Fix integration tests perms checks

 * a symlink's permissions don't matter, so as long as it points to
   the correct file it's supposed to be correct.

 * nominally, symlink permissions are always 0777 and cannot be
   changed, so in theory there is nothing to check. On VD targets
   there exist 0755 symlinks. We don't know where they come from
   or what their meaning is, although it seems harmless and we
   can't do anything about them anyway (there is no lchmod(2)).

 * also update a comment with our recent advances in understanding.

Change-Id: Icb58e3dc541813ce7070943434178ebdcdc73477

diff --git a/src/service/src/os_ops.cpp b/src/service/src/os_ops.cpp
index 00768d13ffd2b9f588bfc81b8b01816e43bb295c..6f768a6af0a7c1839bf766ba80f174cef84ef6dc 100644 (file)
--- a/src/service/src/os_ops.cpp
+++ b/src/service/src/os_ops.cpp
@@ -368,13 +368,10 @@ void OS::set_ownership_and_perms(const fs::path& src_path, const fs::path& dest_
        if (copy_perms_from_skel)
                permissions = info.permissions();
 
-       /* Symlinks themselves don't have permissions, and we don't want to
-        * change the underlying file's. I'm not sure why we check the source's
-        * symlink status, not the destination's, but in theory they should be
-        * the same so we save a stat() call (and I am too afraid to change
-        * legacy behaviour). If using the destination's state, we could skip
-        * the check and use the `fs::perm_options::nofollow` flag, but when I
-        * tried it (early Tizen 10, 2025-01), it threw "operation not supported". */
+       /* Symlinks themselves don't have permissions (or rather they always have
+        * permissions hardcoded to 0777, but they cannot be changed and are not
+        * actually meaninfgully used anywhere). We also don't want to change the
+        * file's permissions either, so do nothing in that case. */
        if (!is_symlink(info))
                fs::permissions(dest_path, permissions);
 }

diff --git a/tests/integration/sessiond-integration-tests.sh b/tests/integration/sessiond-integration-tests.sh
index 74d4bc6869708b58cc30eea778ecf09ac4f6baa9..20533f53738524b02c30768f00ef4c5b2ac093a4 100755 (executable)
--- a/tests/integration/sessiond-integration-tests.sh
+++ b/tests/integration/sessiond-integration-tests.sh
@@ -197,7 +197,8 @@ for subsession in "${TEST_SUBSESSIONS[@]}" "${TEST_SUBSESSIONS_FIXED[@]}"; do
                u_group="users"
                u_perms="drwxr-xr-x"
                if [ -L "$f" ]; then
-                       u_perms="lrwxrwxrwx"
+                       # Symlink permissions don't matter.
+                       verbose_echo "  skipping permission checks for $f (is symlink)"
                else
                        prefix_to_remove="$skeldir/"
                        prefix_removed_f="${templf/#"$prefix_to_remove"}"
@@ -223,12 +224,12 @@ for subsession in "${TEST_SUBSESSIONS[@]}" "${TEST_SUBSESSIONS_FIXED[@]}"; do
                        fi
 
                        unset first_level second_level third_level
-               fi
 
-               if [ "$user" != "$u_user" ] || [ "$group" != "$u_group" ] || [ "$perms" != "$u_perms" ]; then
-                       echo "$f: incorrect permissions set!"
-                       remove_test_users false
-                       exit 1
+                       if [ "$user" != "$u_user" ] || [ "$group" != "$u_group" ] || [ "$perms" != "$u_perms" ] ; then
+                               echo "$f: incorrect permissions set!"
+                               remove_test_users false
+                               exit 1
+                       fi
                fi
 
                # Check SMACK attributes (access, transmute, etc.)