1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26# 27# ident "@(#)zfs_acl_chmod_xattr_002_pos.ksh 1.4 09/01/13 SMI" 28# 29 30. $STF_SUITE/tests/acl/acl_common.kshlib 31 32################################################################################# 33# 34# __stc_assertion_start 35# 36# ID: zfs_acl_chmod_xattr_002_pos 37# 38# DESCRIPTION: 39# Verify that the write_xattr for remove the extended attributes of 40# owner/group/everyone are correct. 41# 42# STRATEGY: 43# 1. Create file and directory in zfs filesystem 44# 2. Set special write_xattr ACE to the file and directory 45# 3. Try to remove the extended attributes of the file and directory 46# 4. Verify above operation is successful. 47# 48# TESTABILITY: explicit 49# 50# TEST_AUTOMATION_LEVEL: automated 51# 52# CODING_STATUS: COMPLETED (2005-11-29) 53# 54# __stc_assertion_end 55# 56################################################################################ 57 58verify_runnable "both" 59 60function cleanup 61{ 62 cd $cwd 63 64 cleanup_test_files $TESTDIR/basedir 65 66 if [[ -e $TESTDIR/$ARCHIVEFILE ]]; then 67 log_must $RM -f $TESTDIR/$ARCHIVEFILE 68 fi 69 70 return 0 71} 72 73# owner@ group group_users other_users 74set -A users \ 75 "root" "root" "$ZFS_ACL_ADMIN" "$ZFS_ACL_OTHER1" \ 76 "$ZFS_ACL_STAFF1" "$ZFS_ACL_STAFF_GROUP" "$ZFS_ACL_STAFF2" "$ZFS_ACL_OTHER1" 77 78set -A a_access \ 79 "write_xattr:allow" \ 80 "write_xattr:deny" 81 82set -A a_flag "owner@" "group@" "everyone@" 83 84MYTESTFILE=$STF_SUITE/include/default.cfg 85 86log_assert "Verify that the permission of write_xattr for " \ 87 "owner/group/everyone while remove extended attributes are correct." 88log_onexit cleanup 89 90function operate_node #user node acl 91{ 92 typeset user=$1 93 typeset node=$2 94 typeset acl_t=$3 95 typeset ret 96 97 if [[ $user == "" || $node == "" ]]; then 98 log_fail "user, node are not defined." 99 fi 100 101 chgusr_exec $user $RUNAT $node $RM -f attr.0 ; ret=$? 102 103 if [[ $ret -eq 0 ]]; then 104 log_must cleanup_test_files $TESTDIR/basedir 105 log_must $TAR xpf@ $TESTDIR/$ARCHIVEFILE 106 fi 107 108 return $ret 109} 110 111function logname #acl_target owner user 112{ 113 typeset acl_target=$1 114 typeset owner=$2 115 typeset user=$3 116 typeset ret="log_mustnot" 117 118 # To super user, read and write deny permission was override. 119 if [[ $user == root || $owner == $user ]] then 120 ret="log_must" 121 fi 122 123 print $ret 124} 125 126function check_chmod_results #node flag acl_target owner g_usr o_usr 127{ 128 typeset node=$1 129 typeset flag=$2 130 typeset acl_target=$2:$3 131 typeset owner=$4 132 typeset g_usr=$5 133 typeset o_usr=$6 134 typeset log 135 136 if [[ $flag == "owner@" || $flag == "everyone@" ]]; then 137 log=$(logname $acl_target $owner $ZFS_ACL_CUR_USER) 138 $log operate_node $ZFS_ACL_CUR_USER $node $acl_target 139 fi 140 if [[ $flag == "group@" || $flag == "everyone@" ]]; then 141 log=$(logname $acl_target $owner $g_usr) 142 $log operate_node $g_usr $node $acl_target 143 fi 144 if [[ $flag == "everyone@" ]]; then 145 log=$(logname $acl_target $owner $o_usr) 146 $log operate_node $o_usr $node $acl_target 147 fi 148} 149 150function test_chmod_basic_access #node owner g_usr o_usr 151{ 152 typeset node=${1%/} 153 typeset owner=$2 154 typeset g_usr=$3 155 typeset o_usr=$4 156 typeset flag acl_p acl_t parent 157 158 parent=${node%/*} 159 160 for flag in ${a_flag[@]}; do 161 for acl_t in "${a_access[@]}"; do 162 log_must usr_exec $CHMOD A+$flag:$acl_t $node 163 164 log_must $TAR cpf@ $TESTDIR/$ARCHIVEFILE basedir 165 166 check_chmod_results "$node" "$flag" \ 167 "$acl_t" "$owner" "$g_usr" "$o_usr" 168 169 log_must usr_exec $CHMOD A0- $node 170 done 171 done 172} 173 174function setup_test_files #base_node user group 175{ 176 typeset base_node=$1 177 typeset user=$2 178 typeset group=$3 179 180 cleanup_test_files $base_node 181 182 log_must $MKDIR -p $base_node 183 log_must $CHOWN $user:$group $base_node 184 185 log_must set_cur_usr $user 186 187 # Prepare all files/sub-dirs for testing. 188 189 file0=$base_node/testfile_rm 190 191 dir0=$base_node/testdir_rm 192 193 log_must usr_exec $TOUCH $file0 194 log_must usr_exec $CHMOD 444 $file0 195 196 log_must usr_exec $RUNAT $file0 $CP $MYTESTFILE attr.0 197 198 log_must usr_exec $MKDIR -p $dir0 199 log_must usr_exec $CHMOD 555 $dir0 200 201 log_must usr_exec $RUNAT $dir0 $CP $MYTESTFILE attr.0 202 203 log_must usr_exec $CHMOD 555 $base_node 204 return 0 205} 206 207function cleanup_test_files #base_node 208{ 209 typeset base_node=$1 210 211 if [[ -d $base_node ]]; then 212 log_must $RM -rf $base_node 213 elif [[ -e $base_node ]]; then 214 log_must $RM -f $base_node 215 fi 216 217 return 0 218} 219 220typeset cwd=$PWD 221typeset ARCHIVEFILE=archive.tar 222 223test_requires RUNAT ZFS_XATTR 224 225typeset -i i=0 226typeset -i j=0 227typeset target 228 229while (( i < ${#users[@]} )); do 230 setup_test_files $TESTDIR/basedir ${users[i]} ${users[((i+1))]} 231 cd $TESTDIR 232 233 j=0 234 while (( j < 1 )); do 235 eval target=\$file$j 236 test_chmod_basic_access $target ${users[i]} \ 237 "${users[((i+2))]}" "${users[((i+3))]}" 238 239 eval target=\$dir$j 240 test_chmod_basic_access $target ${users[i]} \ 241 "${users[((i+2))]}" "${users[((i+3))]}" 242 243 (( j = j + 1 )) 244 done 245 246 (( i += 4 )) 247done 248 249log_pass "Verify that the permission of write_xattr for " \ 250 "owner/group/everyone while remove extended attributes are correct." 251