Merge pull request kubernetes#89736 from gnufied/force-sgid-bit-off

Force sgid bit to be off before checking volume permission

Author: k8s-ci-robot

pkg/volume/volume_linux_test.go

@@ -154,15 +154,19 @@ func TestSkipPermissionChange(t *testing.T) {
 
 			mask := rwMask
 
-			if test.sgidMatch {
-				mask |= os.ModeSetgid
-			}
-
 			if test.permissionMatch {
 				mask |= execMask
 
 			}
-			err = os.Chmod(tmpDir, info.Mode()|mask)
+			if test.sgidMatch {
+				mask |= os.ModeSetgid
+				mask = info.Mode() | mask
+			} else {
+				nosgidPerm := info.Mode() &^ os.ModeSetgid
+				mask = nosgidPerm | mask
+			}
+
+			err = os.Chmod(tmpDir, mask)
 			if err != nil {
 				t.Errorf("Chmod failed on %v: %v", tmpDir, err)
 			}
@@ -206,7 +210,8 @@ func TestSetVolumeOwnership(t *testing.T) {
 
 				// create a subdirectory with invalid permissions
 				rogueDir := filepath.Join(path, "roguedir")
-				err = os.Mkdir(rogueDir, info.Mode())
+				nosgidPerm := info.Mode() &^ os.ModeSetgid
+				err = os.Mkdir(rogueDir, nosgidPerm)
 				if err != nil {
 					return err
 				}