1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# $FreeBSD$ 24 25# 26# Copyright 2007 Sun Microsystems, Inc. All rights reserved. 27# Use is subject to license terms. 28# 29# ident "@(#)zfs_acl_chmod_rwx_004_pos.ksh 1.3 07/07/31 SMI" 30# 31 32. $STF_SUITE/tests/acl/acl_common.kshlib 33 34################################################################################# 35# 36# __stc_assertion_start 37# 38# ID: zfs_acl_chmod_rwx_004_pos 39# 40# DESCRIPTION: 41# Verify that explicit ACL setting to specified user or group will 42# override existed access rule. 43# 44# STRATEGY: 45# 1. Loop root and non-root user. 46# 2. Loop the specified access one by one. 47# 3. Loop verify explicit ACL set to specified user and group. 48# 49# TESTABILITY: explicit 50# 51# TEST_AUTOMATION_LEVEL: automated 52# 53# CODING_STATUS: COMPLETED (2005-10-14) 54# 55# __stc_assertion_end 56# 57################################################################################ 58 59verify_runnable "both" 60 61function check_access #log user node access rflag 62{ 63 typeset log=$1 64 typeset user=$2 65 typeset node=$3 66 typeset access=$4 67 typeset rflag=$5 68 69 if [[ $rflag == "allow" && $access == execute ]]; then 70 rwx_node $user $node $access 71 # 72 # When everyone@ were deny, this file can't execute. 73 # So,'cannot execute' means user has the permission to 74 # execute, just the file can't be execute. 75 # 76 if [[ $ZFS_ACL_ERR_STR == *"cannot execute" ]]; then 77 log_note "SUCCESS: rwx_node $user $node $access" 78 else 79 log_fail "FAIL: rwx_node $user $node $access" 80 fi 81 else 82 $log rwx_node $user $node $access 83 fi 84} 85 86function verify_explicit_ACL_rule #node access flag 87{ 88 set -A a_access "read_data" "write_data" "execute" 89 typeset node=$1 90 typeset access=$2 91 typeset flag=$3 92 typeset log rlog rflag 93 94 # Get the expect log check 95 if [[ $flag == allow ]]; then 96 log=log_mustnot 97 rlog=log_must 98 rflag=deny 99 else 100 log=log_must 101 rlog=log_mustnot 102 rflag=allow 103 fi 104 105 log_must usr_exec $CHMOD A+everyone@:$access:$flag $node 106 log_must usr_exec $CHMOD A+user:$ZFS_ACL_OTHER1:$access:$rflag $node 107 check_access $log $ZFS_ACL_OTHER1 $node $access $rflag 108 log_must usr_exec $CHMOD A0- $node 109 110 log_must usr_exec \ 111 $CHMOD A+group:$ZFS_ACL_OTHER_GROUP:$access:$rflag $node 112 check_access $log $ZFS_ACL_OTHER1 $node $access $rflag 113 check_access $log $ZFS_ACL_OTHER2 $node $access $rflag 114 log_must usr_exec $CHMOD A0- $node 115 log_must usr_exec $CHMOD A0- $node 116 117 log_must usr_exec \ 118 $CHMOD A+group:$ZFS_ACL_OTHER_GROUP:$access:$flag $node 119 log_must usr_exec $CHMOD A+user:$ZFS_ACL_OTHER1:$access:$rflag $node 120 $log rwx_node $ZFS_ACL_OTHER1 $node $access 121 $rlog rwx_node $ZFS_ACL_OTHER2 $node $access 122 log_must usr_exec $CHMOD A0- $node 123 log_must usr_exec $CHMOD A0- $node 124} 125 126log_assert "Verify that explicit ACL setting to specified user or group will" \ 127 "override existed access rule." 128log_onexit cleanup 129 130set -A a_access "read_data" "write_data" "execute" 131set -A a_flag "allow" "deny" 132typeset node 133 134test_requires ZFS_ACL 135 136for user in root $ZFS_ACL_STAFF1; do 137 log_must set_cur_usr $user 138 139 log_must usr_exec $TOUCH $testfile 140 log_must usr_exec $MKDIR $testdir 141 log_must usr_exec $CHMOD 755 $testfile $testdir 142 143 for node in $testfile $testdir; do 144 for access in ${a_access[@]}; do 145 for flag in ${a_flag[@]}; do 146 verify_explicit_ACL_rule $node $access $flag 147 done 148 done 149 done 150 151 log_must usr_exec $RM -rf $testfile $testdir 152done 153 154log_pass "Explicit ACL setting to specified user or group will override " \ 155 "existed access rule passed." 156