diff options
| author | Eric Biggers <ebiggers@google.com> | 2019-10-01 09:43:36 -0700 |
|---|---|---|
| committer | Eric Biggers <ebiggers@google.com> | 2019-10-01 09:43:36 -0700 |
| commit | db31d21e9cab31dff152082a4e88217d447970c4 (patch) | |
| tree | 630e7f5cc21228c417ca77955381f7d572afab3b /filesystem/filesystem_test.go | |
| parent | 61464729e79d4b27a878718a92e4e3b70f7ad317 (diff) | |
filesystem: allow .fscrypt to be a symlink
Support the case where the user has a read-only root filesystem (e.g.
with OSTree) and had previously created a symlink /.fscrypt pointing to
a writable location, so that login protectors can be created there.
Resolves https://github.com/google/fscrypt/issues/131
Diffstat (limited to 'filesystem/filesystem_test.go')
| -rw-r--r-- | filesystem/filesystem_test.go | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/filesystem/filesystem_test.go b/filesystem/filesystem_test.go index 2394f68..50c3920 100644 --- a/filesystem/filesystem_test.go +++ b/filesystem/filesystem_test.go @@ -20,6 +20,7 @@ package filesystem import ( + "io/ioutil" "os" "path/filepath" "testing" @@ -109,6 +110,68 @@ func TestRemoveAllMetadata(t *testing.T) { } } +// Test that when MOUNTPOINT/.fscrypt is a pre-created symlink, fscrypt will +// create/delete the metadata at the location pointed to by the symlink. +// +// This is a helper function that is called twice: once to test an absolute +// symlink and once to test a relative symlink. +func testSetupWithSymlink(t *testing.T, mnt *Mount, symlinkTarget string, realDir string) { + rawBaseDir := filepath.Join(mnt.Path, baseDirName) + if err := os.Symlink(symlinkTarget, rawBaseDir); err != nil { + t.Fatal(err) + } + defer os.Remove(rawBaseDir) + + if err := mnt.Setup(); err != nil { + t.Fatal(err) + } + defer mnt.RemoveAllMetadata() + if err := mnt.CheckSetup(); err != nil { + t.Fatal(err) + } + if !isSymlink(rawBaseDir) { + t.Fatal("base dir should still be a symlink") + } + if !isDir(realDir) { + t.Fatal("real base dir should exist") + } + if err := mnt.RemoveAllMetadata(); err != nil { + t.Fatal(err) + } + if !isSymlink(rawBaseDir) { + t.Fatal("base dir should still be a symlink") + } + if isDir(realDir) { + t.Fatal("real base dir should no longer exist") + } +} + +func TestSetupWithAbsoluteSymlink(t *testing.T) { + mnt, err := getTestMount(t) + if err != nil { + t.Fatal(err) + } + tempDir, err := ioutil.TempDir("", "fscrypt") + if err != nil { + t.Fatal(err) + } + defer os.RemoveAll(tempDir) + realDir := filepath.Join(tempDir, "realDir") + if realDir, err = filepath.Abs(realDir); err != nil { + t.Fatal(err) + } + testSetupWithSymlink(t, mnt, realDir, realDir) +} + +func TestSetupWithRelativeSymlink(t *testing.T) { + mnt, err := getTestMount(t) + if err != nil { + t.Fatal(err) + } + realDir := filepath.Join(mnt.Path, ".fscrypt-real") + testSetupWithSymlink(t, mnt, ".fscrypt-real", realDir) +} + // Adding a good Protector should succeed, adding a bad one should fail func TestAddProtector(t *testing.T) { mnt, err := getSetupMount(t) |