1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2007 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26 27. $STF_SUITE/tests/delegate/delegate_common.kshlib 28 29################################################################################# 30# 31# __stc_assertion_start 32# 33# ID: zfs_allow_010_pos 34# 35# DESCRIPTION: 36# Scan the following permissions one by one to verify privileged user 37# has correct permission delegation in datasets. 38# 39# STRATEGY: 40# 1. Delegate all the permission one by one to user on dataset. 41# 2. Verify privileged user has correct permission without any other 42# permissions allowed. 43# 44# TESTABILITY: explicit 45# 46# TEST_AUTOMATION_LEVEL: automated 47# 48# CODING_STATUS: COMPLETED (2006-11-02) 49# 50# __stc_assertion_end 51# 52################################################################################ 53 54verify_runnable "both" 55 56log_assert "Verify privileged user has correct permissions once which was "\ 57 "delegated to him in datasets" 58 59# 60# Results in Results in 61# Permission Filesystem Volume 62# 63set -A perms create true false \ 64 snapshot true true \ 65 mount true false \ 66 send true true \ 67 allow true true \ 68 quota true false \ 69 reservation true true \ 70 recordsize true false \ 71 mountpoint true false \ 72 checksum true true \ 73 compression true true \ 74 canmount true false \ 75 atime true false \ 76 exec true false \ 77 volsize false true \ 78 setuid true false \ 79 readonly true true \ 80 snapdir true false \ 81 userprop true true \ 82 aclmode true false \ 83 aclinherit true false \ 84 rollback true true \ 85 clone true true \ 86 rename true true \ 87 promote true true \ 88 receive true false \ 89 destroy true true 90 # TODO: shareiscsi is not yet supported on FreeBSD 91 # shareiscsi true true 92# the sharenfs test is Solaris-specific. TODO: port it to FreeBSD. 93#typeset -i n=${#perms[@]} 94#perms[((n))]="sharenfs"; perms[((n+1))]="true"; perms[((n+2))]="false" 95#perms[((n+3))]="share"; perms[((n+4))]="true"; perms[((n+5))]="false" 96 97for dtst in $DATASETS; do 98 typeset -i k=1 99 typeset type=$(get_prop type $dtst) 100 [[ $type == "volume" ]] && k=2 101 102 typeset -i i=0 103 while (( i < ${#perms[@]} )); do 104 log_must $ZFS allow $STAFF1 ${perms[$i]} $dtst 105 106 if [[ ${perms[((i+k))]} == "true" ]]; then 107 log_must verify_perm $dtst ${perms[$i]} $STAFF1 108 else 109 log_must verify_noperm $dtst ${perms[$i]} $STAFF1 110 fi 111 112 log_must restore_root_datasets 113 114 ((i += 3)) 115 done 116done 117 118log_pass "Verify privileged user has correct permissions " \ 119 "in datasets passed." 120