1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
4 #include <sys/statvfs.h>
6 #include "alloc-util.h"
7 #include "capability-util.h"
11 #include "missing_magic.h"
12 #include "missing_mount.h"
14 #include "mount-util.h"
15 #include "mountpoint-util.h"
16 #include "namespace-util.h"
17 #include "path-util.h"
18 #include "process-util.h"
20 #include "stat-util.h"
21 #include "string-util.h"
24 #include "tmpfile-util.h"
26 TEST(remount_and_move_sub_mounts
) {
29 if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN
) <= 0)
30 return (void) log_tests_skipped("not running privileged");
32 r
= safe_fork("(remount-and-move-sub-mounts)",
44 _cleanup_free_
char *d
= NULL
, *fn
= NULL
;
46 assert_se(mkdtemp_malloc(NULL
, &d
) >= 0);
48 assert_se(mount_nofollow_verbose(LOG_DEBUG
, "tmpfs", d
, "tmpfs", MS_NOSUID
|MS_NODEV
, NULL
) >= 0);
50 assert_se(fn
= path_join(d
, "memo"));
51 assert_se(write_string_file(fn
, d
, WRITE_STRING_FILE_CREATE
|WRITE_STRING_FILE_AVOID_NEWLINE
) >= 0);
52 assert_se(access(fn
, F_OK
) >= 0);
55 FOREACH_STRING(p
, "sub1", "sub1/hoge", "sub1/foo", "sub2", "sub2/aaa", "sub2/bbb") {
56 _cleanup_free_
char *where
= NULL
, *filename
= NULL
;
58 assert_se(where
= path_join(d
, p
));
59 assert_se(mkdir_p(where
, 0755) >= 0);
60 assert_se(mount_nofollow_verbose(LOG_DEBUG
, "tmpfs", where
, "tmpfs", MS_NOSUID
|MS_NODEV
, NULL
) >= 0);
62 assert_se(filename
= path_join(where
, "memo"));
63 assert_se(write_string_file(filename
, where
, WRITE_STRING_FILE_CREATE
|WRITE_STRING_FILE_AVOID_NEWLINE
) >= 0);
64 assert_se(access(filename
, F_OK
) >= 0);
68 FOREACH_STRING(p
, "sub1", "sub1/hogehoge", "sub1/foofoo") {
69 _cleanup_free_
char *where
= NULL
, *filename
= NULL
;
71 assert_se(where
= path_join(d
, p
));
72 assert_se(mkdir_p(where
, 0755) >= 0);
73 assert_se(mount_nofollow_verbose(LOG_DEBUG
, "tmpfs", where
, "tmpfs", MS_NOSUID
|MS_NODEV
, NULL
) >= 0);
75 assert_se(filename
= path_join(where
, "memo"));
76 assert_se(write_string_file(filename
, where
, WRITE_STRING_FILE_CREATE
|WRITE_STRING_FILE_AVOID_NEWLINE
) >= 0);
77 assert_se(access(filename
, F_OK
) >= 0);
80 /* Remount the main fs. */
81 r
= remount_and_move_sub_mounts("tmpfs", d
, "tmpfs", MS_NOSUID
|MS_NODEV
, NULL
);
82 if (r
== -EINVAL
|| (r
< 0 && ERRNO_IS_NOT_SUPPORTED(r
))) {
83 log_tests_skipped_errno(r
, "The kernel seems too old: %m");
87 /* Check the file in the main fs does not exist. */
88 assert_se(access(fn
, F_OK
) < 0 && errno
== ENOENT
);
90 /* Check the files in sub-mounts are kept. */
91 FOREACH_STRING(p
, "sub1", "sub1/hogehoge", "sub1/foofoo", "sub2", "sub2/aaa", "sub2/bbb") {
92 _cleanup_free_
char *where
= NULL
, *filename
= NULL
, *content
= NULL
;
94 assert_se(where
= path_join(d
, p
));
95 assert_se(filename
= path_join(where
, "memo"));
96 assert_se(read_full_file(filename
, &content
, NULL
) >= 0);
97 assert_se(streq(content
, where
));
100 /* umount sub1, and check if the previously hidden sub-mounts are dropped. */
101 FOREACH_STRING(p
, "sub1/hoge", "sub1/foo") {
102 _cleanup_free_
char *where
= NULL
;
104 assert_se(where
= path_join(d
, p
));
105 assert_se(access(where
, F_OK
) < 0 && errno
== ENOENT
);
112 TEST(remount_sysfs
) {
115 if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN
) <= 0)
116 return (void) log_tests_skipped("not running privileged");
118 if (path_is_fs_type("/sys", SYSFS_MAGIC
) <= 0)
119 return (void) log_tests_skipped("sysfs is not mounted on /sys");
121 if (access("/sys/class/net/dummy-test-mnt", F_OK
) < 0)
122 return (void) log_tests_skipped_errno(errno
, "The network interface dummy-test-mnt does not exit");
124 r
= safe_fork("(remount-sysfs)",
136 assert_se(unshare(CLONE_NEWNET
) >= 0);
138 /* Even unshare()ed, the interfaces in the main namespace can be accessed through sysfs. */
139 assert_se(access("/sys/class/net/lo", F_OK
) >= 0);
140 assert_se(access("/sys/class/net/dummy-test-mnt", F_OK
) >= 0);
142 r
= remount_sysfs("/sys");
143 if (r
== -EINVAL
|| (r
< 0 && ERRNO_IS_NOT_SUPPORTED(r
))) {
144 log_tests_skipped_errno(r
, "The kernel seems too old: %m");
148 /* After remounting sysfs, the interfaces in the main namespace cannot be accessed. */
149 assert_se(access("/sys/class/net/lo", F_OK
) >= 0);
150 assert_se(access("/sys/class/net/dummy-test-mnt", F_OK
) < 0 && errno
== ENOENT
);
156 TEST(mount_option_mangle
) {
160 assert_se(mount_option_mangle(NULL
, MS_RDONLY
|MS_NOSUID
, &f
, &opts
) == 0);
161 assert_se(f
== (MS_RDONLY
|MS_NOSUID
));
162 assert_se(opts
== NULL
);
164 assert_se(mount_option_mangle("", MS_RDONLY
|MS_NOSUID
, &f
, &opts
) == 0);
165 assert_se(f
== (MS_RDONLY
|MS_NOSUID
));
166 assert_se(opts
== NULL
);
168 assert_se(mount_option_mangle("ro,nosuid,nodev,noexec", 0, &f
, &opts
) == 0);
169 assert_se(f
== (MS_RDONLY
|MS_NOSUID
|MS_NODEV
|MS_NOEXEC
));
170 assert_se(opts
== NULL
);
172 assert_se(mount_option_mangle("ro,nosuid,nodev,noexec,mode=0755", 0, &f
, &opts
) == 0);
173 assert_se(f
== (MS_RDONLY
|MS_NOSUID
|MS_NODEV
|MS_NOEXEC
));
174 assert_se(streq(opts
, "mode=0755"));
177 assert_se(mount_option_mangle("rw,nosuid,foo,hogehoge,nodev,mode=0755", 0, &f
, &opts
) == 0);
178 assert_se(f
== (MS_NOSUID
|MS_NODEV
));
179 assert_se(streq(opts
, "foo,hogehoge,mode=0755"));
182 assert_se(mount_option_mangle("rw,nosuid,nodev,noexec,relatime,net_cls,net_prio", MS_RDONLY
, &f
, &opts
) == 0);
183 assert_se(f
== (MS_NOSUID
|MS_NODEV
|MS_NOEXEC
|MS_RELATIME
));
184 assert_se(streq(opts
, "net_cls,net_prio"));
187 assert_se(mount_option_mangle("rw,nosuid,nodev,relatime,size=1630748k,mode=0700,uid=1000,gid=1000", MS_RDONLY
, &f
, &opts
) == 0);
188 assert_se(f
== (MS_NOSUID
|MS_NODEV
|MS_RELATIME
));
189 assert_se(streq(opts
, "size=1630748k,mode=0700,uid=1000,gid=1000"));
192 assert_se(mount_option_mangle("size=1630748k,rw,gid=1000,,,nodev,relatime,,mode=0700,nosuid,uid=1000", MS_RDONLY
, &f
, &opts
) == 0);
193 assert_se(f
== (MS_NOSUID
|MS_NODEV
|MS_RELATIME
));
194 assert_se(streq(opts
, "size=1630748k,gid=1000,mode=0700,uid=1000"));
197 assert_se(mount_option_mangle("rw,exec,size=8143984k,nr_inodes=2035996,mode=0755", MS_RDONLY
|MS_NOSUID
|MS_NOEXEC
|MS_NODEV
, &f
, &opts
) == 0);
198 assert_se(f
== (MS_NOSUID
|MS_NODEV
));
199 assert_se(streq(opts
, "size=8143984k,nr_inodes=2035996,mode=0755"));
202 assert_se(mount_option_mangle("rw,relatime,fmask=0022,,,dmask=0022", MS_RDONLY
, &f
, &opts
) == 0);
203 assert_se(f
== MS_RELATIME
);
204 assert_se(streq(opts
, "fmask=0022,dmask=0022"));
207 assert_se(mount_option_mangle("rw,relatime,fmask=0022,dmask=0022,\"hogehoge", MS_RDONLY
, &f
, &opts
) < 0);
209 assert_se(mount_option_mangle("mode=01777,size=10%,nr_inodes=400k,uid=496107520,gid=496107520,context=\"system_u:object_r:svirt_sandbox_file_t:s0:c0,c1\"", 0, &f
, &opts
) == 0);
211 assert_se(streq(opts
, "mode=01777,size=10%,nr_inodes=400k,uid=496107520,gid=496107520,context=\"system_u:object_r:svirt_sandbox_file_t:s0:c0,c1\""));
215 static void test_mount_flags_to_string_one(unsigned long flags
, const char *expected
) {
216 _cleanup_free_
char *x
= NULL
;
219 r
= mount_flags_to_string(flags
, &x
);
220 log_info("flags: %#lX → %d/\"%s\"", flags
, r
, strnull(x
));
222 assert_se(streq(x
, expected
));
225 TEST(mount_flags_to_string
) {
226 test_mount_flags_to_string_one(0, "0");
227 test_mount_flags_to_string_one(MS_RDONLY
, "MS_RDONLY");
228 test_mount_flags_to_string_one(MS_NOSUID
, "MS_NOSUID");
229 test_mount_flags_to_string_one(MS_NODEV
, "MS_NODEV");
230 test_mount_flags_to_string_one(MS_NOEXEC
, "MS_NOEXEC");
231 test_mount_flags_to_string_one(MS_SYNCHRONOUS
, "MS_SYNCHRONOUS");
232 test_mount_flags_to_string_one(MS_REMOUNT
, "MS_REMOUNT");
233 test_mount_flags_to_string_one(MS_MANDLOCK
, "MS_MANDLOCK");
234 test_mount_flags_to_string_one(MS_DIRSYNC
, "MS_DIRSYNC");
235 test_mount_flags_to_string_one(MS_NOSYMFOLLOW
, "MS_NOSYMFOLLOW");
236 test_mount_flags_to_string_one(MS_NOATIME
, "MS_NOATIME");
237 test_mount_flags_to_string_one(MS_NODIRATIME
, "MS_NODIRATIME");
238 test_mount_flags_to_string_one(MS_BIND
, "MS_BIND");
239 test_mount_flags_to_string_one(MS_MOVE
, "MS_MOVE");
240 test_mount_flags_to_string_one(MS_REC
, "MS_REC");
241 test_mount_flags_to_string_one(MS_SILENT
, "MS_SILENT");
242 test_mount_flags_to_string_one(MS_POSIXACL
, "MS_POSIXACL");
243 test_mount_flags_to_string_one(MS_UNBINDABLE
, "MS_UNBINDABLE");
244 test_mount_flags_to_string_one(MS_PRIVATE
, "MS_PRIVATE");
245 test_mount_flags_to_string_one(MS_SLAVE
, "MS_SLAVE");
246 test_mount_flags_to_string_one(MS_SHARED
, "MS_SHARED");
247 test_mount_flags_to_string_one(MS_RELATIME
, "MS_RELATIME");
248 test_mount_flags_to_string_one(MS_KERNMOUNT
, "MS_KERNMOUNT");
249 test_mount_flags_to_string_one(MS_I_VERSION
, "MS_I_VERSION");
250 test_mount_flags_to_string_one(MS_STRICTATIME
, "MS_STRICTATIME");
251 test_mount_flags_to_string_one(MS_LAZYTIME
, "MS_LAZYTIME");
252 test_mount_flags_to_string_one(MS_LAZYTIME
|MS_STRICTATIME
, "MS_STRICTATIME|MS_LAZYTIME");
253 test_mount_flags_to_string_one(UINT_MAX
,
254 "MS_RDONLY|MS_NOSUID|MS_NODEV|MS_NOEXEC|MS_SYNCHRONOUS|MS_REMOUNT|"
255 "MS_MANDLOCK|MS_DIRSYNC|MS_NOSYMFOLLOW|MS_NOATIME|MS_NODIRATIME|"
256 "MS_BIND|MS_MOVE|MS_REC|MS_SILENT|MS_POSIXACL|MS_UNBINDABLE|"
257 "MS_PRIVATE|MS_SLAVE|MS_SHARED|MS_RELATIME|MS_KERNMOUNT|"
258 "MS_I_VERSION|MS_STRICTATIME|MS_LAZYTIME|fc000200");
261 TEST(bind_remount_recursive
) {
262 _cleanup_(rm_rf_physical_and_freep
) char *tmp
= NULL
;
263 _cleanup_free_
char *subdir
= NULL
;
265 if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN
) <= 0) {
266 (void) log_tests_skipped("not running privileged");
270 assert_se(mkdtemp_malloc("/tmp/XXXXXX", &tmp
) >= 0);
271 subdir
= path_join(tmp
, "subdir");
273 assert_se(mkdir(subdir
, 0755) >= 0);
275 FOREACH_STRING(p
, "/usr", "/sys", "/", tmp
) {
284 assert_se(detach_mount_namespace() >= 0);
286 /* Check that the subdir is writable (it must be because it's in /tmp) */
287 assert_se(statvfs(subdir
, &svfs
) >= 0);
288 assert_se(!FLAGS_SET(svfs
.f_flag
, ST_RDONLY
));
290 /* Make the subdir a bind mount */
291 assert_se(mount_nofollow(subdir
, subdir
, NULL
, MS_BIND
|MS_REC
, NULL
) >= 0);
293 /* Ensure it's still writable */
294 assert_se(statvfs(subdir
, &svfs
) >= 0);
295 assert_se(!FLAGS_SET(svfs
.f_flag
, ST_RDONLY
));
297 /* Now mark the path we currently run for read-only */
298 assert_se(bind_remount_recursive(p
, MS_RDONLY
, MS_RDONLY
, path_equal(p
, "/sys") ? STRV_MAKE("/sys/kernel") : NULL
) >= 0);
300 /* Ensure that this worked on the top-level */
301 assert_se(statvfs(p
, &svfs
) >= 0);
302 assert_se(FLAGS_SET(svfs
.f_flag
, ST_RDONLY
));
304 /* And ensure this had an effect on the subdir exactly if we are talking about a path above the subdir */
305 assert_se(statvfs(subdir
, &svfs
) >= 0);
306 assert_se(FLAGS_SET(svfs
.f_flag
, ST_RDONLY
) == !!path_startswith(subdir
, p
));
311 assert_se(wait_for_terminate_and_check("test-remount-rec", pid
, WAIT_LOG
) == EXIT_SUCCESS
);
315 TEST(bind_remount_one
) {
318 if (geteuid() != 0 || have_effective_cap(CAP_SYS_ADMIN
) <= 0) {
319 (void) log_tests_skipped("not running privileged");
329 _cleanup_fclose_
FILE *proc_self_mountinfo
= NULL
;
331 assert_se(detach_mount_namespace() >= 0);
333 assert_se(fopen_unlocked("/proc/self/mountinfo", "re", &proc_self_mountinfo
) >= 0);
335 assert_se(bind_remount_one_with_mountinfo("/run", MS_RDONLY
, MS_RDONLY
, proc_self_mountinfo
) >= 0);
336 assert_se(bind_remount_one_with_mountinfo("/run", MS_NOEXEC
, MS_RDONLY
|MS_NOEXEC
, proc_self_mountinfo
) >= 0);
337 assert_se(bind_remount_one_with_mountinfo("/proc/idontexist", MS_RDONLY
, MS_RDONLY
, proc_self_mountinfo
) == -ENOENT
);
338 assert_se(bind_remount_one_with_mountinfo("/proc/self", MS_RDONLY
, MS_RDONLY
, proc_self_mountinfo
) == -EINVAL
);
339 assert_se(bind_remount_one_with_mountinfo("/", MS_RDONLY
, MS_RDONLY
, proc_self_mountinfo
) >= 0);
344 assert_se(wait_for_terminate_and_check("test-remount-one", pid
, WAIT_LOG
) == EXIT_SUCCESS
);
347 TEST(make_mount_point_inode
) {
348 _cleanup_(rm_rf_physical_and_freep
) char *d
= NULL
;
349 const char *src_file
, *src_dir
, *dst_file
, *dst_dir
;
352 assert_se(mkdtemp_malloc(NULL
, &d
) >= 0);
354 src_file
= strjoina(d
, "/src/file");
355 src_dir
= strjoina(d
, "/src/dir");
356 dst_file
= strjoina(d
, "/dst/file");
357 dst_dir
= strjoina(d
, "/dst/dir");
359 assert_se(mkdir_p(src_dir
, 0755) >= 0);
360 assert_se(mkdir_parents(dst_file
, 0755) >= 0);
361 assert_se(touch(src_file
) >= 0);
363 assert_se(make_mount_point_inode_from_path(src_file
, dst_file
, 0755) >= 0);
364 assert_se(make_mount_point_inode_from_path(src_dir
, dst_dir
, 0755) >= 0);
366 assert_se(stat(dst_dir
, &st
) == 0);
367 assert_se(S_ISDIR(st
.st_mode
));
368 assert_se(stat(dst_file
, &st
) == 0);
369 assert_se(S_ISREG(st
.st_mode
));
370 assert_se(!(S_IXUSR
& st
.st_mode
));
371 assert_se(!(S_IXGRP
& st
.st_mode
));
372 assert_se(!(S_IXOTH
& st
.st_mode
));
374 assert_se(unlink(dst_file
) == 0);
375 assert_se(rmdir(dst_dir
) == 0);
377 assert_se(stat(src_file
, &st
) == 0);
378 assert_se(make_mount_point_inode_from_stat(&st
, dst_file
, 0755) >= 0);
379 assert_se(stat(src_dir
, &st
) == 0);
380 assert_se(make_mount_point_inode_from_stat(&st
, dst_dir
, 0755) >= 0);
382 assert_se(stat(dst_dir
, &st
) == 0);
383 assert_se(S_ISDIR(st
.st_mode
));
384 assert_se(stat(dst_file
, &st
) == 0);
385 assert_se(S_ISREG(st
.st_mode
));
386 assert_se(!(S_IXUSR
& st
.st_mode
));
387 assert_se(!(S_IXGRP
& st
.st_mode
));
388 assert_se(!(S_IXOTH
& st
.st_mode
));
391 static int intro(void) {
392 /* Create a dummy network interface for testing remount_sysfs(). */
393 (void) system("ip link add dummy-test-mnt type dummy");
398 static int outro(void) {
399 (void) system("ip link del dummy-test-mnt");
404 DEFINE_TEST_MAIN_FULL(LOG_DEBUG
, intro
, outro
);