mirror_zfs/tests/zfs-tests/include/commands.cfg
Wolfgang Bumiller 3808006edf Take user namespaces into account in policy checks
Change file related checks to use user namespaces and make
sure involved uids/gids are mappable in the current
namespace.

Note that checks without file ownership information will
still not take user namespaces into account, as some of
these should be handled via 'zfs allow' (otherwise root in a
user namespace could issue commands such as `zpool export`).

This also adds an initial user namespace regression test
for the setgid bit loss, with a user_ns_exec helper usable
in further tests.

Additionally, configure checks for the required user
namespace related features are added for:
  * ns_capable
  * kuid/kgid_has_mapping()
  * user_ns in cred_t

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Closes #6800
Closes #7270
2018-03-14 16:10:38 -07:00

169 lines
2.1 KiB
INI

#
# These variables are used by zfs-tests.sh to constrain which utilities
# may be used by the suite. The suite will create a directory which is
# the only element of $PATH and create symlinks from that dir to the
# binaries listed below.
#
# Please keep the contents of each variable sorted for ease of reading
# and maintenance.
#
export SYSTEM_FILES='arp
awk
attr
basename
bc
blockdev
bunzip2
bzcat
cat
chattr
chgrp
chmod
chown
cksum
cmp
cp
cpio
cut
date
dd
df
diff
dirname
dmesg
du
echo
egrep
exportfs
expr
fallocate
false
fdisk
file
find
fio
getconf
getent
getfacl
getfattr
grep
groupadd
groupdel
groupmod
gunzip
gzip
head
hostid
hostname
id
iostat
kill
ksh
ln
logname
losetup
ls
lsblk
lsmod
lsscsi
md5sum
mkdir
mknod
mkswap
mktemp
modprobe
mount
mpstat
mv
net
nproc
openssl
parted
pax
pgrep
ping
pkill
printenv
printf
ps
pwd
python
quotaon
readlink
rm
rmdir
sed
seq
setenforce
setfacl
setfattr
sh
sha256sum
shuf
sleep
sort
stat
strings
su
sudo
sum
swapoff
swapon
sync
tail
tar
timeout
touch
tr
true
truncate
udevadm
umask
umount
uname
useradd
userdel
usermod
uuidgen
vmstat
wait
wc
which
xargs'
export ZFS_FILES='zdb
zfs
zhack
zinject
zpool
ztest
zpios
raidz_test
arc_summary.py
arcstat.py
dbufstat.py
zed
zgenhostid
zstreamdump'
export ZFSTEST_FILES='chg_usr_exec
devname2devid
dir_rd_update
file_check
file_trunc
file_write
largest_file
mkbusy
mkfile
mkfiles
mktree
mmap_exec
mmapwrite
randfree_file
readmmap
rename_dir
rm_lnkcnt_zero_file
threadsappend
user_ns_exec
xattrtest'