1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26 27. $STF_SUITE/tests/acl/acl_common.kshlib 28 29################################################################################# 30# 31# __stc_assertion_start 32# 33# ID: zfs_acl_chmod_xattr_002_pos 34# 35# DESCRIPTION: 36# Verify that the write_xattr for remove the extended attributes of 37# owner/group/everyone are correct. 38# 39# STRATEGY: 40# 1. Create file and directory in zfs filesystem 41# 2. Set special write_xattr ACE to the file and directory 42# 3. Try to remove the extended attributes of the file and directory 43# 4. Verify above operation is successful. 44# 45# TESTABILITY: explicit 46# 47# TEST_AUTOMATION_LEVEL: automated 48# 49# CODING_STATUS: COMPLETED (2005-11-29) 50# 51# __stc_assertion_end 52# 53################################################################################ 54 55verify_runnable "both" 56 57function cleanup 58{ 59 cd $cwd 60 61 cleanup_test_files $TESTDIR/basedir 62 63 if [[ -e $TESTDIR/$ARCHIVEFILE ]]; then 64 log_must $RM -f $TESTDIR/$ARCHIVEFILE 65 fi 66 67 return 0 68} 69 70# owner@ group group_users other_users 71set -A users \ 72 "root" "root" "$ZFS_ACL_ADMIN" "$ZFS_ACL_OTHER1" \ 73 "$ZFS_ACL_STAFF1" "$ZFS_ACL_STAFF_GROUP" "$ZFS_ACL_STAFF2" "$ZFS_ACL_OTHER1" 74 75set -A a_access \ 76 "write_xattr:allow" \ 77 "write_xattr:deny" 78 79set -A a_flag "owner@" "group@" "everyone@" 80 81MYTESTFILE=$STF_SUITE/include/default.cfg 82 83log_assert "Verify that the permission of write_xattr for " \ 84 "owner/group/everyone while remove extended attributes are correct." 85log_onexit cleanup 86 87function operate_node #user node acl 88{ 89 typeset user=$1 90 typeset node=$2 91 typeset acl_t=$3 92 typeset ret 93 94 if [[ $user == "" || $node == "" ]]; then 95 log_fail "user, node are not defined." 96 fi 97 98 chgusr_exec $user $RUNAT $node $RM -f attr.0 ; ret=$? 99 100 if [[ $ret -eq 0 ]]; then 101 log_must cleanup_test_files $TESTDIR/basedir 102 log_must $TAR xpf@ $TESTDIR/$ARCHIVEFILE 103 fi 104 105 return $ret 106} 107 108function logname #acl_target owner user 109{ 110 typeset acl_target=$1 111 typeset owner=$2 112 typeset user=$3 113 typeset ret="log_mustnot" 114 115 # To super user, read and write deny permission was override. 116 if [[ $user == root || $owner == $user ]] then 117 ret="log_must" 118 fi 119 120 print $ret 121} 122 123function check_chmod_results #node flag acl_target owner g_usr o_usr 124{ 125 typeset node=$1 126 typeset flag=$2 127 typeset acl_target=$2:$3 128 typeset owner=$4 129 typeset g_usr=$5 130 typeset o_usr=$6 131 typeset log 132 133 if [[ $flag == "owner@" || $flag == "everyone@" ]]; then 134 log=$(logname $acl_target $owner $ZFS_ACL_CUR_USER) 135 $log operate_node $ZFS_ACL_CUR_USER $node $acl_target 136 fi 137 if [[ $flag == "group@" || $flag == "everyone@" ]]; then 138 log=$(logname $acl_target $owner $g_usr) 139 $log operate_node $g_usr $node $acl_target 140 fi 141 if [[ $flag == "everyone@" ]]; then 142 log=$(logname $acl_target $owner $o_usr) 143 $log operate_node $o_usr $node $acl_target 144 fi 145} 146 147function test_chmod_basic_access #node owner g_usr o_usr 148{ 149 typeset node=${1%/} 150 typeset owner=$2 151 typeset g_usr=$3 152 typeset o_usr=$4 153 typeset flag acl_p acl_t parent 154 155 parent=${node%/*} 156 157 for flag in ${a_flag[@]}; do 158 for acl_t in "${a_access[@]}"; do 159 log_must usr_exec $CHMOD A+$flag:$acl_t $node 160 161 log_must $TAR cpf@ $TESTDIR/$ARCHIVEFILE basedir 162 163 check_chmod_results "$node" "$flag" \ 164 "$acl_t" "$owner" "$g_usr" "$o_usr" 165 166 log_must usr_exec $CHMOD A0- $node 167 done 168 done 169} 170 171function setup_test_files #base_node user group 172{ 173 typeset base_node=$1 174 typeset user=$2 175 typeset group=$3 176 177 cleanup_test_files $base_node 178 179 log_must $MKDIR -p $base_node 180 log_must $CHOWN $user:$group $base_node 181 182 log_must set_cur_usr $user 183 184 # Prepare all files/sub-dirs for testing. 185 186 file0=$base_node/testfile_rm 187 188 dir0=$base_node/testdir_rm 189 190 log_must usr_exec $TOUCH $file0 191 log_must usr_exec $CHMOD 444 $file0 192 193 log_must usr_exec $RUNAT $file0 $CP $MYTESTFILE attr.0 194 195 log_must usr_exec $MKDIR -p $dir0 196 log_must usr_exec $CHMOD 555 $dir0 197 198 log_must usr_exec $RUNAT $dir0 $CP $MYTESTFILE attr.0 199 200 log_must usr_exec $CHMOD 555 $base_node 201 return 0 202} 203 204function cleanup_test_files #base_node 205{ 206 typeset base_node=$1 207 208 if [[ -d $base_node ]]; then 209 log_must $RM -rf $base_node 210 elif [[ -e $base_node ]]; then 211 log_must $RM -f $base_node 212 fi 213 214 return 0 215} 216 217typeset cwd=$PWD 218typeset ARCHIVEFILE=archive.tar 219 220test_requires RUNAT ZFS_XATTR 221 222typeset -i i=0 223typeset -i j=0 224typeset target 225 226while (( i < ${#users[@]} )); do 227 setup_test_files $TESTDIR/basedir ${users[i]} ${users[((i+1))]} 228 cd $TESTDIR 229 230 j=0 231 while (( j < 1 )); do 232 eval target=\$file$j 233 test_chmod_basic_access $target ${users[i]} \ 234 "${users[((i+2))]}" "${users[((i+3))]}" 235 236 eval target=\$dir$j 237 test_chmod_basic_access $target ${users[i]} \ 238 "${users[((i+2))]}" "${users[((i+3))]}" 239 240 (( j = j + 1 )) 241 done 242 243 (( i += 4 )) 244done 245 246log_pass "Verify that the permission of write_xattr for " \ 247 "owner/group/everyone while remove extended attributes are correct." 248