util/linux: add explicit FS_IMMUTABLE_FL helpers

The FS_IOC_{GET,SET}FLAGS ioctl numbers are not stable across different architectures. Most of them use the asm-generic versions, but ALPHA and SPARC in particular use completely different IOC number setups (see the definition of _IOC, _IOR, _IOW, etc. in the kernel). This commit moves the helpers for `FS_IMMUTABLE_FL` into `osbuild/util/` and adds explicit tests. This will make sure that we catch any ioctl mismatches as soon as possible when we run the osbuild test-suite on other architectures. Until then, we will have to live with this mismatch.
2020-04-20 11:52:57 +02:00 · 2020-04-20 11:52:57 +02:00 · e5ff287f5a
commit e5ff287f5a
parent 2cc9160099
2 changed files with 165 additions and 0 deletions
--- a/osbuild/util/linux.py
+++ b/osbuild/util/linux.py
@ -0,0 +1,93 @@
+"""Linux API Access
+
+This module provides access to linux system-calls and other APIs, in particular
+those not provided by the python standard library. The idea is to provide
+universal wrappers with broad access to linux APIs. Convenience helpers and
+higher-level abstractions are beyond the scope of this module.
+
+In some cases it is overly complex to provide universal access to a specifc
+API. Hence, the API might be restricted to a reduced subset of its
+functionality, just to make sure we can actually implement the wrappers in a
+reasonable manner.
+"""
+
+
+import array
+import fcntl
+
+
+__all__ = [
+    "ioctl_get_immutable",
+    "ioctl_toggle_immutable",
+]
+
+
+# NOTE: These are wrong on at least ALPHA and SPARC. They use different
+#       ioctl number setups. We should fix this, but this is really awkward
+#       in standard python.
+#       Our tests will catch this, so we will not accidentally run into this
+#       on those architectures.
+FS_IOC_GETFLAGS = 0x80086601
+FS_IOC_SETFLAGS = 0x40086602
+
+FS_IMMUTABLE_FL = 0x00000010
+
+
+def ioctl_get_immutable(fd: int):
+    """Query FS_IMMUTABLE_FL
+
+    This queries the `FS_IMMUTABLE_FL` flag on a specified file.
+
+    Arguments
+    ---------
+    fd
+        File-descriptor to operate on.
+
+    Returns
+    -------
+    bool
+        Whether the `FS_IMMUTABLE_FL` flag is set or not.
+
+    Raises
+    ------
+    OSError
+        If the underlying ioctl fails, a matching `OSError` will be raised.
+    """
+
+    if not isinstance(fd, int) or fd < 0:
+        raise ValueError()
+
+    flags = array.array('L', [0])
+    fcntl.ioctl(fd, FS_IOC_GETFLAGS, flags, True)
+    return bool(flags[0] & FS_IMMUTABLE_FL)
+
+
+def ioctl_toggle_immutable(fd: int, set_to: bool):
+    """Toggle FS_IMMUTABLE_FL
+
+    This toggles the `FS_IMMUTABLE_FL` flag on a specified file. It can both set
+    and clear the flag.
+
+    Arguments
+    ---------
+    fd
+        File-descriptor to operate on.
+    set_to
+        Whether to set the `FS_IMMUTABLE_FL` flag or not.
+
+    Raises
+    ------
+    OSError
+        If the underlying ioctl fails, a matching `OSError` will be raised.
+    """
+
+    if not isinstance(fd, int) or fd < 0:
+        raise ValueError()
+
+    flags = array.array('L', [0])
+    fcntl.ioctl(fd, FS_IOC_GETFLAGS, flags, True)
+    if set_to:
+        flags[0] |= FS_IMMUTABLE_FL
+    else:
+        flags[0] &= ~FS_IMMUTABLE_FL
+    fcntl.ioctl(fd, FS_IOC_SETFLAGS, flags, False)
--- a/test/test_util_linux.py
+++ b/test/test_util_linux.py
@ -0,0 +1,72 @@
+#
+# Tests for the `osbuild.util.linux` module.
+#
+
+
+import os
+import subprocess
+import tempfile
+import unittest
+
+import osbuild.util.linux as linux
+
+
+class TestUtilLinux(unittest.TestCase):
+    def setUp(self):
+        self.vartmpdir = tempfile.TemporaryDirectory(dir="/var/tmp")
+
+    def tearDown(self):
+        self.vartmpdir.cleanup()
+
+    def test_ioctl_get_immutable(self):
+        #
+        # Test the `ioctl_get_immutable()` helper and make sure it works
+        # as intended.
+        #
+
+        with open(f"{self.vartmpdir.name}/immutable", "x") as f:
+            assert not linux.ioctl_get_immutable(f.fileno())
+
+    @unittest.skipUnless(os.geteuid() == 0, "root-only")
+    def test_ioctl_toggle_immutable(self):
+        #
+        # Test the `ioctl_toggle_immutable()` helper and make sure it works
+        # as intended.
+        #
+
+        with open(f"{self.vartmpdir.name}/immutable", "x") as f:
+            # Check the file is mutable by default and if we clear it again.
+            assert not linux.ioctl_get_immutable(f.fileno())
+            linux.ioctl_toggle_immutable(f.fileno(), False)
+            assert not linux.ioctl_get_immutable(f.fileno())
+
+            # Set immutable and check for it. Try again to verify with flag set.
+            linux.ioctl_toggle_immutable(f.fileno(), True)
+            assert linux.ioctl_get_immutable(f.fileno())
+            linux.ioctl_toggle_immutable(f.fileno(), True)
+            assert linux.ioctl_get_immutable(f.fileno())
+
+            # Verify immutable files cannot be unlinked.
+            with self.assertRaises(OSError):
+                os.unlink(f"{self.vartmpdir.name}/immutable")
+
+            # Check again that clearing the flag works.
+            linux.ioctl_toggle_immutable(f.fileno(), False)
+            assert not linux.ioctl_get_immutable(f.fileno())
+
+            # This time, check that we actually set the same flag as `chattr`.
+            subprocess.run(["chattr", "+i",
+                            f"{self.vartmpdir.name}/immutable"], check=True)
+            assert linux.ioctl_get_immutable(f.fileno())
+
+            # Same for clearing it.
+            subprocess.run(["chattr", "-i",
+                            f"{self.vartmpdir.name}/immutable"], check=True)
+            assert not linux.ioctl_get_immutable(f.fileno())
+
+            # Verify we can unlink the file again, once the flag is cleared.
+            os.unlink(f"{self.vartmpdir.name}/immutable")
+
+
+if __name__ == "__main__":
+    unittest.main()