1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# $FreeBSD$ 24 25# 26# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 27# Use is subject to license terms. 28# 29# ident "@(#)zfs_acl_chmod_001_neg.ksh 1.4 09/01/13 SMI" 30# 31 32. $STF_SUITE/tests/acl/acl_common.kshlib 33 34################################################################################# 35# 36# __stc_assertion_start 37# 38# ID: zfs_acl_chmod_001_neg 39# 40# DESCRIPTION: 41# Verify 1) Illegal options to chmod should fail. 42# 2) Delete all the ACE will lead to fail. 43# 3) Add ACE exceed 1024 will cause to fail. 44# 45# STRATEGY: 46# 1. Loop root and non-root users 47# 2. Verify all kinds of illegal option will lead to chmod failed. 48# 3. Verify 'chmod A0-' will fail when try to delete all the ACE. 49# 4. Verify 'chmod A+' will succeed when the ACE number exceed 1024. 50# 51# TESTABILITY: explicit 52# 53# TEST_AUTOMATION_LEVEL: automated 54# 55# CODING_STATUS: COMPLETED (2005-10-14) 56# 57# __stc_assertion_end 58# 59################################################################################ 60 61verify_runnable "both" 62 63log_assert "Verify illegal operating to ACL, it will fail." 64log_onexit cleanup 65 66test_requires ZFS_ACL 67 68function err_opts #node 69{ 70 typeset A_opts="+A@ -A#- +A% =A^ =A# =A@ +A#\ asd \ 71 A+@ A-#- A+% A=^ A=# A=@ A+#" 72 73 log_note "Illegal option to chmod should fail." 74 for A in ${A_opts[@]}; do 75 log_mustnot usr_exec $CHMOD ${A}owner@:read_data:allow $node 76 log_mustnot usr_exec $CHMOD A+ asd owner@:execute:deny $node 77 done 78 79 typeset type_opts="everyone groups owner user@ users" 80 for tp in ${type_opts[@]}; do 81 log_mustnot usr_exec $CHMOD A+$tp:read_data:deny $node 82 done 83 84 return 0 85} 86 87function del_all_ACE #node 88{ 89 typeset node=$1 90 typeset -i cnt 91 92 cnt=$(count_ACE $node) 93 while (( cnt > 0 )); do 94 if (( cnt == 1 )); then 95 log_mustnot $CHMOD A0- $node 96 else 97 log_must $CHMOD A0- $node 98 fi 99 100 (( cnt -= 1 )) 101 done 102 103 return 0 104} 105 106function exceed_max_ACE #node 107{ 108 typeset node=$1 109 typeset -i max=1024 110 typeset -i cnt 111 112 cnt=$(count_ACE $node) 113 114 # One more ACE exceed the max limitation. 115 (( max = max - cnt + 1 )) 116 while (( max > 0 )); do 117 if (( max == 1 )); then 118 log_mustnot $CHMOD A+owner@:read_data:allow $node 119 else 120 $CHMOD A+owner@:read_data:allow $node 121 if (($? != 0)); then 122 ((cnt = 1024 - max)) 123 log_fail "Add No.$cnt ACL item failed." 124 fi 125 fi 126 127 (( max -= 1 )) 128 done 129 130 return 0 131} 132 133typeset node 134typeset func_name="err_opts del_all_ACE exceed_max_ACE" 135 136for usr in "root" "$ZFS_ACL_STAFF1"; do 137 log_must set_cur_usr $usr 138 139 for node in $testfile $testdir; do 140 log_must usr_exec $TOUCH $testfile 141 log_must usr_exec $MKDIR $testdir 142 143 for func in $func_name; do 144 log_must eval "$func $node" 145 done 146 147 log_must usr_exec $RM -rf $testfile $testdir 148 done 149done 150 151log_pass "Verify illegal operating to ACL passed." 152