1#!/usr/local/bin/ksh93 -p
2#
3# CDDL HEADER START
4#
5# The contents of this file are subject to the terms of the
6# Common Development and Distribution License (the "License").
7# You may not use this file except in compliance with the License.
8#
9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10# or http://www.opensolaris.org/os/licensing.
11# See the License for the specific language governing permissions
12# and limitations under the License.
13#
14# When distributing Covered Code, include this CDDL HEADER in each
15# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16# If applicable, add the following below this CDDL HEADER, with the
17# fields enclosed by brackets "[]" replaced with your own identifying
18# information: Portions Copyright [yyyy] [name of copyright owner]
19#
20# CDDL HEADER END
21#
22
23# $FreeBSD$
24
25#
26# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
27# Use is subject to license terms.
28#
29# ident	"@(#)zfs_acl_chmod_rwx_002_pos.ksh	1.5	09/01/13 SMI"
30#
31
32. $STF_SUITE/tests/acl/acl_common.kshlib
33
34#################################################################################
35#
36# __stc_assertion_start
37#
38# ID: zfs_acl_chmod_rwx_002_pos
39#
40# DESCRIPTION:
41#	chmod A{+|-|=} read_data|write_data|execute for owner@ group@ or everyone@
42#	correctly alters mode bits .
43#
44# STRATEGY:
45#	1. Loop root and non-root user.
46#	2. Get the random initial map.
47#	3. Get the random ACL string.
48#	4. Separately chmod +|-|= read_data|write_data|execute
49#	5. Check map bits
50#
51# TESTABILITY: explicit
52#
53# TEST_AUTOMATION_LEVEL: automated
54#
55# CODING_STATUS: COMPLETED (2005-10-05)
56#
57# __stc_assertion_end
58#
59################################################################################
60
61verify_runnable "both"
62
63log_assert "chmod A{+|-|=} read_data|write_data|execute for owner@, group@ " \
64	"or everyone@ correctly alters mode bits."
65log_onexit cleanup
66
67set -A bits 0 1 2 3 4 5 6 7
68set -A a_flag owner group everyone
69set -A a_access read_data write_data execute
70set -A a_type allow deny
71
72#
73# Get a random item from an array.
74#
75# $1 the base set
76#
77function random_select #array_name
78{
79	typeset arr_name=$1
80	typeset -i ind
81
82	eval typeset -i cnt=\${#${arr_name}[@]}
83	(( ind = $RANDOM % cnt ))
84
85	eval print \${${arr_name}[$ind]}
86}
87
88#
89# Create a random string according to array name, the item number and
90# separated tag.
91#
92# $1 array name where the function get the elements
93# $2 the items number which you want to form the random string
94# $3 the separated tag
95#
96function form_random_str #<array_name> <count> <sep>
97{
98	typeset arr_name=$1
99	typeset -i count=${2:-1}
100	typeset sep=${3:-""}
101
102	typeset str=""
103	while (( count > 0 )); do
104		str="${str}$(random_select $arr_name)${sep}"
105
106		(( count -= 1 ))
107	done
108
109	print $str
110}
111
112#
113# According to the original bits, the input ACE access and ACE type, return the
114# expect bits after 'chmod A0{+|=}'.
115#
116# $1 bits which was make up of three bit 'rwx'
117# $2 ACE access which is read_data, write_data or execute
118# $3 ACE type which is allow or deny
119#
120function cal_bits #bits acl_access acl_type
121{
122	typeset bits=$1
123	typeset acl_access=$2
124	typeset acl_type=$3
125	set -A bit r w x
126
127	typeset tmpbits=""
128	typeset -i i=0 j
129	while (( i < 3 )); do
130		if [[ $acl_access == *"${a_access[i]}"* ]]; then
131			if [[ $acl_type == "allow" ]]; then
132				tmpbits="$tmpbits${bit[i]}"
133			elif [[ $acl_type == "deny" ]]; then
134				tmpbits="${tmpbits}-"
135			fi
136		else
137			(( j = i + 1 ))
138			tmpbits="$tmpbits$(get_substr $bits $j 1)"
139		fi
140
141		(( i += 1 ))
142	done
143
144	print "$tmpbits"
145}
146
147#
148# Based on the initial node map before chmod and the ace-spec, check if chmod
149# has the correct behaven to map bits.
150#
151function check_test_result #init_mode node acl_flag acl_access a_type
152{
153	typeset init_mode=$1
154	typeset node=$2
155	typeset acl_flag=$3
156	typeset acl_access=$4
157	typeset acl_type=$5
158
159	typeset -3L u_bits=$init_mode
160	typeset g_bits=$(get_substr $init_mode 4 3)
161	typeset -3R o_bits=$init_mode
162
163	if [[ $acl_flag == "owner" || $acl_flag == "everyone" ]]; then
164		u_bits=$(cal_bits $u_bits $acl_access $acl_type)
165	fi
166	if [[ $acl_flag == "group" || $acl_flag == "everyone" ]]; then
167		g_bits=$(cal_bits $g_bits $acl_access $acl_type)
168	fi
169	if [[ $acl_flag == "everyone" ]]; then
170		o_bits=$(cal_bits $o_bits $acl_access $acl_type)
171	fi
172
173	typeset cur_mode=$(get_mode $node)
174	cur_mode=$(get_substr $cur_mode 2 9)
175
176	if [[ $cur_mode == $u_bits$g_bits$o_bits ]]; then
177		log_note "SUCCESS: Current map($cur_mode) ==" \
178			"expected map($u_bits$g_bits$o_bits)"
179	else
180		log_fail "FAIL: Current map($cur_mode) != " \
181			"expected map($u_bits$g_bits$o_bits)"
182	fi
183}
184
185function test_chmod_map #<node>
186{
187	typeset node=$1
188	typeset init_mask acl_flag acl_access acl_type
189	typeset -i cnt
190
191	if (( ${#node} == 0 )); then
192		log_fail "FAIL: file name or directroy name is not defined."
193	fi
194
195	# Get the initial map
196	init_mask=$(form_random_str bits 3)
197	# Get ACL flag, access & type
198	acl_flag=$(form_random_str a_flag)
199	(( cnt = ($RANDOM % ${#a_access[@]}) + 1 ))
200	acl_access=$(form_random_str a_access $cnt '/')
201	acl_access=${acl_access%/}
202	acl_type=$(form_random_str a_type)
203
204	typeset acl_spec=${acl_flag}@:${acl_access}:${acl_type}
205
206	# Set the initial map and back the initial ACEs
207	typeset orig_ace=$TMPDIR/orig_ace.${TESTCASE_ID}
208	typeset cur_ace=$TMPDIR/cur_ace.${TESTCASE_ID}
209
210	for operator in "A0+" "A0="; do
211		log_must usr_exec $CHMOD $init_mask $node
212		init_mode=$(get_mode $node)
213		init_mode=$(get_substr $init_mode 2 9)
214		log_must usr_exec eval "$LS -vd $node > $orig_ace"
215
216		# To "A=", firstly add one ACE which can't modify map
217		if [[ $operator == "A0=" ]]; then
218			log_must $CHMOD A0+user:$ZFS_ACL_OTHER1:execute:deny \
219				$node
220		fi
221		log_must usr_exec $CHMOD $operator$acl_spec $node
222		check_test_result \
223			$init_mode $node $acl_flag $acl_access $acl_type
224
225		# Check "chmod A-"
226		log_must usr_exec $CHMOD A0- $node
227		log_must usr_exec eval "$LS -vd $node > $cur_ace"
228
229		if $DIFF $orig_ace $cur_ace; then
230			log_note "SUCCESS: original ACEs equivalence the " \
231				"current ACEs. 'chmod A-' succeeded."
232		else
233			log_fail "FAIL: 'chmod A-' failed."
234		fi
235	done
236
237	[[ -f $orig_ace ]] && log_must usr_exec $RM -f $orig_ace
238	[[ -f $cur_ace ]] && log_must usr_exec $RM -f $cur_ace
239}
240
241test_requires ZFS_ACL
242
243for user in root $ZFS_ACL_STAFF1; do
244	set_cur_usr $user
245
246	typeset -i loop_cnt=20
247	while (( loop_cnt > 0 )); do
248		log_must usr_exec $TOUCH $testfile
249		test_chmod_map $testfile
250		log_must $RM -f $testfile
251
252		log_must usr_exec $MKDIR $testdir
253		test_chmod_map $testdir
254		log_must $RM -rf $testdir
255
256		(( loop_cnt -= 1 ))
257	done
258done
259
260log_pass "chmod A{+|-|=} read_data|write_data|execute for owner@, group@ " \
261	"oreveryone@ correctly alters mode bits passed."
262