1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# $FreeBSD$ 24 25# 26# Copyright 2008 Sun Microsystems, Inc. All rights reserved. 27# Use is subject to license terms. 28# 29# ident "@(#)cifs_attr_001_pos.ksh 1.1 08/02/27 SMI" 30# 31 32. $STF_SUITE/tests/acl/acl_common.kshlib 33. $STF_SUITE/tests/acl/cifs/cifs.kshlib 34 35################################################################################# 36# 37# __stc_assertion_start 38# 39# ID: cifs_attr_001_pos 40# 41# DESCRIPTION: 42# Verify the user with write_attributes permission or 43# PRIV_FILE_OWNER privilege could set/clear DOS attributes. 44# (Readonly, Hidden, Archive, System) 45# 46# STRATEGY: 47# 1. Loop super user and non-super user to run the test case. 48# 2. Create basedir and a set of subdirectores and files within it. 49# 3. Grant user has write_attributes permission or 50# PRIV_FILE_OWNER privilege 51# 4. Verify set/clear DOS attributes should succeed. 52# 53# TESTABILITY: explicit 54# 55# TEST_AUTOMATION_LEVEL: automated 56# 57# CODING_STATUS: COMPLETED (2007-11-05) 58# 59# __stc_assertion_end 60# 61################################################################################ 62 63verify_runnable "both" 64 65if ! cifs_supported ; then 66 log_unsupported "CIFS not supported on current system." 67fi 68 69test_requires ZFS_ACL ZFS_XATTR 70 71function cleanup 72{ 73 for fs in $TESTPOOL/$TESTFS $TESTPOOL ; do 74 mtpt=$(get_prop mountpoint $fs) 75 log_must $RM -rf $mtpt/file.* $mtpt/dir.* 76 done 77} 78 79# 80# Set the special attribute to the given node 81# 82# $1: The given node (file/dir) 83# $2: The special attribute to be set 84# $3: Execute username 85# 86function set_attribute 87{ 88 typeset object=$1 89 typeset attr=${2:-AHRS} 90 typeset user=$3 91 typeset ret=0 92 93 if [[ -z $object ]]; then 94 log_fail "Object not defined." 95 fi 96 97 if [[ -n $user ]]; then 98 $RUNWATTR -u $user "$CHMOD S+c${attr} $object" 99 ret=$? 100 else 101 $CHMOD S+c${attr} $object 102 ret=$? 103 fi 104 105 return $ret 106} 107 108# 109# Clear the special attribute to the given node 110# 111# $1: The given node (file/dir) 112# $2: The special attribute to be cleared 113# $3: Execute username 114# 115function clear_attribute 116{ 117 typeset object=$1 118 typeset attr=${2:-AHRS} 119 typeset user=$3 120 typeset ret=0 121 122 if [[ -z $object ]]; then 123 log_fail "Object not defined." 124 fi 125 126 if [[ -n $user ]]; then 127 $RUNWATTR -u $user "$CHMOD S-c${attr} $object" 128 ret=$? 129 else 130 $CHMOD S-c${attr} $object 131 ret=$? 132 fi 133 134 return $ret 135} 136 137# 138# Grant the ace of write_attributes to the given user 139# 140# $1: The given user 141# $2: The given node (file/dir) 142# 143function grant_attr 144{ 145 typeset user=$1 146 typeset object=$2 147 148 if [[ -z $user || -z $object ]]; then 149 log_fail "User($user), Object($object) not defined." 150 fi 151 152 # To increase the coverage, here we set 'deny' against 153 # superuser and owner. 154 # Only grant the user explicitly while it's not root neither owner. 155 156 if [[ $user == "root" ]]; then 157 log_must chmod A+user:root:write_attributes:deny $object 158 elif [[ $user == $(get_owner $object) ]]; then 159 if (( ( RANDOM % 2 ) == 0 )); then 160 log_must chmod A+owner@:write_attributes:deny $object 161 else 162 log_must chmod A+user:$user:write_attributes:deny \ 163 $object 164 fi 165 else 166 log_must chmod A+user:$user:write_attributes:allow $object 167 fi 168 attr_mod="write_attributes" 169} 170 171# 172# Revoke the ace of write_attributes from the given user 173# 174# $1: The given user 175# $2: The given node (file/dir) 176# 177function revoke_attr 178{ 179 typeset user=$1 180 typeset object=$2 181 182 if [[ -z $user || -z $object ]]; then 183 log_fail "User($user), Object($object) not defined." 184 fi 185 186 log_must chmod A0- $object 187 attr_mod= 188} 189 190# 191# Invoke the function and verify whether its return code as expected 192# 193# $1: Function be invoked 194# $2: The given node (file/dir) 195# $3: Execute user 196# $4: Option 197# 198function verify_attr 199{ 200 typeset func=$1 201 typeset object=$2 202 typeset opt=$3 203 typeset user=$4 204 typeset expect="log_mustnot" 205 206 if [[ -z $func || -z $object ]]; then 207 log_fail "Func($func), Object($object), User($user), \ 208 Opt($opt) not defined." 209 fi 210 211 # If user is superuser or has write_attributes permission or 212 # PRIV_FILE_OWNER privilege, it should log_must, 213 # otherwise log_mustnot. 214 215 if [[ -z $user || $user == "root" || \ 216 $user == $(get_owner $object) || \ 217 $attr_mod == *"write_attributes"* ]] ; then 218 expect="log_must" 219 fi 220 221 $expect $func $object $opt $user 222} 223 224log_assert "Verify set/clear DOS attributes will succeed while user has " \ 225 "write_attributes permission or PRIV_FILE_OWNER privilege" 226log_onexit cleanup 227 228file="file.0" 229dir="dir.0" 230XATTROPTIONS="H S R A" 231 232for fs in $TESTPOOL $TESTPOOL/$TESTFS ; do 233 mtpt=$(get_prop mountpoint $fs) 234 for owner in root $ZFS_ACL_STAFF1 ; do 235 236 create_object "file" $mtpt/$file $owner 237 create_object "dir" $mtpt/$dir $owner 238 239 for object in $mtpt/$file $mtpt/$dir ; do 240 for user in root $ZFS_ACL_STAFF2 ; do 241 for opt in $XATTROPTIONS ; do 242 verify_attr set_attribute \ 243 $object $opt $user 244 verify_attr clear_attribute \ 245 $object $opt $user 246 done 247 log_must grant_attr $user $object 248 for opt in $XATTROPTIONS ; do 249 verify_attr set_attribute \ 250 $object $opt $user 251 verify_attr clear_attribute \ 252 $object $opt $user 253 done 254 log_must revoke_attr $user $object 255 done 256 done 257 destroy_object $mtpt/$file $mtpt/$dir 258 done 259done 260 261log_pass "Set/Clear DOS attributes succeed while user has " \ 262 "write_attributes permission or PRIV_FILE_OWNER privilege" 263