1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# $FreeBSD$ 24 25# 26# Copyright 2007 Sun Microsystems, Inc. All rights reserved. 27# Use is subject to license terms. 28# 29# ident "@(#)zfs_acl_chmod_rwx_003_pos.ksh 1.3 07/07/31 SMI" 30# 31 32. $STF_SUITE/tests/acl/acl_common.kshlib 33 34################################################################################# 35# 36# __stc_assertion_start 37# 38# ID: zfs_acl_chmod_rwx_003_pos 39# 40# DESCRIPTION: 41# Verify that the read_data/write_data/execute permission for 42# owner/group/everyone are correct. 43# 44# STRATEGY: 45# 1. Loop root and non-root user. 46# 2. Separated verify type@:access:allow|deny to file and directory 47# 3. To super user, read and write deny was override. 48# 4. According to ACE list and override rule, expect that 49# read/write/execute file or directory succeed or fail. 50# 51# TESTABILITY: explicit 52# 53# TEST_AUTOMATION_LEVEL: automated 54# 55# CODING_STATUS: COMPLETED (2005-10-09) 56# 57# __stc_assertion_end 58# 59################################################################################ 60 61verify_runnable "both" 62 63# owner@ group_users other_users 64set -A users \ 65 "root" "$ZFS_ACL_ADMIN" "$ZFS_ACL_OTHER1" \ 66 "$ZFS_ACL_STAFF1" "$ZFS_ACL_STAFF2" "$ZFS_ACL_OTHER1" 67 68# In order to test execute permission, read_data was need firstly. 69set -A a_access "read_data" "write_data" "read_data/execute" 70set -A a_flag "owner@" "group@" "everyone@" 71 72log_assert "Verify that the read_data/write_data/execute permission for" \ 73 "owner/group/everyone are correct." 74log_onexit cleanup 75 76function logname #node acl_spec user 77{ 78 typeset node=$1 79 typeset acl_spec=$2 80 typeset user=$3 81 82 # To super user, read and write deny permission was override. 83 if [[ $acl_spec == *:allow ]] || \ 84 [[ $user == root && -d $node ]] || \ 85 [[ $user == root && $acl_spec != *"execute"* ]] 86 then 87 print "log_must" 88 elif [[ $acl_spec == *:deny ]]; then 89 print "log_mustnot" 90 fi 91} 92 93function check_chmod_results #node acl_spec g_usr o_usr 94{ 95 typeset node=$1 96 typeset acl_spec=$2 97 typeset g_usr=$3 98 typeset o_usr=$4 99 typeset log 100 101 if [[ $acl_spec == "owner@:"* || $acl_spec == "everyone@:"* ]]; then 102 log=$(logname $node $acl_spec $ZFS_ACL_CUR_USER) 103 $log rwx_node $ZFS_ACL_CUR_USER $node $acl_spec 104 fi 105 if [[ $acl_spec == "group@:"* || $acl_spec == "everyone@:"* ]]; then 106 log=$(logname $node $acl_spec $g_usr) 107 $log rwx_node $g_usr $node $acl_spec 108 fi 109 if [[ $acl_spec == "everyone@"* ]]; then 110 log=$(logname $node $acl_spec $o_usr) 111 $log rwx_node $o_usr $node $acl_spec 112 fi 113} 114 115function test_chmod_basic_access #node group_user other_user 116{ 117 typeset node=$1 118 typeset g_usr=$2 119 typeset o_usr=$3 120 typeset flag access acl_spec 121 122 for flag in ${a_flag[@]}; do 123 for access in ${a_access[@]}; do 124 for tp in allow deny; do 125 acl_spec="$flag:$access:$tp" 126 log_must usr_exec $CHMOD A+$acl_spec $node 127 check_chmod_results \ 128 $node $acl_spec $g_usr $o_usr 129 log_must usr_exec $CHMOD A0- $node 130 done 131 done 132 done 133} 134 135test_requires ZFS_ACL 136 137typeset -i i=0 138while (( i < ${#users[@]} )); do 139 log_must set_cur_usr ${users[i]} 140 141 log_must usr_exec $TOUCH $testfile 142 test_chmod_basic_access $testfile ${users[((i+1))]} ${users[((i+2))]} 143 log_must usr_exec $MKDIR $testdir 144 test_chmod_basic_access $testdir ${users[((i+1))]} ${users[((i+2))]} 145 146 log_must usr_exec $RM -rf $testfile $testdir 147 148 (( i += 3 )) 149done 150 151log_pass "Verify that the read_data/write_data/execute permission for" \ 152 "owner/group/everyone passed." 153