usr/src/test/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_chmod_xattr_002_pos.ksh

   1 #!/bin/ksh -p
   2 #
   3 # CDDL HEADER START
   4 #
   5 # The contents of this file are subject to the terms of the
   6 # Common Development and Distribution License (the "License").
   7 # You may not use this file except in compliance with the License.
   8 #
   9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10 # or http://www.opensolaris.org/os/licensing.
  11 # See the License for the specific language governing permissions
  12 # and limitations under the License.
  13 #
  14 # When distributing Covered Code, include this CDDL HEADER in each
  15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16 # If applicable, add the following below this CDDL HEADER, with the
  17 # fields enclosed by brackets "[]" replaced with your own identifying
  18 # information: Portions Copyright [yyyy] [name of copyright owner]
  19 #
  20 # CDDL HEADER END
  21 #
  22
  23 #
  24 # Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  25 # Use is subject to license terms.
  26 #
  27
  28 #
  29 # Copyright (c) 2016 by Delphix. All rights reserved.
  30 #
  31
  32 . $STF_SUITE/tests/functional/acl/acl_common.kshlib
  33
  34 #
  35 # DESCRIPTION:
  36 #       Verify that the write_xattr for remove the extended attributes of
  37 #       owner/group/everyone are correct.
  38 #
  39 # STRATEGY:
  40 # 1. Create file and  directory in zfs filesystem
  41 # 2. Set special write_xattr ACE to the file and directory
  42 # 3. Try to remove the extended attributes of the file and directory
  43 # 4. Verify above operation is successful.
  44 #
  45
  46 verify_runnable "both"
  47
  48 function cleanup
  49 {
  50         cd $cwd
  51
  52         cleanup_test_files $TESTDIR/basedir
  53
  54         if [[ -e $TESTDIR/$ARCHIVEFILE ]]; then
  55                 log_must rm -f $TESTDIR/$ARCHIVEFILE
  56         fi
  57
  58         return 0
  59 }
  60
  61 #       owner@  group   group_users             other_users
  62 set -A users \
  63         "root"  "root"  "$ZFS_ACL_ADMIN"        "$ZFS_ACL_OTHER1" \
  64         "$ZFS_ACL_STAFF1"       "$ZFS_ACL_STAFF_GROUP"  "$ZFS_ACL_STAFF2" \
  65         "$ZFS_ACL_OTHER1"
  66
  67 set -A a_access \
  68         "write_xattr:allow" \
  69         "write_xattr:deny"
  70
  71 set -A a_flag "owner@" "group@" "everyone@"
  72
  73 MYTESTFILE=/etc/passwd
  74
  75 log_assert "Verify that the permission of write_xattr for " \
  76         "owner/group/everyone while remove extended attributes are correct."
  77 log_onexit cleanup
  78
  79 function operate_node #user node acl
  80 {
  81         typeset user=$1
  82         typeset node=$2
  83         typeset acl_t=$3
  84         typeset ret
  85
  86         if [[ $user == "" || $node == "" ]]; then
  87                 log_fail "user, node are not defined."
  88         fi
  89
  90         chgusr_exec $user runat $node rm -f attr.0 ; ret=$?
  91
  92         if [[ $ret -eq 0 ]]; then
  93                 log_must cleanup_test_files $TESTDIR/basedir
  94                 log_must tar xpf@ $TESTDIR/$ARCHIVEFILE
  95         fi
  96
  97         return $ret
  98 }
  99
 100 function logname #acl_target owner user
 101 {
 102         typeset acl_target=$1
 103         typeset owner=$2
 104         typeset user=$3
 105         typeset ret="log_mustnot"
 106
 107         # To super user, read and write deny permission was override.
 108         if [[ $user == root || $owner == $user ]] then
 109                 ret="log_must"
 110         fi
 111
 112         print $ret
 113 }
 114
 115 function check_chmod_results #node flag acl_target owner g_usr o_usr
 116 {
 117         typeset node=$1
 118         typeset flag=$2
 119         typeset acl_target=$2:$3
 120         typeset owner=$4
 121         typeset g_usr=$5
 122         typeset o_usr=$6
 123         typeset log
 124
 125         if [[ $flag == "owner@" || $flag == "everyone@" ]]; then
 126                 log=$(logname $acl_target $owner $ZFS_ACL_CUR_USER)
 127                 $log operate_node $ZFS_ACL_CUR_USER $node $acl_target
 128         fi
 129         if [[ $flag == "group@" || $flag == "everyone@" ]]; then
 130                 log=$(logname $acl_target $owner $g_usr)
 131                 $log operate_node $g_usr $node $acl_target
 132         fi
 133         if [[ $flag == "everyone@" ]]; then
 134                 log=$(logname $acl_target $owner $o_usr)
 135                 $log operate_node $o_usr $node $acl_target
 136         fi
 137 }
 138
 139 function test_chmod_basic_access #node owner g_usr o_usr
 140 {
 141         typeset node=${1%/}
 142         typeset owner=$2
 143         typeset g_usr=$3
 144         typeset o_usr=$4
 145         typeset flag acl_p acl_t parent
 146
 147         parent=${node%/*}
 148
 149         for flag in ${a_flag[@]}; do
 150                 for acl_t in "${a_access[@]}"; do
 151                         log_must usr_exec chmod A+$flag:$acl_t $node
 152
 153                         log_must tar cpf@ $TESTDIR/$ARCHIVEFILE basedir
 154
 155                         check_chmod_results "$node" "$flag" \
 156                                 "$acl_t" "$owner" "$g_usr" "$o_usr"
 157
 158                         log_must usr_exec chmod A0- $node
 159                 done
 160         done
 161 }
 162
 163 function setup_test_files #base_node user group
 164 {
 165         typeset base_node=$1
 166         typeset user=$2
 167         typeset group=$3
 168
 169         cleanup_test_files $base_node
 170
 171         log_must mkdir -p $base_node
 172         log_must chown $user:$group $base_node
 173
 174         log_must set_cur_usr $user
 175
 176         # Prepare all files/sub-dirs for testing.
 177
 178         file0=$base_node/testfile_rm
 179
 180         dir0=$base_node/testdir_rm
 181
 182         log_must usr_exec touch $file0
 183         log_must usr_exec chmod 444 $file0
 184
 185         log_must usr_exec runat $file0 cp $MYTESTFILE attr.0
 186
 187         log_must usr_exec mkdir -p $dir0
 188         log_must usr_exec chmod 555 $dir0
 189
 190         log_must usr_exec runat $dir0 cp $MYTESTFILE attr.0
 191
 192         log_must usr_exec chmod 555 $base_node
 193         return 0
 194 }
 195
 196 function cleanup_test_files #base_node
 197 {
 198         typeset base_node=$1
 199
 200         if [[ -d $base_node ]]; then
 201                 log_must rm -rf $base_node
 202         elif [[ -e $base_node ]]; then
 203                 log_must rm -f $base_node
 204         fi
 205
 206         return 0
 207 }
 208
 209 typeset cwd=$PWD
 210 typeset ARCHIVEFILE=archive.tar
 211
 212 typeset -i i=0
 213 typeset -i j=0
 214 typeset target
 215
 216 while (( i < ${#users[@]} )); do
 217         setup_test_files $TESTDIR/basedir ${users[i]} ${users[((i+1))]}
 218         cd $TESTDIR
 219
 220         j=0
 221         while (( j < 1 )); do
 222                 eval target=\$file$j
 223                 test_chmod_basic_access $target ${users[i]} \
 224                         "${users[((i+2))]}" "${users[((i+3))]}"
 225
 226                 eval target=\$dir$j
 227                 test_chmod_basic_access $target ${users[i]} \
 228                         "${users[((i+2))]}" "${users[((i+3))]}"
 229
 230                 (( j = j + 1 ))
 231         done
 232
 233         (( i += 4 ))
 234 done
 235
 236 log_pass "Verify that the permission of write_xattr for " \
 237         "owner/group/everyone while remove extended attributes are correct."