usr/src/test/zfs-tests/tests/functional/acl/trivial/zfs_acl_aclmode_restricted_001_pos.ksh

   1 #!/bin/ksh -p
   2 #
   3 # CDDL HEADER START
   4 #
   5 # The contents of this file are subject to the terms of the
   6 # Common Development and Distribution License (the "License").
   7 # You may not use this file except in compliance with the License.
   8 #
   9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10 # or http://www.opensolaris.org/os/licensing.
  11 # See the License for the specific language governing permissions
  12 # and limitations under the License.
  13 #
  14 # When distributing Covered Code, include this CDDL HEADER in each
  15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16 # If applicable, add the following below this CDDL HEADER, with the
  17 # fields enclosed by brackets "[]" replaced with your own identifying
  18 # information: Portions Copyright [yyyy] [name of copyright owner]
  19 #
  20 # CDDL HEADER END
  21 #
  22
  23 #
  24 # Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
  25 # Use is subject to license terms.
  26 #
  27
  28 #
  29 # Copyright (c) 2013, 2016 by Delphix. All rights reserved.
  30 # Copyright (c) 2013 by Paul B. Henson <henson@acm.org>. All rights reserved.
  31 #
  32
  33 . $STF_SUITE/tests/functional/acl/acl.cfg
  34 . $STF_SUITE/tests/functional/acl/acl_common.kshlib
  35
  36 #
  37 # DESCRIPTION:
  38 #       Verify chmod permission settings on files and directories, as both root
  39 #       and non-root users, with aclmode set to restricted.
  40 #
  41 # STRATEGY:
  42 #       1. Loop root and $ZFS_ACL_STAFF1 as root and non-root users.
  43 #       2. Create test file and directory in zfs filesystem.
  44 #       3. Execute 'chmod' with specified options.
  45 #       4. Check 'ls -l' output and compare with expect results.
  46
  47 verify_runnable "both"
  48
  49 function cleanup
  50 {
  51         # reset aclmode=discard
  52         log_must zfs set aclmode=discard $TESTPOOL/$TESTFS
  53 }
  54
  55 #       "init_map" "options" "expect_map"
  56 set -A argv \
  57         "000" "a+rw"    "rw-rw-rw-"     "000" "a+rwx"   "rwxrwxrwx" \
  58         "000" "u+xr"    "r-x------"     "000" "gu-xw"   "---------" \
  59         "644" "a-r"     "-w-------"     "644" "augo-x"  "rw-r--r--" \
  60         "644" "=x"      "--x--x--x"     "644" "u-rw"    "---r--r--" \
  61         "644" "uo+x"    "rwxr--r-x"     "644" "ga-wr"   "---------" \
  62         "777" "augo+x"  "rwxrwxrwx"     "777" "go-xr"   "rwx-w--w-" \
  63         "777" "o-wx"    "rwxrwxr--"     "777" "ou-rx"   "-w-rwx-w-" \
  64         "777" "a+rwx"   "rwxrwxrwx"     "777" "u=rw"    "rw-rwxrwx" \
  65         "000" "123"     "--x-w--wx"     "000" "412"     "r----x-w-" \
  66         "231" "562"     "r-xrw--w-"     "712" "000"     "---------" \
  67         "777" "121"     "--x-w---x"     "123" "775"     "rwxrwxr-x"
  68
  69 log_assert " Verify chmod permission settings on files and directories for " \
  70     "aclmode=restricted"
  71 log_onexit cleanup
  72
  73 #
  74 # Verify file or directory have correct map after chmod
  75 #
  76 # $1 file or directory
  77 #
  78 function test_chmod_mapping #<file-dir>
  79 {
  80         typeset node=$1
  81         typeset -i i=0
  82
  83         while ((i < ${#argv[@]})); do
  84                 usr_exec chmod ${argv[i]} $node
  85                 if (($? != 0)); then
  86                         log_note "usr_exec chmod ${argv[i]} $node"
  87                         return 1
  88                 fi
  89                 usr_exec chmod ${argv[((i + 1))]} $node
  90                 if (($? != 0)); then
  91                         log_note "usr_exec chmod ${argv[((i + 1))]} $node"
  92                         return 1
  93                 fi
  94
  95                 typeset mode
  96                 mode=$(get_mode ${node})
  97
  98                 if [[ $mode != "-${argv[((i + 2))]}"* && \
  99                     $mode != "d${argv[((i + 2))]}"* ]]
 100                 then
 101                         log_fail "FAIL: '${argv[i]}' '${argv[((i + 1))]}' \
 102                             '${argv[((i + 2))]}'"
 103                 fi
 104
 105                 ((i += 3))
 106         done
 107
 108         return 0
 109 }
 110
 111 # set aclmode=restricted
 112 log_must zfs set aclmode=restricted $TESTPOOL/$TESTFS
 113
 114 for user in root $ZFS_ACL_STAFF1; do
 115         log_must set_cur_usr $user
 116
 117         # Test file
 118         log_must usr_exec touch $testfile
 119         log_must test_chmod_mapping $testfile
 120
 121         # Test directory
 122         log_must usr_exec mkdir $testdir
 123         log_must test_chmod_mapping $testdir
 124
 125         log_must usr_exec rm $testfile
 126         log_must usr_exec rm -rf $testdir
 127 done
 128
 129 log_pass "Setting permissions using 'chmod' for aclmode=restricted completed " \
 130     "successfully."