mirror of
https://github.com/k3s-io/kubernetes.git
synced 2025-07-29 14:37:00 +00:00
Merge pull request #89736 from gnufied/force-sgid-bit-off
Force sgid bit to be off before checking volume permission
This commit is contained in:
Kubernetes Prow Robot
GitHub
commit
c6a942249f
@ -154,15 +154,19 @@ func TestSkipPermissionChange(t *testing.T) {
|
|||||||
|
|
||||||
mask := rwMask
|
mask := rwMask
|
||||||
|
|
||||||
if test.sgidMatch {
|
|
||||||
mask |= os.ModeSetgid
|
|
||||||
}
|
|
||||||
|
|
||||||
if test.permissionMatch {
|
if test.permissionMatch {
|
||||||
mask |= execMask
|
mask |= execMask
|
||||||
|
|
||||||
}
|
}
|
||||||
err = os.Chmod(tmpDir, info.Mode()|mask)
|
if test.sgidMatch {
|
||||||
|
mask |= os.ModeSetgid
|
||||||
|
mask = info.Mode() | mask
|
||||||
|
} else {
|
||||||
|
nosgidPerm := info.Mode() &^ os.ModeSetgid
|
||||||
|
mask = nosgidPerm | mask
|
||||||
|
}
|
||||||
|
|
||||||
|
err = os.Chmod(tmpDir, mask)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("Chmod failed on %v: %v", tmpDir, err)
|
t.Errorf("Chmod failed on %v: %v", tmpDir, err)
|
||||||
}
|
}
|
||||||
@ -206,7 +210,8 @@ func TestSetVolumeOwnership(t *testing.T) {
|
|||||||
|
|
||||||
// create a subdirectory with invalid permissions
|
// create a subdirectory with invalid permissions
|
||||||
rogueDir := filepath.Join(path, "roguedir")
|
rogueDir := filepath.Join(path, "roguedir")
|
||||||
err = os.Mkdir(rogueDir, info.Mode())
|
nosgidPerm := info.Mode() &^ os.ModeSetgid
|
||||||
|
err = os.Mkdir(rogueDir, nosgidPerm)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user