From db31d21e9cab31dff152082a4e88217d447970c4 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Tue, 1 Oct 2019 09:43:36 -0700
Subject: filesystem: allow .fscrypt to be a symlink

Support the case where the user has a read-only root filesystem (e.g.
with OSTree) and had previously created a symlink /.fscrypt pointing to
a writable location, so that login protectors can be created there.

Resolves https://github.com/google/fscrypt/issues/131
---
 filesystem/filesystem_test.go | 63 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)

(limited to 'filesystem/filesystem_test.go')

diff --git a/filesystem/filesystem_test.go b/filesystem/filesystem_test.go
index 2394f68..50c3920 100644
--- a/filesystem/filesystem_test.go
+++ b/filesystem/filesystem_test.go
@@ -20,6 +20,7 @@
 package filesystem
 
 import (
+	"io/ioutil"
 	"os"
 	"path/filepath"
 	"testing"
@@ -109,6 +110,68 @@ func TestRemoveAllMetadata(t *testing.T) {
 	}
 }
 
+// Test that when MOUNTPOINT/.fscrypt is a pre-created symlink, fscrypt will
+// create/delete the metadata at the location pointed to by the symlink.
+//
+// This is a helper function that is called twice: once to test an absolute
+// symlink and once to test a relative symlink.
+func testSetupWithSymlink(t *testing.T, mnt *Mount, symlinkTarget string, realDir string) {
+	rawBaseDir := filepath.Join(mnt.Path, baseDirName)
+	if err := os.Symlink(symlinkTarget, rawBaseDir); err != nil {
+		t.Fatal(err)
+	}
+	defer os.Remove(rawBaseDir)
+
+	if err := mnt.Setup(); err != nil {
+		t.Fatal(err)
+	}
+	defer mnt.RemoveAllMetadata()
+	if err := mnt.CheckSetup(); err != nil {
+		t.Fatal(err)
+	}
+	if !isSymlink(rawBaseDir) {
+		t.Fatal("base dir should still be a symlink")
+	}
+	if !isDir(realDir) {
+		t.Fatal("real base dir should exist")
+	}
+	if err := mnt.RemoveAllMetadata(); err != nil {
+		t.Fatal(err)
+	}
+	if !isSymlink(rawBaseDir) {
+		t.Fatal("base dir should still be a symlink")
+	}
+	if isDir(realDir) {
+		t.Fatal("real base dir should no longer exist")
+	}
+}
+
+func TestSetupWithAbsoluteSymlink(t *testing.T) {
+	mnt, err := getTestMount(t)
+	if err != nil {
+		t.Fatal(err)
+	}
+	tempDir, err := ioutil.TempDir("", "fscrypt")
+	if err != nil {
+		t.Fatal(err)
+	}
+	defer os.RemoveAll(tempDir)
+	realDir := filepath.Join(tempDir, "realDir")
+	if realDir, err = filepath.Abs(realDir); err != nil {
+		t.Fatal(err)
+	}
+	testSetupWithSymlink(t, mnt, realDir, realDir)
+}
+
+func TestSetupWithRelativeSymlink(t *testing.T) {
+	mnt, err := getTestMount(t)
+	if err != nil {
+		t.Fatal(err)
+	}
+	realDir := filepath.Join(mnt.Path, ".fscrypt-real")
+	testSetupWithSymlink(t, mnt, ".fscrypt-real", realDir)
+}
+
 // Adding a good Protector should succeed, adding a bad one should fail
 func TestAddProtector(t *testing.T) {
 	mnt, err := getSetupMount(t)
-- 
cgit v1.2.3