1#!/usr/local/bin/ksh93 -p
2#
3# CDDL HEADER START
4#
5# The contents of this file are subject to the terms of the
6# Common Development and Distribution License (the "License").
7# You may not use this file except in compliance with the License.
8#
9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10# or http://www.opensolaris.org/os/licensing.
11# See the License for the specific language governing permissions
12# and limitations under the License.
13#
14# When distributing Covered Code, include this CDDL HEADER in each
15# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16# If applicable, add the following below this CDDL HEADER, with the
17# fields enclosed by brackets "[]" replaced with your own identifying
18# information: Portions Copyright [yyyy] [name of copyright owner]
19#
20# CDDL HEADER END
21#
22
23#
24# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
25# Use is subject to license terms.
26
27. $STF_SUITE/tests/acl/acl_common.kshlib
28
29#################################################################################
30#
31# __stc_assertion_start
32#
33# ID: zfs_acl_chmod_inherit_004_pos
34#
35# DESCRIPTION:
36#	Verify aclinherit=passthrough-x will inherit the 'x' bits while mode request.
37#
38# STRATEGY:
39#	1. Loop super user and non-super user to run the test case.
40#	2. Create basedir and a set of subdirectores and files within it.
41#	3. Set aclinherit=passthrough-x
42#	4. Verify only passthrough-x will inherit the 'x' bits while mode request.
43#
44# TESTABILITY: explicit
45#
46# TEST_AUTOMATION_LEVEL: automated
47#
48# CODING_STATUS: COMPLETED (2009-04-29)
49#
50# __stc_assertion_end
51#
52################################################################################
53
54verify_runnable "both"
55
56function cleanup
57{
58	if [[ -d $basedir ]]; then
59		log_must $RM -rf $basedir
60	fi
61}
62
63$ZPOOL upgrade -v | $GREP "passthrough\-x aclinherit support" > /dev/null 2>&1
64if (( $? != 0 )) ; then
65	log_unsupported "passthrough-x aclinherit not supported."
66fi
67
68log_assert "Verify aclinherit=passthrough-x will inherit the 'x' bits while mode request."
69log_onexit cleanup
70
71set -A aces "owner@:read_data/write_data/add_subdirectory/append_data/execute:dir_inherit/inherit_only:allow" \
72	"owner@:read_data/write_data/add_subdirectory/append_data/execute::allow" \
73	"group@:add_subdirectory/append_data/execute:dir_inherit/inherit_only:allow" \
74	"group@:add_subdirectory/append_data/execute::allow" \
75	"everyone@:add_subdirectory/append_data/execute:dir_inherit/inherit_only:allow" \
76	"everyone@:add_subdirectory/append_data/execute::allow" \
77	"owner@:read_data/write_data/add_subdirectory/append_data/execute:file_inherit/inherit_only:allow" \
78	"group@:read_data/add_subdirectory/append_data/execute:file_inherit/inherit_only:allow" \
79	"everyone@:read_data/add_subdirectory/append_data/execute:file_inherit/inherit_only:allow"
80
81# Defile the based directory and file
82basedir=$TESTDIR/basedir
83
84test_requires ZFS_ACL
85
86#
87# According to inherited flag, verify subdirectories and files within it has
88# correct inherited access control.
89#
90function verify_inherit # <object>
91{
92	typeset obj=$1
93
94	# Define the files and directories will be created after chmod
95	ndir1=$obj/ndir1; ndir2=$ndir1/ndir2
96	nfile1=$ndir1/nfile1.c; nfile2=$ndir1/nfile2
97
98	log_must usr_exec $MKDIR -p $ndir1
99
100	typeset -i i=0
101	while (( i < ${#aces[*]} )) ; do
102		if (( i < 6 )) ; then
103			log_must usr_exec $CHMOD A$i=${aces[i]} $ndir1
104		else
105			log_must usr_exec $CHMOD A$i+${aces[i]} $ndir1
106		fi
107		(( i = i + 1 ))
108	done
109	log_must usr_exec $MKDIR -p $ndir2
110	log_must usr_exec $TOUCH $nfile1
111
112	$CAT > $nfile1 <<EOF
113#include <stdlib.h>
114#include <stdio.h>
115int main()
116{ return 0; }
117EOF
118
119	mode=$(get_mode $ndir2)
120	if [[ $mode != "drwx--x--x"* ]] ; then
121		log_fail "Unexpect mode of $ndir2, expect: drwx--x--x, current: $mode"
122	fi
123
124	mode=$(get_mode $nfile1)
125	if [[ $mode != "-rw-r--r--"* ]] ; then
126		log_fail "Unexpect mode of $nfile1, expect: -rw-r--r--, current: $mode"
127	fi
128
129	if [[ -x /usr/sfw/bin/gcc ]] ; then
130		log_must /usr/sfw/bin/gcc -o $nfile2 $nfile1
131		mode=$(get_mode $nfile2)
132		if [[ $mode != "-rwxr-xr-x"* ]] ; then
133			log_fail "Unexpect mode of $nfile2, expect: -rwxr-xr-x, current: $mode"
134		fi
135	fi
136}
137
138#
139# Set aclmode=passthrough to make sure
140# the acl will not change during chmod.
141# A general testing should verify the combination of
142# aclmode/aclinherit works well,
143# here we just simple test them separately.
144#
145
146log_must $ZFS set aclmode=passthrough $TESTPOOL/$TESTFS
147log_must $ZFS set aclinherit=passthrough-x $TESTPOOL/$TESTFS
148
149for user in root $ZFS_ACL_STAFF1; do
150	log_must set_cur_usr $user
151
152	verify_inherit $basedir
153
154	cleanup
155done
156
157log_pass "Verify aclinherit=passthrough-x will inherit the 'x' bits while mode request."
158