1#!/usr/local/bin/ksh93 -p
2#
3# CDDL HEADER START
4#
5# The contents of this file are subject to the terms of the
6# Common Development and Distribution License (the "License").
7# You may not use this file except in compliance with the License.
8#
9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10# or http://www.opensolaris.org/os/licensing.
11# See the License for the specific language governing permissions
12# and limitations under the License.
13#
14# When distributing Covered Code, include this CDDL HEADER in each
15# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16# If applicable, add the following below this CDDL HEADER, with the
17# fields enclosed by brackets "[]" replaced with your own identifying
18# information: Portions Copyright [yyyy] [name of copyright owner]
19#
20# CDDL HEADER END
21#
22
23# $FreeBSD$
24
25#
26# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
27# Use is subject to license terms.
28#
29# ident	"@(#)zfs_acl_chmod_001_neg.ksh	1.4	09/01/13 SMI"
30#
31
32. $STF_SUITE/tests/acl/acl_common.kshlib
33
34#################################################################################
35#
36# __stc_assertion_start
37#
38# ID: zfs_acl_chmod_001_neg
39#
40# DESCRIPTION:
41# 	Verify  1) Illegal options to chmod should fail.
42#		2) Delete all the ACE will lead to fail.
43#		3) Add ACE exceed 1024 will cause to fail.
44#
45# STRATEGY:
46#	1. Loop root and non-root users
47#	2. Verify all kinds of illegal option will lead to chmod failed.
48#	3. Verify 'chmod A0-' will fail when try to delete all the ACE.
49#	4. Verify 'chmod A+' will succeed when the ACE number exceed 1024.
50#
51# TESTABILITY: explicit
52#
53# TEST_AUTOMATION_LEVEL: automated
54#
55# CODING_STATUS: COMPLETED (2005-10-14)
56#
57# __stc_assertion_end
58#
59################################################################################
60
61verify_runnable "both"
62
63log_assert "Verify illegal operating to ACL, it will fail."
64log_onexit cleanup
65
66test_requires ZFS_ACL
67
68function err_opts #node
69{
70	typeset A_opts="+A@ -A#- +A% =A^ =A# =A@ +A#\ asd \
71			A+@ A-#- A+% A=^ A=# A=@ A+#"
72
73	log_note "Illegal option to chmod should fail."
74	for A in ${A_opts[@]}; do
75		log_mustnot usr_exec $CHMOD ${A}owner@:read_data:allow $node
76		log_mustnot usr_exec $CHMOD A+ asd owner@:execute:deny $node
77	done
78
79	typeset type_opts="everyone groups owner user@ users"
80	for tp in ${type_opts[@]}; do
81		log_mustnot usr_exec $CHMOD A+$tp:read_data:deny $node
82	done
83
84	return 0
85}
86
87function del_all_ACE #node
88{
89	typeset node=$1
90	typeset -i cnt
91
92	cnt=$(count_ACE $node)
93	while (( cnt > 0 )); do
94		if (( cnt == 1 )); then
95			log_mustnot $CHMOD A0- $node
96		else
97			log_must $CHMOD A0- $node
98		fi
99
100		(( cnt -= 1 ))
101	done
102
103	return 0
104}
105
106function exceed_max_ACE #node
107{
108	typeset node=$1
109	typeset -i max=1024
110	typeset -i cnt
111
112	cnt=$(count_ACE $node)
113
114	# One more ACE exceed the max limitation.
115	(( max = max - cnt + 1 ))
116	while (( max > 0 )); do
117		if (( max == 1 )); then
118			log_mustnot $CHMOD A+owner@:read_data:allow $node
119		else
120			$CHMOD A+owner@:read_data:allow $node
121			if (($? != 0)); then
122				((cnt = 1024 - max))
123				log_fail "Add No.$cnt ACL item failed."
124			fi
125		fi
126
127		(( max -= 1 ))
128	done
129
130	return 0
131}
132
133typeset node
134typeset func_name="err_opts del_all_ACE exceed_max_ACE"
135
136for usr in "root" "$ZFS_ACL_STAFF1"; do
137	log_must set_cur_usr $usr
138
139	for node in $testfile $testdir; do
140		log_must usr_exec $TOUCH $testfile
141		log_must usr_exec $MKDIR $testdir
142
143		for func in $func_name; do
144			log_must eval "$func $node"
145		done
146
147		log_must usr_exec $RM -rf $testfile $testdir
148	done
149done
150
151log_pass "Verify illegal operating to ACL passed."
152