more
> complete containerization that might enable it to run in more cases.
>
All the test-container tests in Ubuntu builds end up UNSUPPORTED with
test-container.c:1130: unable to unshare user/fs: Operation not permitted
so that wouldn't really help here (I should probably look into why this is).
Cheers,
mwh
(yes, I know the test-container might not have tmpfs pre-mounted. But
> then again, not all real systems will either)
>
>
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH] linux: return UNSUPPORTED in tst-mount if support_become_root fails
2022-07-14 22:50 ` Michael Hudson-Doyle
@ 2022-07-14 23:16 ` DJ Delorie
0 siblings, 0 replies; 19+ messages in thread
From: DJ Delorie @ 2022-07-14 23:16 UTC (permalink / raw)
To: Michael Hudson-Doyle; +Cc: libc-alpha
Michael Hudson-Doyle <michael.hudson@canonical.com> writes:
> All the test-container tests in Ubuntu builds end up UNSUPPORTED with
> test-container.c:1130: unable to unshare user/fs: Operation not permitted
> so that wouldn't really help here (I should probably look into why this is).
Yeah, Debian-based distros default to disabling user containers. There
should be a hint printed as to how to re-enable them, but that's on a
per-system basis, and up to the admin.
^ permalink raw reply [flat|nested] 19+ messages in thread
* [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot
2022-07-14 3:23 [PATCH] linux: return UNSUPPORTED in tst-mount if support_become_root fails Michael Hudson-Doyle
2022-07-14 11:24 ` Adhemerval Zanella Netto
2022-07-14 19:18 ` DJ Delorie
@ 2022-07-15 0:06 ` Michael Hudson-Doyle
2022-07-15 7:07 ` Florian Weimer
2022-07-17 23:16 ` [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails Michael Hudson-Doyle
2 siblings, 2 replies; 19+ messages in thread
From: Michael Hudson-Doyle @ 2022-07-15 0:06 UTC (permalink / raw)
To: libc-alpha
Otherwise the test fails if run in a chroot by a non-root user:
warning: could not become root outside namespace (Operation not permitted)
../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
left: 1 (0x1); from: errno
right: 19 (0x13); from: ENODEV
error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
left: 1 (0x1); from: errno
right: 9 (0x9); from: EBADF
error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
left: 1 (0x1); from: errno
right: 2 (0x2); from: ENOENT
error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
left: 1 (0x1); from: errno
right: 2 (0x2); from: ENOENT
error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
left: 1 (0x1); from: errno
right: 38 (0x26); from: ENOSYS
error: 12 test failures
---
v2: check support_can_chroot() rather than support_become_root return
value
---
sysdeps/unix/sysv/linux/tst-mount.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/sysdeps/unix/sysv/linux/tst-mount.c b/sysdeps/unix/sysv/linux/tst-mount.c
index 502d7e3433..a0b367d9df 100644
--- a/sysdeps/unix/sysv/linux/tst-mount.c
+++ b/sysdeps/unix/sysv/linux/tst-mount.c
@@ -20,6 +20,7 @@
#include <support/check.h>
#include <support/xunistd.h>
#include <support/namespace.h>
+#include <support/test-driver.h>
#include <sys/wait.h>
#include <sys/mount.h>
@@ -104,6 +105,8 @@ static int
do_test (void)
{
support_become_root ();
+ if (!support_can_chroot ())
+ return EXIT_UNSUPPORTED;
pid_t pid = xfork ();
if (pid == 0)
--
2.34.1
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot
2022-07-15 0:06 ` [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot Michael Hudson-Doyle
@ 2022-07-15 7:07 ` Florian Weimer
2022-07-15 15:35 ` Carlos O'Donell
2022-07-17 23:16 ` [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails Michael Hudson-Doyle
1 sibling, 1 reply; 19+ messages in thread
From: Florian Weimer @ 2022-07-15 7:07 UTC (permalink / raw)
To: Michael Hudson-Doyle via Libc-alpha
* Michael Hudson-Doyle via Libc-alpha:
> Otherwise the test fails if run in a chroot by a non-root user:
>
> warning: could not become root outside namespace (Operation not permitted)
> ../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 19 (0x13); from: ENODEV
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 9 (0x9); from: EBADF
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 2 (0x2); from: ENOENT
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 2 (0x2); from: ENOENT
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 38 (0x26); from: ENOSYS
> error: 12 test failures
> ---
> v2: check support_can_chroot() rather than support_become_root return
> value
> ---
> sysdeps/unix/sysv/linux/tst-mount.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/sysdeps/unix/sysv/linux/tst-mount.c b/sysdeps/unix/sysv/linux/tst-mount.c
> index 502d7e3433..a0b367d9df 100644
> --- a/sysdeps/unix/sysv/linux/tst-mount.c
> +++ b/sysdeps/unix/sysv/linux/tst-mount.c
> @@ -20,6 +20,7 @@
> #include <support/check.h>
> #include <support/xunistd.h>
> #include <support/namespace.h>
> +#include <support/test-driver.h>
> #include <sys/wait.h>
> #include <sys/mount.h>
>
> @@ -104,6 +105,8 @@ static int
> do_test (void)
> {
> support_become_root ();
> + if (!support_can_chroot ())
> + return EXIT_UNSUPPORTED;
>
> pid_t pid = xfork ();
> if (pid == 0)
This test still hoses the system if run as root on a system without user
namespaces.
I think you should call and check support_enter_mount_namespace instead,
to make sure that the test does not modify the original mount namespace.
Thanks,
Florian
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot
2022-07-15 7:07 ` Florian Weimer
@ 2022-07-15 15:35 ` Carlos O'Donell
2022-07-15 15:44 ` Florian Weimer
2022-07-15 21:01 ` Michael Hudson-Doyle
0 siblings, 2 replies; 19+ messages in thread
From: Carlos O'Donell @ 2022-07-15 15:35 UTC (permalink / raw)
To: Florian Weimer, Michael Hudson-Doyle via Libc-alpha
On 7/15/22 03:07, Florian Weimer via Libc-alpha wrote:
> * Michael Hudson-Doyle via Libc-alpha:
>
>> Otherwise the test fails if run in a chroot by a non-root user:
>>
>> warning: could not become root outside namespace (Operation not permitted)
>> ../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 19 (0x13); from: ENODEV
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 9 (0x9); from: EBADF
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 2 (0x2); from: ENOENT
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 2 (0x2); from: ENOENT
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 38 (0x26); from: ENOSYS
>> error: 12 test failures
>> ---
>> v2: check support_can_chroot() rather than support_become_root return
>> value
>> ---
>> sysdeps/unix/sysv/linux/tst-mount.c | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/sysdeps/unix/sysv/linux/tst-mount.c b/sysdeps/unix/sysv/linux/tst-mount.c
>> index 502d7e3433..a0b367d9df 100644
>> --- a/sysdeps/unix/sysv/linux/tst-mount.c
>> +++ b/sysdeps/unix/sysv/linux/tst-mount.c
>> @@ -20,6 +20,7 @@
>> #include <support/check.h>
>> #include <support/xunistd.h>
>> #include <support/namespace.h>
>> +#include <support/test-driver.h>
>> #include <sys/wait.h>
>> #include <sys/mount.h>
>>
>> @@ -104,6 +105,8 @@ static int
>> do_test (void)
>> {
>> support_become_root ();
>> + if (!support_can_chroot ())
>> + return EXIT_UNSUPPORTED;
>>
>> pid_t pid = xfork ();
>> if (pid == 0)
>
> This test still hoses the system if run as root on a system without user
> namespaces.
I had not considered that configuration when I reviewed the tests.
The subprocess use of fsopen, fsconfig, and fsmount could indeed leave the original
mount namespace in a potentially different state than when it started.
> I think you should call and check support_enter_mount_namespace instead,
> to make sure that the test does not modify the original mount namespace.
Like this in the child?
diff --git a/sysdeps/unix/sysv/linux/tst-mount.c b/sysdeps/unix/sysv/linux/tst-mount.c
index 502d7e3433..d19d70d42d 100644
--- a/sysdeps/unix/sysv/linux/tst-mount.c
+++ b/sysdeps/unix/sysv/linux/tst-mount.c
@@ -107,7 +107,11 @@ do_test (void)
pid_t pid = xfork ();
if (pid == 0)
- subprocess ();
+ {
+ if (!support_enter_mount_namespace ())
+ FAIL_UNSUPPORTED ("could not enter new mount namespace");
+ subprocess ();
+ }
int status;
xwaitpid (pid, &status, 0);
--
Cheers,
Carlos.
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot
2022-07-15 15:35 ` Carlos O'Donell
@ 2022-07-15 15:44 ` Florian Weimer
2022-07-17 21:44 ` Michael Hudson-Doyle
2022-07-15 21:01 ` Michael Hudson-Doyle
1 sibling, 1 reply; 19+ messages in thread
From: Florian Weimer @ 2022-07-15 15:44 UTC (permalink / raw)
To: Carlos O'Donell; +Cc: Michael Hudson-Doyle via Libc-alpha
* Carlos O'Donell:
>> I think you should call and check support_enter_mount_namespace instead,
>> to make sure that the test does not modify the original mount namespace.
>
> Like this in the child?
>
> diff --git a/sysdeps/unix/sysv/linux/tst-mount.c b/sysdeps/unix/sysv/linux/tst-mount.c
> index 502d7e3433..d19d70d42d 100644
> --- a/sysdeps/unix/sysv/linux/tst-mount.c
> +++ b/sysdeps/unix/sysv/linux/tst-mount.c
> @@ -107,7 +107,11 @@ do_test (void)
>
> pid_t pid = xfork ();
> if (pid == 0)
> - subprocess ();
> + {
> + if (!support_enter_mount_namespace ())
> + FAIL_UNSUPPORTED ("could not enter new mount namespace");
> + subprocess ();
> + }
Yes, except that you need to change
xwaitpid (pid, &status, 0);
TEST_VERIFY (WIFEXITED (status));
as well, to handle status 77.
I'm not entirely sure the fork is necessary, though.
Thanks,
Florian
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot
2022-07-15 15:35 ` Carlos O'Donell
2022-07-15 15:44 ` Florian Weimer
@ 2022-07-15 21:01 ` Michael Hudson-Doyle
2022-07-16 0:26 ` Carlos O'Donell
1 sibling, 1 reply; 19+ messages in thread
From: Michael Hudson-Doyle @ 2022-07-15 21:01 UTC (permalink / raw)
To: Carlos O'Donell; +Cc: Florian Weimer, Michael Hudson-Doyle via Libc-alpha
On Sat, 16 Jul 2022, 03:36 Carlos O'Donell via Libc-alpha, <
libc-alpha@sourceware.org> wrote:
> On 7/15/22 03:07, Florian Weimer via Libc-alpha wrote:
> > * Michael Hudson-Doyle via Libc-alpha:
> >
> >> Otherwise the test fails if run in a chroot by a non-root user:
> >>
> >> warning: could not become root outside namespace (Operation not
> permitted)
> >> ../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
> >> left: 1 (0x1); from: errno
> >> right: 19 (0x13); from: ENODEV
> >> error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
> >> error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
> >> error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
> >> ../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
> >> left: 1 (0x1); from: errno
> >> right: 9 (0x9); from: EBADF
> >> error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
> >> ../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
> >> left: 1 (0x1); from: errno
> >> right: 2 (0x2); from: ENOENT
> >> error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
> >> ../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
> >> left: 1 (0x1); from: errno
> >> right: 2 (0x2); from: ENOENT
> >> error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
> >> error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree !=
> -1
> >> ../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
> >> left: 1 (0x1); from: errno
> >> right: 38 (0x26); from: ENOSYS
> >> error: 12 test failures
> >> ---
> >> v2: check support_can_chroot() rather than support_become_root return
> >> value
> >> ---
> >> sysdeps/unix/sysv/linux/tst-mount.c | 3 +++
> >> 1 file changed, 3 insertions(+)
> >>
> >> diff --git a/sysdeps/unix/sysv/linux/tst-mount.c
> b/sysdeps/unix/sysv/linux/tst-mount.c
> >> index 502d7e3433..a0b367d9df 100644
> >> --- a/sysdeps/unix/sysv/linux/tst-mount.c
> >> +++ b/sysdeps/unix/sysv/linux/tst-mount.c
> >> @@ -20,6 +20,7 @@
> >> #include <support/check.h>
> >> #include <support/xunistd.h>
> >> #include <support/namespace.h>
> >> +#include <support/test-driver.h>
> >> #include <sys/wait.h>
> >> #include <sys/mount.h>
> >>
> >> @@ -104,6 +105,8 @@ static int
> >> do_test (void)
> >> {
> >> support_become_root ();
> >> + if (!support_can_chroot ())
> >> + return EXIT_UNSUPPORTED;
> >>
> >> pid_t pid = xfork ();
> >> if (pid == 0)
> >
> > This test still hoses the system if run as root on a system without user
> > namespaces.
>
> I had not considered that configuration when I reviewed the tests.
>
> The subprocess use of fsopen, fsconfig, and fsmount could indeed leave the
> original
> mount namespace in a potentially different state than when it started.
>
This reminds me of one of my favourite bugs ever where gccgo ignored
CloneFlags in some situations and so when you built docker with it,
pivot_root was called on the default mount namespace....
Anyway, I am afk for the weekend now and have no attachment to being the
one to push the fix for this, if someone who is still at a computer can
write up a better fix, please go ahead!
Cheers,
mwh
> I think you should call and check support_enter_mount_namespace instead,
> > to make sure that the test does not modify the original mount namespace.
>
> Like this in the child?
>
> diff --git a/sysdeps/unix/sysv/linux/tst-mount.c
> b/sysdeps/unix/sysv/linux/tst-mount.c
> index 502d7e3433..d19d70d42d 100644
> --- a/sysdeps/unix/sysv/linux/tst-mount.c
> +++ b/sysdeps/unix/sysv/linux/tst-mount.c
> @@ -107,7 +107,11 @@ do_test (void)
>
> pid_t pid = xfork ();
> if (pid == 0)
> - subprocess ();
> + {
> + if (!support_enter_mount_namespace ())
> + FAIL_UNSUPPORTED ("could not enter new mount namespace");
> + subprocess ();
> + }
>
> int status;
> xwaitpid (pid, &status, 0);
>
> --
> Cheers,
> Carlos.
>
>
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot
2022-07-15 21:01 ` Michael Hudson-Doyle
@ 2022-07-16 0:26 ` Carlos O'Donell
0 siblings, 0 replies; 19+ messages in thread
From: Carlos O'Donell @ 2022-07-16 0:26 UTC (permalink / raw)
To: Michael Hudson-Doyle; +Cc: Florian Weimer, Michael Hudson-Doyle via Libc-alpha
On 7/15/22 17:01, Michael Hudson-Doyle wrote:
> Anyway, I am afk for the weekend now and have no attachment to being the
> one to push the fix for this, if someone who is still at a computer can
> write up a better fix, please go ahead!
Thanks for the notice.
We can review again next week and fix the issue before 2.36 releases.
--
Cheers,
Carlos.
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot
2022-07-15 15:44 ` Florian Weimer
@ 2022-07-17 21:44 ` Michael Hudson-Doyle
0 siblings, 0 replies; 19+ messages in thread
From: Michael Hudson-Doyle @ 2022-07-17 21:44 UTC (permalink / raw)
To: Florian Weimer; +Cc: Carlos O'Donell, Michael Hudson-Doyle via Libc-alpha
On Sat, 16 Jul 2022 at 03:45, Florian Weimer via Libc-alpha <
libc-alpha@sourceware.org> wrote:
> * Carlos O'Donell:
>
> >> I think you should call and check support_enter_mount_namespace instead,
> >> to make sure that the test does not modify the original mount namespace.
> >
> > Like this in the child?
> >
> > diff --git a/sysdeps/unix/sysv/linux/tst-mount.c
> b/sysdeps/unix/sysv/linux/tst-mount.c
> > index 502d7e3433..d19d70d42d 100644
> > --- a/sysdeps/unix/sysv/linux/tst-mount.c
> > +++ b/sysdeps/unix/sysv/linux/tst-mount.c
> > @@ -107,7 +107,11 @@ do_test (void)
> >
> > pid_t pid = xfork ();
> > if (pid == 0)
> > - subprocess ();
> > + {
> > + if (!support_enter_mount_namespace ())
> > + FAIL_UNSUPPORTED ("could not enter new mount namespace");
> > + subprocess ();
> > + }
>
> Yes, except that you need to change
>
> xwaitpid (pid, &status, 0);
> TEST_VERIFY (WIFEXITED (status));
>
> as well, to handle status 77.
>
I was a bit confused by this, as subprocess() already calls
FAIL_UNSUPPORTED (if fsopen sets errno to ENOSYS). WIFEXITED (status)
doesn't distinguish between status 0 or 77 though... So I guess I don't
understand how the test machinery works here.
> I'm not entirely sure the fork is necessary, though.
>
Yes, I don't see why it's there either.
Cheers,
mwh
^ permalink raw reply [flat|nested] 19+ messages in thread
* [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails
2022-07-15 0:06 ` [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot Michael Hudson-Doyle
2022-07-15 7:07 ` Florian Weimer
@ 2022-07-17 23:16 ` Michael Hudson-Doyle
2022-07-18 12:59 ` Carlos O'Donell
2022-07-18 13:13 ` Mark Wielaard
1 sibling, 2 replies; 19+ messages in thread
From: Michael Hudson-Doyle @ 2022-07-17 23:16 UTC (permalink / raw)
To: libc-alpha
Before this the test fails if run in a chroot by a non-root user:
warning: could not become root outside namespace (Operation not permitted)
../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
left: 1 (0x1); from: errno
right: 19 (0x13); from: ENODEV
error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
left: 1 (0x1); from: errno
right: 9 (0x9); from: EBADF
error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
left: 1 (0x1); from: errno
right: 2 (0x2); from: ENOENT
error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
left: 1 (0x1); from: errno
right: 2 (0x2); from: ENOENT
error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
left: 1 (0x1); from: errno
right: 38 (0x26); from: ENOSYS
error: 12 test failures
Checking that the test can enter a new mount namespace is more correct
than just checking the return value of support_become_root() as the test
code changes the mount namespace it runs in so running it as root on a
system that does not support mount namespaces should still skip.
Also change the test to remove the unnecessary fork.
---
v3: check support_enter_mount_namespace() return value, remove fork
v2: check support_can_chroot() rather than support_become_root return
value
---
sysdeps/unix/sysv/linux/tst-mount.c | 25 ++++++-------------------
1 file changed, 6 insertions(+), 19 deletions(-)
diff --git a/sysdeps/unix/sysv/linux/tst-mount.c b/sysdeps/unix/sysv/linux/tst-mount.c
index 502d7e3433..b6333a60e6 100644
--- a/sysdeps/unix/sysv/linux/tst-mount.c
+++ b/sysdeps/unix/sysv/linux/tst-mount.c
@@ -20,15 +20,18 @@
#include <support/check.h>
#include <support/xunistd.h>
#include <support/namespace.h>
-#include <sys/wait.h>
#include <sys/mount.h>
_Static_assert (sizeof (struct mount_attr) == MOUNT_ATTR_SIZE_VER0,
"sizeof (struct mount_attr) != MOUNT_ATTR_SIZE_VER0");
-static void
-subprocess (void)
+static int
+do_test (void)
{
+ support_become_root ();
+ if (!support_enter_mount_namespace ())
+ FAIL_UNSUPPORTED ("cannot enter mount namespace, skipping test");
+
int r = fsopen ("it_should_be_not_a_valid_mount", 0);
TEST_VERIFY_EXIT (r == -1);
if (errno == ENOSYS)
@@ -100,20 +103,4 @@ subprocess (void)
_exit (0);
}
-static int
-do_test (void)
-{
- support_become_root ();
-
- pid_t pid = xfork ();
- if (pid == 0)
- subprocess ();
-
- int status;
- xwaitpid (pid, &status, 0);
- TEST_VERIFY (WIFEXITED (status));
-
- return 0;
-}
-
#include <support/test-driver.c>
--
2.34.1
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails
2022-07-17 23:16 ` [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails Michael Hudson-Doyle
@ 2022-07-18 12:59 ` Carlos O'Donell
2022-07-18 18:59 ` Michael Hudson-Doyle
2022-07-18 13:13 ` Mark Wielaard
1 sibling, 1 reply; 19+ messages in thread
From: Carlos O'Donell @ 2022-07-18 12:59 UTC (permalink / raw)
To: Michael Hudson-Doyle, libc-alpha
On 7/17/22 19:16, Michael Hudson-Doyle via Libc-alpha wrote:
> Before this the test fails if run in a chroot by a non-root user:
LGTM. OK for glibc 2.36. Would you like me to push this for you?
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> warning: could not become root outside namespace (Operation not permitted)
> ../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 19 (0x13); from: ENODEV
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 9 (0x9); from: EBADF
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 2 (0x2); from: ENOENT
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 2 (0x2); from: ENOENT
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 38 (0x26); from: ENOSYS
> error: 12 test failures
>
> Checking that the test can enter a new mount namespace is more correct
> than just checking the return value of support_become_root() as the test
> code changes the mount namespace it runs in so running it as root on a
> system that does not support mount namespaces should still skip.
Agreed.
>
> Also change the test to remove the unnecessary fork.
> ---
> v3: check support_enter_mount_namespace() return value, remove fork
> v2: check support_can_chroot() rather than support_become_root return
> value
> ---
> sysdeps/unix/sysv/linux/tst-mount.c | 25 ++++++-------------------
> 1 file changed, 6 insertions(+), 19 deletions(-)
>
> diff --git a/sysdeps/unix/sysv/linux/tst-mount.c b/sysdeps/unix/sysv/linux/tst-mount.c
> index 502d7e3433..b6333a60e6 100644
> --- a/sysdeps/unix/sysv/linux/tst-mount.c
> +++ b/sysdeps/unix/sysv/linux/tst-mount.c
> @@ -20,15 +20,18 @@
> #include <support/check.h>
> #include <support/xunistd.h>
> #include <support/namespace.h>
> -#include <sys/wait.h>
OK.
> #include <sys/mount.h>
>
> _Static_assert (sizeof (struct mount_attr) == MOUNT_ATTR_SIZE_VER0,
> "sizeof (struct mount_attr) != MOUNT_ATTR_SIZE_VER0");
>
> -static void
> -subprocess (void)
> +static int
> +do_test (void)
OK.
> {
> + support_become_root ();
> + if (!support_enter_mount_namespace ())
> + FAIL_UNSUPPORTED ("cannot enter mount namespace, skipping test");
OK.
> +
> int r = fsopen ("it_should_be_not_a_valid_mount", 0);
> TEST_VERIFY_EXIT (r == -1);
> if (errno == ENOSYS)
> @@ -100,20 +103,4 @@ subprocess (void)
> _exit (0);
> }
>
> -static int
> -do_test (void)
> -{
> - support_become_root ();
> -
> - pid_t pid = xfork ();
> - if (pid == 0)
> - subprocess ();
> -
> - int status;
> - xwaitpid (pid, &status, 0);
> - TEST_VERIFY (WIFEXITED (status));
> -
> - return 0;
> -}
> -
> #include <support/test-driver.c>
--
Cheers,
Carlos.
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails
2022-07-17 23:16 ` [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails Michael Hudson-Doyle
2022-07-18 12:59 ` Carlos O'Donell
@ 2022-07-18 13:13 ` Mark Wielaard
2022-07-18 13:45 ` Carlos O'Donell
1 sibling, 1 reply; 19+ messages in thread
From: Mark Wielaard @ 2022-07-18 13:13 UTC (permalink / raw)
To: Michael Hudson-Doyle; +Cc: libc-alpha
Hi Michael,
On Mon, Jul 18, 2022 at 11:16:57AM +1200, Michael Hudson-Doyle via Libc-alpha wrote:
> Before this the test fails if run in a chroot by a non-root user:
>
> warning: could not become root outside namespace (Operation not permitted)
> ../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 19 (0x13); from: ENODEV
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 9 (0x9); from: EBADF
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 2 (0x2); from: ENOENT
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 2 (0x2); from: ENOENT
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
> error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
> ../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
> left: 1 (0x1); from: errno
> right: 38 (0x26); from: ENOSYS
> error: 12 test failures
>
> Checking that the test can enter a new mount namespace is more correct
> than just checking the return value of support_become_root() as the test
> code changes the mount namespace it runs in so running it as root on a
> system that does not support mount namespaces should still skip.
>
> Also change the test to remove the unnecessary fork.
Tested on x86_64, inside a fedora container where this patch turns the
FAIL into an UNSUPPORTED. And "outside" a container on fedora where
this patch makes misc/tst-mount still PASS.
Thanks,
Mark
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails
2022-07-18 13:13 ` Mark Wielaard
@ 2022-07-18 13:45 ` Carlos O'Donell
0 siblings, 0 replies; 19+ messages in thread
From: Carlos O'Donell @ 2022-07-18 13:45 UTC (permalink / raw)
To: Mark Wielaard, Michael Hudson-Doyle; +Cc: libc-alpha
On 7/18/22 09:13, Mark Wielaard wrote:
> Hi Michael,
>
> On Mon, Jul 18, 2022 at 11:16:57AM +1200, Michael Hudson-Doyle via Libc-alpha wrote:
>> Before this the test fails if run in a chroot by a non-root user:
>>
>> warning: could not become root outside namespace (Operation not permitted)
>> ../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 19 (0x13); from: ENODEV
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 9 (0x9); from: EBADF
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 2 (0x2); from: ENOENT
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 2 (0x2); from: ENOENT
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
>> error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
>> ../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
>> left: 1 (0x1); from: errno
>> right: 38 (0x26); from: ENOSYS
>> error: 12 test failures
>>
>> Checking that the test can enter a new mount namespace is more correct
>> than just checking the return value of support_become_root() as the test
>> code changes the mount namespace it runs in so running it as root on a
>> system that does not support mount namespaces should still skip.
>>
>> Also change the test to remove the unnecessary fork.
>
> Tested on x86_64, inside a fedora container where this patch turns the
> FAIL into an UNSUPPORTED. And "outside" a container on fedora where
> this patch makes misc/tst-mount still PASS.
If you test a patch please feel free to provide the Tested-by: tag which patchwork
will aggregate so when I apply the patch from git-pw your tag will get added and
end up in the commit (similar to b4).
It records the amazing work you did by testing a patch! :-)
--
Cheers,
Carlos.
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails
2022-07-18 12:59 ` Carlos O'Donell
@ 2022-07-18 18:59 ` Michael Hudson-Doyle
2022-07-19 2:51 ` Carlos O'Donell
0 siblings, 1 reply; 19+ messages in thread
From: Michael Hudson-Doyle @ 2022-07-18 18:59 UTC (permalink / raw)
To: Carlos O'Donell; +Cc: libc-alpha
On Tue, 19 Jul 2022 at 00:59, Carlos O'Donell <carlos@redhat.com> wrote:
> On 7/17/22 19:16, Michael Hudson-Doyle via Libc-alpha wrote:
> > Before this the test fails if run in a chroot by a non-root user:
>
> LGTM. OK for glibc 2.36. Would you like me to push this for you?
>
Thanks. I pushed it and marked the patch as committed in patchwork, I think
this was my first push to master so let me know if I missed anything.
Cheers,
mwh
> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
>
> > warning: could not become root outside namespace (Operation not
> permitted)
> > ../sysdeps/unix/sysv/linux/tst-mount.c:36: numeric comparison failure
> > left: 1 (0x1); from: errno
> > right: 19 (0x13); from: ENODEV
> > error: ../sysdeps/unix/sysv/linux/tst-mount.c:39: not true: fd != -1
> > error: ../sysdeps/unix/sysv/linux/tst-mount.c:46: not true: r != -1
> > error: ../sysdeps/unix/sysv/linux/tst-mount.c:48: not true: r != -1
> > ../sysdeps/unix/sysv/linux/tst-mount.c:52: numeric comparison failure
> > left: 1 (0x1); from: errno
> > right: 9 (0x9); from: EBADF
> > error: ../sysdeps/unix/sysv/linux/tst-mount.c:55: not true: mfd != -1
> > ../sysdeps/unix/sysv/linux/tst-mount.c:58: numeric comparison failure
> > left: 1 (0x1); from: errno
> > right: 2 (0x2); from: ENOENT
> > error: ../sysdeps/unix/sysv/linux/tst-mount.c:61: not true: r != -1
> > ../sysdeps/unix/sysv/linux/tst-mount.c:65: numeric comparison failure
> > left: 1 (0x1); from: errno
> > right: 2 (0x2); from: ENOENT
> > error: ../sysdeps/unix/sysv/linux/tst-mount.c:68: not true: pfd != -1
> > error: ../sysdeps/unix/sysv/linux/tst-mount.c:75: not true: fd_tree != -1
> > ../sysdeps/unix/sysv/linux/tst-mount.c:88: numeric comparison failure
> > left: 1 (0x1); from: errno
> > right: 38 (0x26); from: ENOSYS
> > error: 12 test failures
> >
> > Checking that the test can enter a new mount namespace is more correct
> > than just checking the return value of support_become_root() as the test
> > code changes the mount namespace it runs in so running it as root on a
> > system that does not support mount namespaces should still skip.
>
> Agreed.
>
> >
> > Also change the test to remove the unnecessary fork.
> > ---
> > v3: check support_enter_mount_namespace() return value, remove fork
> > v2: check support_can_chroot() rather than support_become_root return
> > value
> > ---
> > sysdeps/unix/sysv/linux/tst-mount.c | 25 ++++++-------------------
> > 1 file changed, 6 insertions(+), 19 deletions(-)
> >
> > diff --git a/sysdeps/unix/sysv/linux/tst-mount.c
> b/sysdeps/unix/sysv/linux/tst-mount.c
> > index 502d7e3433..b6333a60e6 100644
> > --- a/sysdeps/unix/sysv/linux/tst-mount.c
> > +++ b/sysdeps/unix/sysv/linux/tst-mount.c
> > @@ -20,15 +20,18 @@
> > #include <support/check.h>
> > #include <support/xunistd.h>
> > #include <support/namespace.h>
> > -#include <sys/wait.h>
>
> OK.
>
> > #include <sys/mount.h>
> >
> > _Static_assert (sizeof (struct mount_attr) == MOUNT_ATTR_SIZE_VER0,
> > "sizeof (struct mount_attr) != MOUNT_ATTR_SIZE_VER0");
> >
> > -static void
> > -subprocess (void)
> > +static int
> > +do_test (void)
>
> OK.
>
> > {
> > + support_become_root ();
> > + if (!support_enter_mount_namespace ())
> > + FAIL_UNSUPPORTED ("cannot enter mount namespace, skipping test");
>
> OK.
>
> > +
> > int r = fsopen ("it_should_be_not_a_valid_mount", 0);
> > TEST_VERIFY_EXIT (r == -1);
> > if (errno == ENOSYS)
> > @@ -100,20 +103,4 @@ subprocess (void)
> > _exit (0);
> > }
> >
> > -static int
> > -do_test (void)
> > -{
> > - support_become_root ();
> > -
> > - pid_t pid = xfork ();
> > - if (pid == 0)
> > - subprocess ();
> > -
> > - int status;
> > - xwaitpid (pid, &status, 0);
> > - TEST_VERIFY (WIFEXITED (status));
> > -
> > - return 0;
> > -}
> > -
> > #include <support/test-driver.c>
>
>
> --
> Cheers,
> Carlos.
>
>
^ permalink raw reply [flat|nested] 19+ messages in thread
* Re: [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails
2022-07-18 18:59 ` Michael Hudson-Doyle
@ 2022-07-19 2:51 ` Carlos O'Donell
0 siblings, 0 replies; 19+ messages in thread
From: Carlos O'Donell @ 2022-07-19 2:51 UTC (permalink / raw)
To: Michael Hudson-Doyle; +Cc: libc-alpha
On 7/18/22 14:59, Michael Hudson-Doyle wrote:
> On Tue, 19 Jul 2022 at 00:59, Carlos O'Donell <carlos@redhat.com> wrote:
>
>> On 7/17/22 19:16, Michael Hudson-Doyle via Libc-alpha wrote:
>>> Before this the test fails if run in a chroot by a non-root user:
>>
>> LGTM. OK for glibc 2.36. Would you like me to push this for you?
>>
>
> Thanks. I pushed it and marked the patch as committed in patchwork, I think
> this was my first push to master so let me know if I missed anything.
Looks great!
Thank you for updating patchwork.
Committed content matches posted content.
You added the reviewers (mine) Reviewed-by: tag.
All awesome. Thank you again!
--
Cheers,
Carlos.
^ permalink raw reply [flat|nested] 19+ messages in thread
end of thread, other threads:[~2022-07-19 2:51 UTC | newest]
Thread overview: 19+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-07-14 3:23 [PATCH] linux: return UNSUPPORTED in tst-mount if support_become_root fails Michael Hudson-Doyle
2022-07-14 11:24 ` Adhemerval Zanella Netto
2022-07-14 19:03 ` Carlos O'Donell
2022-07-14 19:18 ` DJ Delorie
2022-07-14 22:50 ` Michael Hudson-Doyle
2022-07-14 23:16 ` DJ Delorie
2022-07-15 0:06 ` [PATCH v2] linux: return UNSUPPORTED in tst-mount if !support_can_chroot Michael Hudson-Doyle
2022-07-15 7:07 ` Florian Weimer
2022-07-15 15:35 ` Carlos O'Donell
2022-07-15 15:44 ` Florian Weimer
2022-07-17 21:44 ` Michael Hudson-Doyle
2022-07-15 21:01 ` Michael Hudson-Doyle
2022-07-16 0:26 ` Carlos O'Donell
2022-07-17 23:16 ` [PATCH v3] linux: return UNSUPPORTED from tst-mount if entering mount namespace fails Michael Hudson-Doyle
2022-07-18 12:59 ` Carlos O'Donell
2022-07-18 18:59 ` Michael Hudson-Doyle
2022-07-19 2:51 ` Carlos O'Donell
2022-07-18 13:13 ` Mark Wielaard
2022-07-18 13:45 ` Carlos O'Donell
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).