140a8ac8fSEnji Cooper#!/bin/sh 2*3416500aSEnji Cooper# vim: filetype=sh noexpandtab ts=8 sw=8 340a8ac8fSEnji Cooper# $FreeBSD: head/tools/regression/pjdfstest/tests/chflags/09.t 211352 2010-08-15 21:24:17Z pjd $ 440a8ac8fSEnji Cooper 540a8ac8fSEnji Cooperdesc="chflags returns EPERM when one of SF_IMMUTABLE, SF_APPEND, or SF_NOUNLINK is set and securelevel is greater than 0" 640a8ac8fSEnji Cooper 740a8ac8fSEnji Cooperdir=`dirname $0` 840a8ac8fSEnji Cooper. ${dir}/../misc.sh 940a8ac8fSEnji Cooper 1040a8ac8fSEnji Cooperrequire chflags 1140a8ac8fSEnji Cooper 1240a8ac8fSEnji Cooperecho "1..327" 1340a8ac8fSEnji Cooper 1440a8ac8fSEnji Coopern0=`namegen` 1540a8ac8fSEnji Coopern1=`namegen` 1640a8ac8fSEnji Coopern2=`namegen` 1740a8ac8fSEnji Cooper 1840a8ac8fSEnji Cooperold=`sysctl -n security.jail.chflags_allowed` 1940a8ac8fSEnji Coopersysctl security.jail.chflags_allowed=1 >/dev/null 2040a8ac8fSEnji Cooper 2140a8ac8fSEnji Cooperexpect 0 mkdir ${n0} 0755 2240a8ac8fSEnji Coopercdir=`pwd` 2340a8ac8fSEnji Coopercd ${n0} 2440a8ac8fSEnji Cooper 2540a8ac8fSEnji Cooperfor type in regular dir fifo block char socket symlink; do 2640a8ac8fSEnji Cooper if [ "${type}" != "symlink" ]; then 2740a8ac8fSEnji Cooper create_file ${type} ${n1} 2840a8ac8fSEnji Cooper expect 0 chown ${n1} 65534 65534 2940a8ac8fSEnji Cooper for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do 3040a8ac8fSEnji Cooper expect 0 chflags ${n1} ${flag} 3140a8ac8fSEnji Cooper jexpect 1 `pwd` EPERM chflags ${n1} UF_NODUMP 3240a8ac8fSEnji Cooper expect ${flag} stat ${n1} flags 3340a8ac8fSEnji Cooper jexpect 1 `pwd` EPERM -u 65533 -g 65533 chflags ${n1} UF_NODUMP 3440a8ac8fSEnji Cooper expect ${flag} stat ${n1} flags 3540a8ac8fSEnji Cooper jexpect 1 `pwd` EPERM -u 65534 -g 65534 chflags ${n1} UF_NODUMP 3640a8ac8fSEnji Cooper expect ${flag} stat ${n1} flags 3740a8ac8fSEnji Cooper done 3840a8ac8fSEnji Cooper expect 0 chflags ${n1} none 3940a8ac8fSEnji Cooper if [ "${type}" = "dir" ]; then 4040a8ac8fSEnji Cooper expect 0 rmdir ${n1} 4140a8ac8fSEnji Cooper else 4240a8ac8fSEnji Cooper expect 0 unlink ${n1} 4340a8ac8fSEnji Cooper fi 4440a8ac8fSEnji Cooper fi 4540a8ac8fSEnji Cooper 4640a8ac8fSEnji Cooper create_file ${type} ${n1} 4740a8ac8fSEnji Cooper expect 0 lchown ${n1} 65534 65534 4840a8ac8fSEnji Cooper for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do 4940a8ac8fSEnji Cooper expect 0 lchflags ${n1} ${flag} 5040a8ac8fSEnji Cooper jexpect 1 `pwd` EPERM lchflags ${n1} UF_NODUMP 5140a8ac8fSEnji Cooper expect ${flag} lstat ${n1} flags 5240a8ac8fSEnji Cooper jexpect 1 `pwd` EPERM -u 65533 -g 65533 lchflags ${n1} UF_NODUMP 5340a8ac8fSEnji Cooper expect ${flag} lstat ${n1} flags 5440a8ac8fSEnji Cooper jexpect 1 `pwd` EPERM -u 65534 -g 65534 lchflags ${n1} UF_NODUMP 5540a8ac8fSEnji Cooper expect ${flag} lstat ${n1} flags 5640a8ac8fSEnji Cooper done 5740a8ac8fSEnji Cooper expect 0 lchflags ${n1} none 5840a8ac8fSEnji Cooper if [ "${type}" = "dir" ]; then 5940a8ac8fSEnji Cooper expect 0 rmdir ${n1} 6040a8ac8fSEnji Cooper else 6140a8ac8fSEnji Cooper expect 0 unlink ${n1} 6240a8ac8fSEnji Cooper fi 6340a8ac8fSEnji Cooperdone 6440a8ac8fSEnji Cooper 6540a8ac8fSEnji Coopersysctl security.jail.chflags_allowed=${old} >/dev/null 6640a8ac8fSEnji Coopercd ${cdir} 6740a8ac8fSEnji Cooperexpect 0 rmdir ${n0} 68