On 5.8 kernels unprivileged whiteout creation is allowed

[brauner]

@poettering one of your colleagues made it possible to create unprivileged whiteouts in newer kernels:

commit a3c751a50fe6bbe50eb7622a14b18b361804ee0c
Author: Miklos Szeredi <mszeredi@redhat.com>
Date:   Thu May 14 16:44:23 2020 +0200

    vfs: allow unprivileged whiteout creation

    Whiteouts, unlike real device node should not require privileges to create.

    The general concern with device nodes is that opening them can have side
    effects.  The kernel already avoids zero major (see
    Documentation/admin-guide/devices.txt).  To be on the safe side the patch
    explicitly forbids registering a char device with 0/0 number (see
    cdev_add()).

    This guarantees that a non-O_PATH open on a whiteout will fail with ENODEV;
    i.e. it won't have any side effect.

    Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>

This means:

systemd/src/test/test-fs-util.c

Line 620 in 8301719

if (r < 0 && errno == EPERM && detect_container() > 0) {

should likely be adapted to test some other device. We've seen failures for this in our test-suites.

[brauner]

Probably also need to change:

systemd/src/test/test-stat-util.c

Line 151 in 28b05d1

if (is_device_node("/run/systemd/inaccessible/chr") > 0) {

because inaccessiable/{chr,blk} are whiteouts as well afaict.

[poettering]

it would probably suffice to swap the order of the char vs. block device node testing, right? since block devices of zero major are still not allowed, right? it's only the char devices 0:0 that are now allowed, correct?

[sforshee]

Yes, it's only the 0:0 char device that is now allowed, so testing the block device node first should be sufficient.

[poettering]

fix pending in #16734