xref: /freebsd/tests/sys/acl/aclfuzzer.sh (revision d0b2dbfa) 
1b3af24b4SEnji Cooper#!/bin/sh
2b3af24b4SEnji Cooper#
3b3af24b4SEnji Cooper# Copyright (c) 2008, 2009 Edward Tomasz Napierała <trasz@FreeBSD.org>
4b3af24b4SEnji Cooper#
5b3af24b4SEnji Cooper# Redistribution and use in source and binary forms, with or without
6b3af24b4SEnji Cooper# modification, are permitted provided that the following conditions
7b3af24b4SEnji Cooper# are met:
8b3af24b4SEnji Cooper# 1. Redistributions of source code must retain the above copyright
9b3af24b4SEnji Cooper#    notice, this list of conditions and the following disclaimer.
10b3af24b4SEnji Cooper# 2. Redistributions in binary form must reproduce the above copyright
11b3af24b4SEnji Cooper#    notice, this list of conditions and the following disclaimer in the
12b3af24b4SEnji Cooper#    documentation and/or other materials provided with the distribution.
13b3af24b4SEnji Cooper#
14b3af24b4SEnji Cooper# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15b3af24b4SEnji Cooper# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16b3af24b4SEnji Cooper# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17b3af24b4SEnji Cooper# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18b3af24b4SEnji Cooper# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19b3af24b4SEnji Cooper# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20b3af24b4SEnji Cooper# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21b3af24b4SEnji Cooper# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22b3af24b4SEnji Cooper# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23b3af24b4SEnji Cooper# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24b3af24b4SEnji Cooper# SUCH DAMAGE.
25b3af24b4SEnji Cooper#
26b3af24b4SEnji Cooper#
27b3af24b4SEnji Cooper
28b3af24b4SEnji Cooper# This is an NFSv4 ACL fuzzer.  It expects to be run by non-root in a scratch
29b3af24b4SEnji Cooper# directory on a filesystem with NFSv4 ACLs support.  Output it generates
30b3af24b4SEnji Cooper# is expected to be fed to /usr/src/tools/regression/acltools/run script.
31b3af24b4SEnji Cooper
32b3af24b4SEnji CooperNUMBER_OF_COMMANDS=300
33b3af24b4SEnji Cooper
34b3af24b4SEnji Cooperrun_command()
35b3af24b4SEnji Cooper{
36b3af24b4SEnji Cooper	echo "\$ $1"
37b3af24b4SEnji Cooper	eval $1 2>&1 | sed 's/^/> /'
38b3af24b4SEnji Cooper}
39b3af24b4SEnji Cooper
40b3af24b4SEnji Cooperrnd_from_0_to()
41b3af24b4SEnji Cooper{
42b3af24b4SEnji Cooper	max=`expr $1 + 1`
43b3af24b4SEnji Cooper	rnd=`jot -r 1`
44b3af24b4SEnji Cooper	rnd=`expr $rnd % $max`
45b3af24b4SEnji Cooper
46b3af24b4SEnji Cooper	echo $rnd
47b3af24b4SEnji Cooper}
48b3af24b4SEnji Cooper
49b3af24b4SEnji Cooperrnd_path()
50b3af24b4SEnji Cooper{
51b3af24b4SEnji Cooper	rnd=`rnd_from_0_to 3`
52b3af24b4SEnji Cooper	case $rnd in
53b3af24b4SEnji Cooper		0) echo "$TMP/aaa" ;;
54b3af24b4SEnji Cooper		1) echo "$TMP/bbb" ;;
55b3af24b4SEnji Cooper		2) echo "$TMP/aaa/ccc" ;;
56b3af24b4SEnji Cooper		3) echo "$TMP/bbb/ddd" ;;
57b3af24b4SEnji Cooper	esac
58b3af24b4SEnji Cooper}
59b3af24b4SEnji Cooper
60b3af24b4SEnji Cooperf_prepend_random_acl_on()
61b3af24b4SEnji Cooper{
62b3af24b4SEnji Cooper	rnd=`rnd_from_0_to 4`
63b3af24b4SEnji Cooper	case $rnd in
64b3af24b4SEnji Cooper		0) u="owner@" ;;
65b3af24b4SEnji Cooper		1) u="group@" ;;
66b3af24b4SEnji Cooper		2) u="everyone@" ;;
67b3af24b4SEnji Cooper		3) u="u:1138" ;;
68b3af24b4SEnji Cooper		4) u="g:1138" ;;
69b3af24b4SEnji Cooper	esac
70b3af24b4SEnji Cooper
71b3af24b4SEnji Cooper	p=""
72b3af24b4SEnji Cooper	while :; do
73b3af24b4SEnji Cooper		rnd=`rnd_from_0_to 30`
74b3af24b4SEnji Cooper		if [ -n "$p" -a $rnd -ge 14 ]; then
75b3af24b4SEnji Cooper			break;
76b3af24b4SEnji Cooper		fi
77b3af24b4SEnji Cooper
78b3af24b4SEnji Cooper		case $rnd in
79b3af24b4SEnji Cooper			0) p="${p}r" ;;
80b3af24b4SEnji Cooper			1) p="${p}w" ;;
81b3af24b4SEnji Cooper			2) p="${p}x" ;;
82b3af24b4SEnji Cooper			3) p="${p}p" ;;
83b3af24b4SEnji Cooper			4) p="${p}d" ;;
84b3af24b4SEnji Cooper			5) p="${p}D" ;;
85b3af24b4SEnji Cooper			6) p="${p}a" ;;
86b3af24b4SEnji Cooper			7) p="${p}A" ;;
87b3af24b4SEnji Cooper			8) p="${p}R" ;;
88b3af24b4SEnji Cooper			9) p="${p}W" ;;
89b3af24b4SEnji Cooper			10) p="${p}R" ;;
90b3af24b4SEnji Cooper			11) p="${p}c" ;;
91b3af24b4SEnji Cooper			12) p="${p}C" ;;
92b3af24b4SEnji Cooper			13) p="${p}o" ;;
93b3af24b4SEnji Cooper			14) p="${p}s" ;;
94b3af24b4SEnji Cooper		esac
95b3af24b4SEnji Cooper	done
96b3af24b4SEnji Cooper
97b3af24b4SEnji Cooper	f=""
98b3af24b4SEnji Cooper	while :; do
99b3af24b4SEnji Cooper		rnd=`rnd_from_0_to 10`
100b3af24b4SEnji Cooper		if [ $rnd -ge 6 ]; then
101b3af24b4SEnji Cooper			break;
102b3af24b4SEnji Cooper		fi
103b3af24b4SEnji Cooper
104b3af24b4SEnji Cooper		case $rnd in
105b3af24b4SEnji Cooper			0) f="${f}f" ;;
106b3af24b4SEnji Cooper			1) f="${f}d" ;;
107b3af24b4SEnji Cooper			2) f="${f}n" ;;
108b3af24b4SEnji Cooper			3) f="${f}i" ;;
109b3af24b4SEnji Cooper		esac
110b3af24b4SEnji Cooper	done
111b3af24b4SEnji Cooper
112b3af24b4SEnji Cooper	rnd=`rnd_from_0_to 1`
113b3af24b4SEnji Cooper	case $rnd in
114b3af24b4SEnji Cooper		0) x="allow" ;;
115b3af24b4SEnji Cooper		1) x="deny" ;;
116b3af24b4SEnji Cooper	esac
117b3af24b4SEnji Cooper
118b3af24b4SEnji Cooper	acl="$u:$p:$f:$x"
119b3af24b4SEnji Cooper
120b3af24b4SEnji Cooper	file=`rnd_path`
121b3af24b4SEnji Cooper	run_command "setfacl -a0 $acl $file"
122b3af24b4SEnji Cooper}
123b3af24b4SEnji Cooper
124b3af24b4SEnji Cooperf_getfacl()
125b3af24b4SEnji Cooper{
126b3af24b4SEnji Cooper	file=`rnd_path`
127b3af24b4SEnji Cooper	run_command "getfacl -qn $file"
128b3af24b4SEnji Cooper}
129b3af24b4SEnji Cooper
130b3af24b4SEnji Cooperf_ls_mode()
131b3af24b4SEnji Cooper{
132b3af24b4SEnji Cooper	file=`rnd_path`
133b3af24b4SEnji Cooper	run_command "ls -al $file | sed -n '2p' | cut -d' ' -f1"
134b3af24b4SEnji Cooper}
135b3af24b4SEnji Cooper
136b3af24b4SEnji Cooperf_chmod()
137b3af24b4SEnji Cooper{
138b3af24b4SEnji Cooper	b1=`rnd_from_0_to 7`
139b3af24b4SEnji Cooper	b2=`rnd_from_0_to 7`
140b3af24b4SEnji Cooper	b3=`rnd_from_0_to 7`
141b3af24b4SEnji Cooper	b4=`rnd_from_0_to 7`
142b3af24b4SEnji Cooper	file=`rnd_path`
143b3af24b4SEnji Cooper
144b3af24b4SEnji Cooper	run_command "chmod $b1$b2$b3$b4 $file $2"
145b3af24b4SEnji Cooper}
146b3af24b4SEnji Cooper
147b3af24b4SEnji Cooperf_touch()
148b3af24b4SEnji Cooper{
149b3af24b4SEnji Cooper	file=`rnd_path`
150b3af24b4SEnji Cooper	run_command "touch $file"
151b3af24b4SEnji Cooper}
152b3af24b4SEnji Cooper
153b3af24b4SEnji Cooperf_rm()
154b3af24b4SEnji Cooper{
155b3af24b4SEnji Cooper	file=`rnd_path`
156b3af24b4SEnji Cooper	run_command "rm -f $file"
157b3af24b4SEnji Cooper}
158b3af24b4SEnji Cooper
159b3af24b4SEnji Cooperf_mkdir()
160b3af24b4SEnji Cooper{
161b3af24b4SEnji Cooper	file=`rnd_path`
162b3af24b4SEnji Cooper	run_command "mkdir $file"
163b3af24b4SEnji Cooper}
164b3af24b4SEnji Cooper
165b3af24b4SEnji Cooperf_rmdir()
166b3af24b4SEnji Cooper{
167b3af24b4SEnji Cooper	file=`rnd_path`
168b3af24b4SEnji Cooper	run_command "rmdir $file"
169b3af24b4SEnji Cooper}
170b3af24b4SEnji Cooper
171b3af24b4SEnji Cooperf_mv()
172b3af24b4SEnji Cooper{
173b3af24b4SEnji Cooper	from=`rnd_path`
174b3af24b4SEnji Cooper	to=`rnd_path`
175b3af24b4SEnji Cooper	run_command "mv -f $from $to"
176b3af24b4SEnji Cooper}
177b3af24b4SEnji Cooper
178b3af24b4SEnji Cooper# XXX: To be implemented: chown(8), setting times with touch(1).
179b3af24b4SEnji Cooper
180b3af24b4SEnji Cooperswitch_to_random_user()
181b3af24b4SEnji Cooper{
182b3af24b4SEnji Cooper	# XXX: To be implemented.
183b3af24b4SEnji Cooper}
184b3af24b4SEnji Cooper
185b3af24b4SEnji Cooperexecute_random_command()
186b3af24b4SEnji Cooper{
187b3af24b4SEnji Cooper	rnd=`rnd_from_0_to 20`
188b3af24b4SEnji Cooper
189b3af24b4SEnji Cooper	case $rnd in
190b3af24b4SEnji Cooper		0|10|11|12|13|15) cmd=f_prepend_random_acl_on ;;
191b3af24b4SEnji Cooper		1) cmd=f_getfacl ;;
192b3af24b4SEnji Cooper		2) cmd=f_ls_mode ;;
193b3af24b4SEnji Cooper		3) cmd=f_chmod ;;
194b3af24b4SEnji Cooper		4|18|19) cmd=f_touch ;;
195b3af24b4SEnji Cooper		5) cmd=f_rm ;;
196b3af24b4SEnji Cooper		6|16|17) cmd=f_mkdir ;;
197b3af24b4SEnji Cooper		7) cmd=f_rmdir ;;
198b3af24b4SEnji Cooper		8) cmd=f_mv ;;
199b3af24b4SEnji Cooper	esac
200b3af24b4SEnji Cooper
201b3af24b4SEnji Cooper	$cmd "XXX"
202b3af24b4SEnji Cooper}
203b3af24b4SEnji Cooper
204b3af24b4SEnji Cooperecho "# Fuzzing; will stop after $NUMBER_OF_COMMANDS commands."
205b3af24b4SEnji CooperTMP="aclfuzzer_`dd if=/dev/random bs=1k count=1 2>/dev/null | openssl md5`"
206b3af24b4SEnji Cooper
207b3af24b4SEnji Cooperrun_command "whoami"
208b3af24b4SEnji Cooperumask 022
209b3af24b4SEnji Cooperrun_command "umask 022"
210b3af24b4SEnji Cooperrun_command "mkdir $TMP"
211b3af24b4SEnji Cooper
212b3af24b4SEnji Cooperi=0;
213b3af24b4SEnji Cooperwhile [ "$i" -lt "$NUMBER_OF_COMMANDS" ]; do
214b3af24b4SEnji Cooper	switch_to_random_user
215b3af24b4SEnji Cooper	execute_random_command
216b3af24b4SEnji Cooper	i=`expr $i + 1`
217b3af24b4SEnji Cooperdone
218b3af24b4SEnji Cooper
219b3af24b4SEnji Cooperrun_command "find $TMP -exec setfacl -a0 everyone@:rxd:allow {} \;"
220b3af24b4SEnji Cooperrun_command "rm -rfv $TMP"
221b3af24b4SEnji Cooper
222b3af24b4SEnji Cooperecho "# Fuzzed, thank you."
223b3af24b4SEnji Cooper
224