1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2007 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26# 27# ident "@(#)zfs_acl_chmod_rwx_004_pos.ksh 1.3 07/07/31 SMI" 28# 29 30. $STF_SUITE/tests/acl/acl_common.kshlib 31 32################################################################################# 33# 34# __stc_assertion_start 35# 36# ID: zfs_acl_chmod_rwx_004_pos 37# 38# DESCRIPTION: 39# Verify that explicit ACL setting to specified user or group will 40# override existed access rule. 41# 42# STRATEGY: 43# 1. Loop root and non-root user. 44# 2. Loop the specified access one by one. 45# 3. Loop verify explicit ACL set to specified user and group. 46# 47# TESTABILITY: explicit 48# 49# TEST_AUTOMATION_LEVEL: automated 50# 51# CODING_STATUS: COMPLETED (2005-10-14) 52# 53# __stc_assertion_end 54# 55################################################################################ 56 57verify_runnable "both" 58 59function check_access #log user node access rflag 60{ 61 typeset log=$1 62 typeset user=$2 63 typeset node=$3 64 typeset access=$4 65 typeset rflag=$5 66 67 if [[ $rflag == "allow" && $access == execute ]]; then 68 rwx_node $user $node $access 69 # 70 # When everyone@ were deny, this file can't execute. 71 # So,'cannot execute' means user has the permission to 72 # execute, just the file can't be execute. 73 # 74 if [[ $ZFS_ACL_ERR_STR == *"cannot execute" ]]; then 75 log_note "SUCCESS: rwx_node $user $node $access" 76 else 77 log_fail "FAIL: rwx_node $user $node $access" 78 fi 79 else 80 $log rwx_node $user $node $access 81 fi 82} 83 84function verify_explicit_ACL_rule #node access flag 85{ 86 set -A a_access "read_data" "write_data" "execute" 87 typeset node=$1 88 typeset access=$2 89 typeset flag=$3 90 typeset log rlog rflag 91 92 # Get the expect log check 93 if [[ $flag == allow ]]; then 94 log=log_mustnot 95 rlog=log_must 96 rflag=deny 97 else 98 log=log_must 99 rlog=log_mustnot 100 rflag=allow 101 fi 102 103 log_must usr_exec $CHMOD A+everyone@:$access:$flag $node 104 log_must usr_exec $CHMOD A+user:$ZFS_ACL_OTHER1:$access:$rflag $node 105 check_access $log $ZFS_ACL_OTHER1 $node $access $rflag 106 log_must usr_exec $CHMOD A0- $node 107 108 log_must usr_exec \ 109 $CHMOD A+group:$ZFS_ACL_OTHER_GROUP:$access:$rflag $node 110 check_access $log $ZFS_ACL_OTHER1 $node $access $rflag 111 check_access $log $ZFS_ACL_OTHER2 $node $access $rflag 112 log_must usr_exec $CHMOD A0- $node 113 log_must usr_exec $CHMOD A0- $node 114 115 log_must usr_exec \ 116 $CHMOD A+group:$ZFS_ACL_OTHER_GROUP:$access:$flag $node 117 log_must usr_exec $CHMOD A+user:$ZFS_ACL_OTHER1:$access:$rflag $node 118 $log rwx_node $ZFS_ACL_OTHER1 $node $access 119 $rlog rwx_node $ZFS_ACL_OTHER2 $node $access 120 log_must usr_exec $CHMOD A0- $node 121 log_must usr_exec $CHMOD A0- $node 122} 123 124log_assert "Verify that explicit ACL setting to specified user or group will" \ 125 "override existed access rule." 126log_onexit cleanup 127 128set -A a_access "read_data" "write_data" "execute" 129set -A a_flag "allow" "deny" 130typeset node 131 132test_requires ZFS_ACL 133 134for user in root $ZFS_ACL_STAFF1; do 135 log_must set_cur_usr $user 136 137 log_must usr_exec $TOUCH $testfile 138 log_must usr_exec $MKDIR $testdir 139 log_must usr_exec $CHMOD 755 $testfile $testdir 140 141 for node in $testfile $testdir; do 142 for access in ${a_access[@]}; do 143 for flag in ${a_flag[@]}; do 144 verify_explicit_ACL_rule $node $access $flag 145 done 146 done 147 done 148 149 log_must usr_exec $RM -rf $testfile $testdir 150done 151 152log_pass "Explicit ACL setting to specified user or group will override " \ 153 "existed access rule passed." 154