5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
24 # Copyright 2009 Sun Microsystems, Inc. All rights reserved.
25 # Use is subject to license terms.
29 # Copyright (c) 2016 by Delphix. All rights reserved.
32 .
$STF_SUITE/tests
/functional
/acl
/acl_common.kshlib
36 # Verify 1) Illegal options to chmod should fail.
37 # 2) Delete all the ACE will lead to fail.
38 # 3) Add ACE exceed 1024 will cause to fail.
41 # 1. Loop root and non-root users
42 # 2. Verify all kinds of illegal option will lead to chmod failed.
43 # 3. Verify 'chmod A0-' will fail when try to delete all the ACE.
44 # 4. Verify 'chmod A+' will succeed when the ACE number exceed 1024.
47 verify_runnable
"both"
49 log_assert
"Verify illegal operating to ACL, it will fail."
52 function err_opts
#node
54 typeset A_opts
="+A@ -A#- +A% =A^ =A# =A@ +A#\ asd \
55 A+@ A-#- A+% A=^ A=# A=@ A+#"
57 log_note
"Illegal option to chmod should fail."
58 for A
in ${A_opts[@]}; do
59 log_mustnot usr_exec
chmod ${A}owner@
:read_data
:allow
$node
60 log_mustnot usr_exec
chmod A
+ asd owner@
:execute
:deny
$node
63 typeset type_opts
="everyone groups owner user@ users"
64 for tp
in ${type_opts[@]}; do
65 log_mustnot usr_exec
chmod A
+$tp:read_data
:deny
$node
71 function del_all_ACE
#node
76 cnt
=$
(count_ACE
$node)
77 while (( cnt
> 0 )); do
78 if (( cnt
== 1 )); then
79 log_mustnot
chmod A0-
$node
81 log_must
chmod A0-
$node
90 function exceed_max_ACE
#node
96 cnt
=$
(count_ACE
$node)
98 # One more ACE exceed the max limitation.
99 (( max
= max
- cnt
+ 1 ))
100 while (( max
> 0 )); do
101 if (( max
== 1 )); then
102 log_mustnot
chmod A
+owner@
:read_data
:allow
$node
104 chmod A
+owner@
:read_data
:allow
$node
107 log_fail
"Add No.$cnt ACL item failed."
118 typeset func_name
="err_opts del_all_ACE exceed_max_ACE"
120 for usr
in "root" "$ZFS_ACL_STAFF1"; do
121 log_must set_cur_usr
$usr
123 for node
in $testfile $testdir; do
124 log_must usr_exec
touch $testfile
125 log_must usr_exec mkdir
$testdir
127 for func
in $func_name; do
128 log_must
eval "$func $node"
131 log_must usr_exec
rm -rf $testfile $testdir
135 log_pass
"Verify illegal operating to ACL passed."