search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
7290 ZFS test suite needs to control what utilities it can run
[unleashed.git] / usr / src / test / zfs-tests / tests / functional / acl / nontrivial / zfs_acl_chmod_001_neg.ksh
blobe5d3f7cb8c1400f78b3c01ac3de7c89586d3d5c0
1 #!/bin/ksh -p
2 #
3 # CDDL HEADER START
4 #
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
8 #
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
13 #
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
19 #
20 # CDDL HEADER END
21 #
22
23 #
24 # Copyright 2009 Sun Microsystems, Inc. All rights reserved.
25 # Use is subject to license terms.
26 #
27
28 #
29 # Copyright (c) 2016 by Delphix. All rights reserved.
30 #
31
32 . $STF_SUITE/tests/functional/acl/acl_common.kshlib
33
34 #
35 # DESCRIPTION:
36 # Verify 1) Illegal options to chmod should fail.
37 # 2) Delete all the ACE will lead to fail.
38 # 3) Add ACE exceed 1024 will cause to fail.
39 #
40 # STRATEGY:
41 # 1. Loop root and non-root users
42 # 2. Verify all kinds of illegal option will lead to chmod failed.
43 # 3. Verify 'chmod A0-' will fail when try to delete all the ACE.
44 # 4. Verify 'chmod A+' will succeed when the ACE number exceed 1024.
45 #
46
47 verify_runnable "both"
48
49 log_assert "Verify illegal operating to ACL, it will fail."
50 log_onexit cleanup
51
52 function err_opts #node
53 {
54 typeset A_opts="+A@ -A#- +A% =A^ =A# =A@ +A#\ asd \
55 A+@ A-#- A+% A=^ A=# A=@ A+#"
56
57 log_note "Illegal option to chmod should fail."
58 for A in ${A_opts[@]}; do
59 log_mustnot usr_exec chmod ${A}owner@:read_data:allow $node
60 log_mustnot usr_exec chmod A+ asd owner@:execute:deny $node
61 done
62
63 typeset type_opts="everyone groups owner user@ users"
64 for tp in ${type_opts[@]}; do
65 log_mustnot usr_exec chmod A+$tp:read_data:deny $node
66 done
67
68 return 0
69 }
70
71 function del_all_ACE #node
72 {
73 typeset node=$1
74 typeset -i cnt
75
76 cnt=$(count_ACE $node)
77 while (( cnt > 0 )); do
78 if (( cnt == 1 )); then
79 log_mustnot chmod A0- $node
80 else
81 log_must chmod A0- $node
82 fi
83
84 (( cnt -= 1 ))
85 done
86
87 return 0
88 }
89
90 function exceed_max_ACE #node
91 {
92 typeset node=$1
93 typeset -i max=1024
94 typeset -i cnt
95
96 cnt=$(count_ACE $node)
97
98 # One more ACE exceed the max limitation.
99 (( max = max - cnt + 1 ))
100 while (( max > 0 )); do
101 if (( max == 1 )); then
102 log_mustnot chmod A+owner@:read_data:allow $node
103 else
104 chmod A+owner@:read_data:allow $node
105 if (($? != 0)); then
106 ((cnt = 1024 - max))
107 log_fail "Add No.$cnt ACL item failed."
108 fi
109 fi
110
111 (( max -= 1 ))
112 done
113
114 return 0
115 }
116
117 typeset node
118 typeset func_name="err_opts del_all_ACE exceed_max_ACE"
119
120 for usr in "root" "$ZFS_ACL_STAFF1"; do
121 log_must set_cur_usr $usr
122
123 for node in $testfile $testdir; do
124 log_must usr_exec touch $testfile
125 log_must usr_exec mkdir $testdir
126
127 for func in $func_name; do
128 log_must eval "$func $node"
129 done
130
131 log_must usr_exec rm -rf $testfile $testdir
132 done
133 done
134
135 log_pass "Verify illegal operating to ACL passed."
Unleashed OS