1# vim: filetype=sh 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2008 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26 27. $STF_SUITE/include/libtest.kshlib 28 29# 30# Cleanup exist user/group. 31# 32function cleanup_user_group 33{ 34 typeset i 35 for i in $STAFF1 $STAFF2 $OTHER1 $OTHER2 ; do 36 del_user $i 37 done 38 for i in $STAFF_GROUP $OTHER_GROUP ; do 39 del_group $i 40 done 41 42 return 0 43} 44 45# 46# Restore test file system to the original status. 47# 48function restore_root_datasets 49{ 50 if datasetexists $ROOT_TESTFS ; then 51 log_must $ZFS destroy -Rf $ROOT_TESTFS 52 fi 53 log_must $ZFS create $ROOT_TESTFS 54 55 if is_global_zone ; then 56 if datasetexists $ROOT_TESTVOL ; then 57 log_must $ZFS destroy -Rf $ROOT_TESTVOL 58 fi 59 log_must $ZFS create -V $VOLSIZE $ROOT_TESTVOL 60 fi 61 62 return 0 63} 64 65# 66# Verify the specified user have permission on the dataset 67# 68# $1 dataset 69# $2 permissions which are separated by comma(,) 70# $3-n users 71# 72function verify_perm 73{ 74 typeset dtst=$1 75 typeset permissions=$2 76 shift 2 77 78 if [[ -z $@ || -z $permissions || -z $dtst ]]; then 79 return 1 80 fi 81 82 typeset type=$(get_prop type $dtst) 83 permissions=$($ECHO $permissions | $TR -s "," " ") 84 85 typeset user 86 for user in $@; do 87 typeset perm 88 for perm in $permissions; do 89 typeset -i ret=1 90 if [[ $type == "filesystem" ]]; then 91 check_fs_perm $user $perm $dtst 92 ret=$? 93 elif [[ $type == "volume" ]]; then 94 check_vol_perm $user $perm $dtst 95 ret=$? 96 fi 97 98 if ((ret != 0)) ; then 99 log_note "Fail: $user should have $perm " \ 100 "on $dtst" 101 return 1 102 fi 103 done 104 done 105 106 return 0 107} 108 109# 110# Verify the specified user have no permission on the dataset 111# 112# $1 dataset 113# $2 permissions which are separated by comma(,) 114# $3-n users 115# 116function verify_noperm 117{ 118 typeset dtst=$1 119 typeset permissions=$2 120 shift 2 121 122 if [[ -z $@ || -z $permissions || -z $dtst ]]; then 123 return 1 124 fi 125 126 typeset type=$(get_prop type $dtst) 127 permissions=$($ECHO $permissions | $TR -s "," " ") 128 129 typeset user 130 for user in $@; do 131 typeset perm 132 for perm in $permissions; do 133 typeset -i ret=1 134 if [[ $type == "filesystem" ]]; then 135 check_fs_perm $user $perm $dtst 136 ret=$? 137 elif [[ $type == "volume" ]]; then 138 check_vol_perm $user $perm $dtst 139 ret=$? 140 fi 141 142 if ((ret == 0)) ; then 143 log_note "Fail: $user should not have $perm " \ 144 "on $dtst" 145 return 1 146 fi 147 done 148 done 149 150 return 0 151} 152 153function user_run 154{ 155 typeset user=$1 156 typeset group=$($GROUPS $user) 157 shift 158 159 sudo -u $user -g $group $@ 160} 161 162function common_perm 163{ 164 typeset user=$1 165 typeset perm=$2 166 typeset dtst=$3 167 168 typeset -i ret=1 169 case $perm in 170 send) 171 verify_send $user $perm $dtst 172 ret=$? 173 ;; 174 allow) 175 verify_allow $user $perm $dtst 176 ret=$? 177 ;; 178 userprop) 179 verify_userprop $user $perm $dtst 180 ret=$? 181 ;; 182 compression|checksum|readonly) 183 verify_ccr $user $perm $dtst 184 ret=$? 185 ;; 186 copies) 187 verify_copies $user $perm $dtst 188 ret=$? 189 ;; 190 reservation) 191 verify_reservation $user $perm $dtst 192 ret=$? 193 ;; 194 *) 195 ret=1 196 ;; 197 esac 198 199 return $ret 200} 201 202function check_fs_perm 203{ 204 typeset user=$1 205 typeset perm=$2 206 typeset fs=$3 207 208 typeset -i ret=1 209 case $perm in 210 create) 211 verify_fs_create $user $perm $fs 212 ret=$? 213 ;; 214 destroy) 215 verify_fs_destroy $user $perm $fs 216 ret=$? 217 ;; 218 snapshot) 219 verify_fs_snapshot $user $perm $fs 220 ret=$? 221 ;; 222 rollback) 223 verify_fs_rollback $user $perm $fs 224 ret=$? 225 ;; 226 clone) 227 verify_fs_clone $user $perm $fs 228 ret=$? 229 ;; 230 rename) 231 verify_fs_rename $user $perm $fs 232 ret=$? 233 ;; 234 mount) 235 verify_fs_mount $user $perm $fs 236 ret=$? 237 ;; 238 share) 239 verify_fs_share $user $perm $fs 240 ret=$? 241 ;; 242 mountpoint) 243 verify_fs_mountpoint $user $perm $fs 244 ret=$? 245 ;; 246 promote) 247 verify_promote $user $perm $fs 248 ret=$? 249 ;; 250 canmount) 251 verify_fs_canmount $user $perm $fs 252 ret=$? 253 ;; 254 recordsize) 255 verify_fs_recordsize $user $perm $fs 256 ret=$? 257 ;; 258 quota) 259 verify_fs_quota $user $perm $fs 260 ret=$? 261 ;; 262 aclmode) 263 verify_fs_aclmode $user $perm $fs 264 ret=$? 265 ;; 266 aclinherit) 267 verify_fs_aclinherit $user $perm $fs 268 ret=$? 269 ;; 270 snapdir) 271 verify_fs_snapdir $user $perm $fs 272 ret=$? 273 ;; 274 atime|exec|devices|setuid|xattr) 275 verify_fs_aedsx $user $perm $fs 276 ret=$? 277 ;; 278 zoned) 279 verify_fs_zoned $user $perm $fs 280 ret=$? 281 ;; 282 sharenfs) 283 verify_fs_sharenfs $user $perm $fs 284 ret=$? 285 ;; 286 shareiscsi) 287 verify_fs_shareiscsi $user $perm $fs 288 ret=$? 289 ;; 290 receive) 291 verify_fs_receive $user $perm $fs 292 ret=$? 293 ;; 294 *) 295 common_perm $user $perm $fs 296 ret=$? 297 ;; 298 esac 299 300 return $ret 301} 302 303function check_vol_perm 304{ 305 typeset user=$1 306 typeset perm=$2 307 typeset vol=$3 308 309 typeset -i ret=1 310 case $perm in 311 destroy) 312 verify_vol_destroy $user $perm $vol 313 ret=$? 314 ;; 315 snapshot) 316 verify_vol_snapshot $user $perm $vol 317 ret=$? 318 ;; 319 rollback) 320 verify_vol_rollback $user $perm $vol 321 ret=$? 322 ;; 323 clone) 324 verify_vol_clone $user $perm $vol 325 ret=$? 326 ;; 327 rename) 328 verify_vol_rename $user $perm $vol 329 ret=$? 330 ;; 331 promote) 332 verify_promote $user $perm $vol 333 ret=$? 334 ;; 335 volsize) 336 verify_vol_volsize $user $perm $vol 337 ret=$? 338 ;; 339 shareiscsi) 340 verify_vol_shareiscsi $user $perm $vol 341 ret=$? 342 ;; 343 *) 344 common_perm $user $perm $vol 345 ret=$? 346 ;; 347 esac 348 349 return $ret 350} 351 352function setup_unallow_testenv 353{ 354 typeset dtst 355 356 log_must restore_root_datasets 357 358 log_must $ZFS create $SUBFS 359 360 for dtst in $DATASETS ; do 361 log_must $ZFS allow -l $STAFF1 $LOCAL_SET $dtst 362 log_must $ZFS allow -d $STAFF2 $DESC_SET $dtst 363 log_must $ZFS allow $OTHER1 $LOCAL_DESC_SET $dtst 364 log_must $ZFS allow $OTHER2 $LOCAL_DESC_SET $dtst 365 366 log_must verify_perm $dtst $LOCAL_SET $STAFF1 367 log_must verify_perm $dtst $LOCAL_DESC_SET $OTHER1 368 log_must verify_perm $dtst $LOCAL_DESC_SET $OTHER2 369 if [[ $dtst == $ROOT_TESTFS ]]; then 370 log_must verify_perm $SUBFS $DESC_SET $STAFF2 371 log_must verify_perm $SUBFS $LOCAL_DESC_SET $OTHER1 372 log_must verify_perm $SUBFS $LOCAL_DESC_SET $OTHER2 373 fi 374 done 375 376 return 0 377} 378 379# 380# Verify permission send for specified user on the dataset 381# $1 user 382# $2 permission 383# $3 dataset 384# 385function verify_send 386{ 387 typeset user=$1 388 typeset perm=$2 389 typeset dtst=$3 390 391 typeset oldval 392 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 393 typeset snap=$dtst@snap.$stamp 394 395 typeset -i ret=1 396 397 log_must $ZFS snapshot $snap 398 typeset bak_user=$TMPDIR/bak.$user.$stamp 399 typeset bak_root=$TMPDIR/bak.root.$stamp 400 401 user_run $user $ZFS send $snap > $bak_user 402 log_must eval "$ZFS send $snap > $bak_root" 403 log_must $ZFS destroy $snap 404 405 if [[ $(checksum $bak_user) == $(checksum $bak_root) ]]; then 406 ret=0 407 fi 408 409 $RM -rf $bak_user > /dev/null 410 $RM -rf $bak_root > /dev/null 411 412 return $ret 413} 414 415function verify_fs_receive 416{ 417 typeset user=$1 418 typeset perm=$2 419 typeset fs=$3 420 421 typeset dtst 422 typeset oldval 423 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 424 typeset newfs=$fs/newfs.$stamp 425 typeset newvol=$fs/newvol.$stamp 426 typeset bak_user=$TMPDIR/bak.$user.$stamp 427 typeset bak_root=$TMPDIR/bak.root.$stamp 428 429 log_must $ZFS create $newfs 430 typeset datasets="$newfs" 431 if is_global_zone ; then 432 log_must $ZFS create -V $VOLSIZE $newvol 433 datasets="$newfs $newvol" 434 fi 435 436 for dtst in $datasets ; do 437 438 typeset dtstsnap=$dtst@snap.$stamp 439 log_must $ZFS snapshot $dtstsnap 440 441 log_must eval "$ZFS send $dtstsnap > $bak_root" 442 log_must $ZFS destroy -rf $dtst 443 444 user_run $user $ZFS receive $dtst < $bak_root 445 if datasetexists $dtstsnap ; then 446 return 1 447 fi 448 449 log_must $ZFS allow $user create $fs 450 user_run $user $ZFS receive $dtst < $bak_root 451 log_must $ZFS unallow $user create $fs 452 if datasetexists $dtstsnap ; then 453 return 1 454 fi 455 456 log_must $ZFS allow $user mount $fs 457 user_run $user $ZFS receive $dtst < $bak_root 458 log_must $ZFS unallow $user mount $fs 459 if datasetexists $dtstsnap ; then 460 return 1 461 fi 462 463 log_must $ZFS allow $user mount,create $fs 464 user_run $user $ZFS receive $dtst < $bak_root 465 log_must $ZFS unallow $user mount,create $fs 466 if ! datasetexists $dtstsnap ; then 467 return 1 468 fi 469 470 # check the data integrity 471 log_must eval "$ZFS send $dtstsnap > $bak_user" 472 log_must $ZFS destroy -rf $dtst 473 log_must eval "$ZFS receive $dtst < $bak_root" 474 log_must eval "$ZFS send $dtstsnap > $bak_root" 475 log_must $ZFS destroy -rf $dtst 476 if [[ $(checksum $bak_user) != $(checksum $bak_root) ]]; then 477 return 1 478 fi 479 480 $RM -rf $bak_user > /dev/null 481 $RM -rf $bak_root > /dev/null 482 483 done 484 485 return 0 486} 487 488function verify_userprop 489{ 490 typeset user=$1 491 typeset perm=$2 492 typeset dtst=$3 493 494 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 495 496 user_run $user $ZFS set "$user:ts=$stamp" $dtst 497 if [[ $stamp != $(get_prop "$user:ts" $dtst) ]]; then 498 return 1 499 fi 500 log_must $ZFS inherit "$user:ts" $dtst 501 502 return 0 503} 504 505function verify_ccr 506{ 507 typeset user=$1 508 typeset perm=$2 509 typeset dtst=$3 510 511 typeset oldval 512 513 set -A modes "on" "off" 514 oldval=$(get_prop $perm $dtst) 515 if [[ $oldval == "on" ]]; then 516 n=1 517 elif [[ $oldval == "off" ]]; then 518 n=0 519 fi 520 log_note "$user $ZFS set $perm=${modes[$n]} $dtst" 521 user_run $user $ZFS set $perm=${modes[$n]} $dtst 522 if [[ ${modes[$n]} != $(get_prop $perm $dtst) ]]; then 523 return 1 524 fi 525 526 return 0 527} 528 529function verify_copies 530{ 531 typeset user=$1 532 typeset perm=$2 533 typeset dtst=$3 534 535 typeset oldval 536 537 set -A modes 1 2 3 538 oldval=$(get_prop $perm $dtst) 539 if [[ $oldval -eq 1 ]]; then 540 n=1 541 elif [[ $oldval -eq 2 ]]; then 542 n=2 543 elif [[ $oldval -eq 3 ]]; then 544 n=0 545 fi 546 log_note "$user $ZFS set $perm=${modes[$n]} $dtst" 547 user_run $user $ZFS set $perm=${modes[$n]} $dtst 548 if [[ ${modes[$n]} != $(get_prop $perm $dtst) ]]; then 549 return 1 550 fi 551 552 return 0 553} 554 555function verify_reservation 556{ 557 typeset user=$1 558 typeset perm=$2 559 typeset dtst=$3 560 561 typeset value32m=$(( 1024 * 1024 * 32 )) 562 typeset oldval=$(get_prop reservation $dtst) 563 user_run $user $ZFS set reservation=$value32m $dtst 564 if [[ $value32m != $(get_prop reservation $dtst) ]]; then 565 log_must $ZFS set reservation=$oldval $dtst 566 return 1 567 fi 568 569 log_must $ZFS set reservation=$oldval $dtst 570 return 0 571} 572 573function verify_fs_create 574{ 575 typeset user=$1 576 typeset perm=$2 577 typeset fs=$3 578 579 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 580 typeset newfs=$fs/nfs.$stamp 581 typeset newvol=$fs/nvol.$stamp 582 583 user_run $user $ZFS create $newfs 584 if datasetexists $newfs ; then 585 return 1 586 fi 587 588 log_must $ZFS allow $user mount $fs 589 user_run $user $ZFS create $newfs 590 log_must $ZFS unallow $user mount $fs 591 if ! datasetexists $newfs ; then 592 return 1 593 fi 594 log_must $ZFS destroy $newfs 595 596 if is_global_zone ; then 597 # mount permission is required for sparse volume 598 user_run $user $ZFS create -V 150m -s $newvol 599 if datasetexists $newvol ; then 600 return 1 601 fi 602 603 log_must $ZFS allow $user mount $fs 604 user_run $user $ZFS create -V 150m -s $newvol 605 log_must $ZFS unallow $user mount $fs 606 if ! datasetexists $newvol ; then 607 return 1 608 fi 609 log_must $ZFS destroy $newvol 610 611 # mount and reserveration permission are 612 # required for normal volume 613 user_run $user $ZFS create -V 150m $newvol 614 if datasetexists $newvol ; then 615 return 1 616 fi 617 618 log_must $ZFS allow $user mount $fs 619 user_run $user $ZFS create -V 150m $newvol 620 log_must $ZFS unallow $user mount $fs 621 if datasetexists $newvol ; then 622 return 1 623 fi 624 625 log_must $ZFS allow $user reservation $fs 626 user_run $user $ZFS create -V 150m $newvol 627 log_must $ZFS unallow $user reservation $fs 628 if datasetexists $newvol ; then 629 return 1 630 fi 631 632 log_must $ZFS allow $user refreservation $fs 633 user_run $user $ZFS create -V 150m $newvol 634 log_must $ZFS unallow $user refreservation $fs 635 if datasetexists $newvol ; then 636 return 1 637 fi 638 639 log_must $ZFS allow $user mount $fs 640 log_must $ZFS allow $user reservation $fs 641 log_must $ZFS allow $user refreservation $fs 642 user_run $user $ZFS create -V 150m $newvol 643 log_must $ZFS unallow $user mount $fs 644 log_must $ZFS unallow $user reservation $fs 645 log_must $ZFS unallow $user refreservation $fs 646 if ! datasetexists $newvol ; then 647 return 1 648 fi 649 log_must $ZFS destroy $newvol 650 fi 651 652 return 0 653} 654 655function verify_fs_destroy 656{ 657 typeset user=$1 658 typeset perm=$2 659 typeset fs=$3 660 661 if ! ismounted $fs ; then 662 user_run $user $ZFS destroy $fs 663 if datasetexists $fs ; then 664 return 1 665 fi 666 fi 667 668 if ismounted $fs ; then 669 user_run $user $ZFS destroy $fs 670 if ! datasetexists $fs ; then 671 return 1 672 fi 673 674 # mount permission is required 675 log_must $ZFS allow $user mount $fs 676 user_run $user $ZFS destroy $fs 677 if datasetexists $fs ; then 678 return 1 679 fi 680 fi 681 682 return 0 683} 684 685function verify_fs_snapshot 686{ 687 typeset user=$1 688 typeset perm=$2 689 typeset fs=$3 690 691 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 692 typeset snap=$fs@snap.$stamp 693 typeset mntpt=$(get_prop mountpoint $fs) 694 695 if [[ "yes" == $(get_prop mounted $fs) ]]; then 696 log_must $ZFS umount $fs 697 fi 698 user_run $user $ZFS snapshot $snap 699 if ! datasetexists $snap ; then 700 return 1 701 fi 702 log_must $ZFS destroy $snap 703 704 if [[ "no" == $(get_prop mounted $fs) ]]; then 705 log_must $ZFS mount $fs 706 fi 707 user_run $user $ZFS snapshot $snap 708 if ! datasetexists $snap ; then 709 return 1 710 fi 711 log_must $ZFS destroy $snap 712 713 # TODO 714 # FreeBSD does not yet support creating snapshots with mkdir. 715 # See tests/sys/cddl/zfs/tests/snapshot/snapshot_015_pos.ksh 716 # typeset snapdir=${mntpt}/$(get_snapdir_name)/snap.$stamp 717 # user_run $user $MKDIR $snapdir 718 # if ! datasetexists $snap ; then 719 # return 1 720 # fi 721 # log_must $ZFS destroy $snap 722 723 return 0 724} 725 726function verify_fs_rollback 727{ 728 typeset user=$1 729 typeset perm=$2 730 typeset fs=$3 731 732 typeset oldval 733 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 734 typeset snap=$fs@snap.$stamp 735 typeset mntpt=$(get_prop mountpoint $fs) 736 737 oldval=$(datasetcksum $fs) 738 log_must $ZFS snapshot $snap 739 740 if ! ismounted $fs; then 741 log_must $ZFS mount $fs 742 fi 743 log_must $TOUCH $mntpt/testfile.$stamp 744 745 user_run $user $ZFS rollback -R $snap 746 if [[ -e $mntpt/testfile.$stamp ]]; then 747 return 1 748 fi 749 750 # rollback on mounted fs has to be with mount permission 751 log_must $ZFS allow $user mount $fs 752 user_run $user $ZFS rollback -R $snap 753 log_must $ZFS unallow $user mount $fs 754 if is_global_zone ; then 755 if [[ $oldval != $(datasetcksum $fs) ]]; then 756 return 1 757 fi 758 else 759 # datasetcksum can not be used in local zone 760 if [[ -e $mntpt/testfile.$stamp ]]; then 761 return 1 762 fi 763 fi 764 765 return 0 766} 767 768function verify_fs_clone 769{ 770 typeset user=$1 771 typeset perm=$2 772 typeset fs=$3 773 774 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 775 typeset basefs=${fs%/*} 776 typeset snap=$fs@snap.$stamp 777 typeset clone=$basefs/cfs.$stamp 778 779 log_must $ZFS snapshot $snap 780 user_run $user $ZFS clone $snap $clone 781 if datasetexists $clone ; then 782 return 1 783 fi 784 785 log_must $ZFS allow $user create $basefs 786 user_run $user $ZFS clone $snap $clone 787 log_must $ZFS unallow $user create $basefs 788 if datasetexists $clone ; then 789 return 1 790 fi 791 792 log_must $ZFS allow $user mount $basefs 793 user_run $user $ZFS clone $snap $clone 794 log_must $ZFS unallow $user mount $basefs 795 if datasetexists $clone ; then 796 return 1 797 fi 798 799 log_must $ZFS allow $user mount $basefs 800 log_must $ZFS allow $user create $basefs 801 user_run $user $ZFS clone $snap $clone 802 log_must $ZFS unallow $user create $basefs 803 log_must $ZFS unallow $user mount $basefs 804 if ! datasetexists $clone ; then 805 return 1 806 fi 807 808 log_must $ZFS destroy -R $snap 809 810 return 0 811} 812 813function verify_fs_rename 814{ 815 typeset user=$1 816 typeset perm=$2 817 typeset fs=$3 818 819 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 820 typeset basefs=${fs%/*} 821 typeset snap=$fs@snap.$stamp 822 typeset renamefs=$basefs/nfs.$stamp 823 824 if ! ismounted $fs; then 825 log_must $ZFS mount $fs 826 fi 827 828 # case 1 829 user_run $user $ZFS rename $fs $renamefs 830 if datasetexists $renamefs ; then 831 return 1 832 fi 833 834 # case 2 835 log_must $ZFS allow $user create $basefs 836 user_run $user $ZFS rename $fs $renamefs 837 log_must $ZFS unallow $user create $basefs 838 if datasetexists $renamefs ; then 839 return 1 840 fi 841 842 # case 3 843 log_must $ZFS allow $user mount $basefs 844 user_run $user $ZFS rename $fs $renamefs 845 log_must $ZFS unallow $user mount $basefs 846 if datasetexists $renamefs ; then 847 return 1 848 fi 849 850 # case 4 851 log_must $ZFS allow $user mount $fs 852 user_run $user $ZFS rename $fs $renamefs 853 if datasetexists $renamefs ; then 854 log_must $ZFS unallow $user mount $renamefs 855 return 1 856 fi 857 log_must $ZFS unallow $user mount $fs 858 859 # case 5 860 log_must $ZFS allow $user create $basefs 861 log_must $ZFS allow $user mount $fs 862 user_run $user $ZFS rename $fs $renamefs 863 log_must $ZFS unallow $user create $basefs 864 if datasetexists $renamefs ; then 865 log_must $ZFS unallow $user mount $renamefs 866 return 1 867 fi 868 log_must $ZFS unallow $user mount $fs 869 870 # case 6 871 log_must $ZFS allow $user mount $basefs 872 log_must $ZFS allow $user mount $fs 873 user_run $user $ZFS rename $fs $renamefs 874 log_must $ZFS unallow $user mount $basefs 875 if datasetexists $renamefs ; then 876 log_must $ZFS unallow $user mount $renamefs 877 return 1 878 fi 879 log_must $ZFS unallow $user mount $fs 880 881 # case 7 882 log_must $ZFS allow $user create $basefs 883 log_must $ZFS allow $user mount $basefs 884 user_run $user $ZFS rename $fs $renamefs 885 log_must $ZFS unallow $user mount $basefs 886 log_must $ZFS unallow $user create $basefs 887 if ! datasetexists $renamefs ; then 888 return 1 889 fi 890 891 log_must $ZFS rename $renamefs $fs 892 893 return 0 894} 895 896function verify_fs_mount 897{ 898 typeset user=$1 899 typeset perm=$2 900 typeset fs=$3 901 902 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 903 typeset mntpt=$(get_prop mountpoint $fs) 904 typeset newmntpt=$TMPDIR/mnt.$stamp 905 906 if ismounted $fs ; then 907 user_run $user $ZFS unmount $fs 908 if ismounted $fs ; then 909 return 1 910 fi 911 fi 912 913 if ! ismounted $fs ; then 914 log_must $ZFS set mountpoint=$newmntpt $fs 915 log_must $RM -rf $newmntpt 916 log_must $MKDIR $newmntpt 917 918 user_run $user $ZFS mount $fs 919 if ismounted $fs ; then 920 return 1 921 fi 922 923 # mountpoint's owner must be the user 924 log_must $CHOWN $user $newmntpt 925 user_run $user $ZFS mount $fs 926 if ! ismounted $fs ; then 927 return 1 928 fi 929 log_must $ZFS umount $fs 930 log_must $RM -rf $newmntpt 931 log_must $ZFS set mountpoint=$mntpt $fs 932 fi 933 934 return 0 935} 936 937function verify_fs_share 938{ 939 typeset user=$1 940 typeset perm=$2 941 typeset fs=$3 942 943 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 944 typeset mntpt=$(get_prop mountpoint $fs) 945 946 typeset stat=$($SVCS -H -o STA nfs/server:default) 947 if [[ $stat != "ON" ]]; then 948 log_note "Current nfs/server status: $stat" 949 # legacy share 950 user_run $user $SHARE $mntpt 951 if is_shared $fs; then 952 return 1 953 fi 954 955 # sharenfs=on 956 log_must $ZFS set sharenfs=on $fs 957 user_run $user $ZFS share $fs 958 if is_shared $fs; then 959 log_must $ZFS set sharenfs=off $fs 960 return 1 961 fi 962 log_must $ZFS set sharenfs=off $fs 963 fi 964 965 # turn on nfs/server service if it is not enabled 966 typeset tmpshare=$TMPDIR/a.${TESTCASE_ID} 967 $RM -rf $tmpshare 968 log_must $MKDIR -p $tmpshare 969 log_must $SHARE $tmpshare 970 971 # legacy share 972 user_run $user $SHARE $mntpt 973 if ! is_shared $fs ; then 974 log_must $UNSHARE $tmpshare 975 log_must $RM -rf $tmpshare 976 return 1 977 fi 978 979 user_run $user $UNSHARE $mntpt 980 if is_shared $fs ; then 981 log_must $UNSHARE $tmpshare 982 log_must $RM -rf $tmpshare 983 return 1 984 fi 985 986 # sharenfs=on 987 log_must $ZFS set sharenfs=on $fs 988 user_run $user $ZFS share $fs 989 if ! is_shared $fs; then 990 log_must $ZFS set sharenfs=off $fs 991 return 1 992 fi 993 994 user_run $user $ZFS unshare $fs 995 if is_shared $fs; then 996 log_must $ZFS set sharenfs=off $fs 997 return 1 998 fi 999 log_must $ZFS set sharenfs=off $fs 1000 1001 log_must $UNSHARE $tmpshare 1002 log_must $RM -rf $tmpshare 1003 1004 return 0 1005} 1006 1007function verify_fs_mountpoint 1008{ 1009 typeset user=$1 1010 typeset perm=$2 1011 typeset fs=$3 1012 1013 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1014 typeset mntpt=$(get_prop mountpoint $fs) 1015 typeset newmntpt=$TMPDIR/mnt.$stamp 1016 1017 if ! ismounted $fs ; then 1018 user_run $user $ZFS set mountpoint=$newmntpt $fs 1019 if [[ $newmntpt != \ 1020 $(get_prop mountpoint $fs) ]] ; then 1021 return 1 1022 fi 1023 log_must $ZFS set mountpoint=$mntpt $fs 1024 fi 1025 1026 if ismounted $fs ; then 1027 user_run $user $ZFS set mountpoint=$newmntpt $fs 1028 if [[ $mntpt != $(get_prop mountpoint $fs) ]] ; 1029 then 1030 return 1 1031 fi 1032 1033 # require mount permission when fs is mounted 1034 log_must $ZFS allow $user mount $fs 1035 user_run $user $ZFS set mountpoint=$newmntpt $fs 1036 log_must $ZFS unallow $user mount $fs 1037 if [[ $newmntpt != \ 1038 $(get_prop mountpoint $fs) ]] ; then 1039 return 1 1040 fi 1041 log_must $ZFS set mountpoint=$mntpt $fs 1042 fi 1043 1044 return 0 1045} 1046 1047function verify_promote 1048{ 1049 typeset user=$1 1050 typeset perm=$2 1051 typeset fs=$3 1052 1053 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1054 typeset basefs=${fs%/*} 1055 typeset snap=$fs@snap.$stamp 1056 typeset clone=$basefs/cfs.$stamp 1057 1058 log_must $ZFS snapshot $snap 1059 log_must $ZFS clone $snap $clone 1060 log_must $ZFS promote $clone 1061 1062 typeset fs_orig=$(get_prop origin $fs) 1063 typeset clone_orig=$(get_prop origin $clone) 1064 1065 user_run $user $ZFS promote $fs 1066 # promote should fail if original fs does not have mount and promote 1067 # permissions 1068 if [[ $fs_orig != $(get_prop origin $fs) || \ 1069 $clone_orig != $(get_prop origin $clone) ]]; then 1070 return 1 1071 fi 1072 1073 # promote should fail if original fs does not have mount permission 1074 log_must $ZFS allow $user promote $clone 1075 user_run $user $ZFS promote $fs 1076 log_must $ZFS unallow $user promote $clone 1077 if [[ $fs_orig != $(get_prop origin $fs) || \ 1078 $clone_orig != $(get_prop origin $clone) ]]; then 1079 return 1 1080 fi 1081 1082 # promote should fail if original fs does not have promote permission 1083 log_must $ZFS allow $user mount $fs 1084 user_run $user $ZFS promote $fs 1085 log_must $ZFS unallow $user mount $fs 1086 if [[ $fs_orig != $(get_prop origin $fs) || \ 1087 $clone_orig != $(get_prop origin $clone) ]]; then 1088 return 1 1089 fi 1090 1091 log_must $ZFS allow $user mount $fs 1092 log_must $ZFS allow $user promote $clone 1093 user_run $user $ZFS promote $fs 1094 log_must $ZFS unallow $user promote $clone 1095 log_must $ZFS unallow $user mount $fs 1096 if [[ $snap != $(get_prop origin $clone) || \ 1097 $clone_orig != $(get_prop origin $fs) ]]; then 1098 return 1 1099 fi 1100 1101 return 0 1102} 1103 1104function verify_fs_canmount 1105{ 1106 typeset user=$1 1107 typeset perm=$2 1108 typeset fs=$3 1109 1110 typeset oldval 1111 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1112 1113 if ! ismounted $fs ; then 1114 set -A modes "on" "off" 1115 oldval=$(get_prop $perm $fs) 1116 if [[ $oldval == "on" ]]; then 1117 n=1 1118 elif [[ $oldval == "off" ]]; then 1119 n=0 1120 fi 1121 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1122 user_run $user $ZFS set $perm=${modes[$n]} $fs 1123 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; 1124 then 1125 return 1 1126 fi 1127 fi 1128 1129 1130 # fs is mounted 1131 if ismounted $fs ; then 1132 # property value does not change if 1133 # no mount permission 1134 set -A modes "on" "off" 1135 oldval=$(get_prop $perm $fs) 1136 if [[ $oldval == "on" ]]; then 1137 n=1 1138 elif [[ $oldval == "off" ]]; then 1139 n=0 1140 fi 1141 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1142 log_must $ZFS allow $user mount $fs 1143 user_run $user $ZFS set $perm=${modes[$n]} $fs 1144 log_must $ZFS unallow $user mount $fs 1145 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; 1146 then 1147 return 1 1148 fi 1149 fi 1150 1151 return 0 1152} 1153 1154function verify_fs_recordsize 1155{ 1156 typeset user=$1 1157 typeset perm=$2 1158 typeset fs=$3 1159 1160 typeset value8k=$(( 1024 * 8 )) 1161 user_run $user $ZFS set recordsize=$value8k $fs 1162 if [[ $value8k != $(get_prop recordsize $fs) ]]; then 1163 return 1 1164 fi 1165 1166 return 0 1167} 1168 1169function verify_fs_quota 1170{ 1171 typeset user=$1 1172 typeset perm=$2 1173 typeset fs=$3 1174 1175 typeset value32m=$(( 1024 * 1024 * 32 )) 1176 user_run $user $ZFS set quota=$value32m $fs 1177 if [[ $value32m != $(get_prop quota $fs) ]]; then 1178 return 1 1179 fi 1180 1181 return 0 1182} 1183 1184function verify_fs_aclmode 1185{ 1186 typeset user=$1 1187 typeset perm=$2 1188 typeset fs=$3 1189 1190 typeset oldval 1191 set -A modes "discard" "groupmask" "passthrough" 1192 oldval=$(get_prop $perm $fs) 1193 if [[ $oldval == "discard" ]]; then 1194 n=1 1195 elif [[ $oldval == "groupmask" ]]; then 1196 n=2 1197 elif [[ $oldval == "passthrough" ]]; then 1198 n=0 1199 fi 1200 log_note "$user $ZFS set aclmode=${modes[$n]} $fs" 1201 user_run $user $ZFS set aclmode=${modes[$n]} $fs 1202 if [[ ${modes[$n]} != $(get_prop aclmode $fs) ]]; then 1203 return 1 1204 fi 1205 1206 return 0 1207} 1208 1209function verify_fs_aclinherit 1210{ 1211 typeset user=$1 1212 typeset perm=$2 1213 typeset fs=$3 1214 1215 # 1216 # PSARC/2008/231 change the default value of aclinherit to "restricted" 1217 # but still keep the old interface of "secure" 1218 # 1219 1220 typeset oldval 1221 set -A modes "discard" "noallow" "secure" "passthrough" 1222 oldval=$(get_prop $perm $fs) 1223 if [[ $oldval == "discard" ]]; then 1224 n=1 1225 elif [[ $oldval == "noallow" ]]; then 1226 n=2 1227 elif [[ $oldval == "secure" || $oldval == "restricted" ]]; then 1228 n=3 1229 elif [[ $oldval == "passthrough" ]]; then 1230 n=0 1231 fi 1232 log_note "$user $ZFS set aclinherit=${modes[$n]} $fs" 1233 user_run $user $ZFS set aclinherit=${modes[$n]} $fs 1234 1235 typeset newval=$(get_prop aclinherit $fs) 1236 if [[ ${modes[$n]} == "secure" && $newval == "restricted" ]]; then 1237 return 0 1238 elif [[ ${modes[$n]} != $(get_prop aclinherit $fs) ]]; then 1239 return 1 1240 fi 1241 1242 return 0 1243} 1244 1245function verify_fs_snapdir 1246{ 1247 typeset user=$1 1248 typeset perm=$2 1249 typeset fs=$3 1250 1251 typeset oldval 1252 set -A modes "visible" "hidden" 1253 oldval=$(get_prop $perm $fs) 1254 if [[ $oldval == "visible" ]]; then 1255 n=1 1256 elif [[ $oldval == "hidden" ]]; then 1257 n=0 1258 fi 1259 log_note "$user $ZFS set snapdir=${modes[$n]} $fs" 1260 user_run $user $ZFS set snapdir=${modes[$n]} $fs 1261 if [[ ${modes[$n]} != $(get_prop snapdir $fs) ]]; then 1262 return 1 1263 fi 1264 1265 return 0 1266} 1267 1268function verify_fs_aedsx 1269{ 1270 typeset user=$1 1271 typeset perm=$2 1272 typeset fs=$3 1273 1274 typeset oldval 1275 set -A modes "on" "off" 1276 oldval=$(get_prop $perm $fs) 1277 if [[ $oldval == "on" ]]; then 1278 n=1 1279 elif [[ $oldval == "off" ]]; then 1280 n=0 1281 fi 1282 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1283 user_run $user $ZFS set $perm=${modes[$n]} $fs 1284 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; then 1285 return 1 1286 fi 1287 1288 return 0 1289} 1290 1291function verify_fs_zoned 1292{ 1293 typeset user=$1 1294 typeset perm=$2 1295 typeset fs=$3 1296 1297 typeset oldval 1298 set -A modes "on" "off" 1299 oldval=$(get_prop $perm $fs) 1300 if [[ $oldval == "on" ]]; then 1301 n=1 1302 elif [[ $oldval == "off" ]]; then 1303 n=0 1304 fi 1305 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1306 if is_global_zone ; then 1307 if ! ismounted $fs ; then 1308 user_run $user $ZFS set \ 1309 $perm=${modes[$n]} $fs 1310 if [[ ${modes[$n]} != \ 1311 $(get_prop $perm $fs) ]]; then 1312 return 1 1313 fi 1314 if [[ $n -eq 0 ]]; then 1315 log_mustnot $ZFS mount $fs 1316 else 1317 log_must $ZFS mount $fs 1318 fi 1319 fi 1320 1321 if ismounted $fs; then 1322 # n always is 1 in this case 1323 user_run $user $ZFS set \ 1324 $perm=${modes[$n]} $fs 1325 if [[ $oldval != \ 1326 $(get_prop $perm $fs) ]]; then 1327 return 1 1328 fi 1329 1330 # mount permission is needed 1331 # to make zoned=on 1332 log_must $ZFS allow $user mount $fs 1333 user_run $user $ZFS set \ 1334 $perm=${modes[$n]} $fs 1335 log_must $ZFS unallow $user mount $fs 1336 if [[ ${modes[$n]} != \ 1337 $(get_prop $perm $fs) ]]; then 1338 return 1 1339 fi 1340 fi 1341 fi 1342 1343 if ! is_global_zone; then 1344 user_run $user $ZFS set $perm=${modes[$n]} $fs 1345 if [[ $oldval != $(get_prop $perm $fs) ]]; then 1346 return 1 1347 fi 1348 fi 1349 1350 return 0 1351} 1352 1353function verify_fs_sharenfs 1354{ 1355 typeset user=$1 1356 typeset perm=$2 1357 typeset fs=$3 1358 1359 typeset oldval 1360 set -A modes "on" "off" 1361 oldval=$(get_prop $perm $fs) 1362 if [[ $oldval == "on" ]]; then 1363 n=1 1364 elif [[ $oldval == "off" ]]; then 1365 n=0 1366 fi 1367 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1368 user_run $user $ZFS set $perm=${modes[$n]} $fs 1369 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; then 1370 return 1 1371 fi 1372 log_must $ZFS set $perm=$oldval $fs 1373 1374 # turn on nfs/server service if it is not enabled 1375 typeset tmpshare=$TMPDIR/a.${TESTCASE_ID} 1376 $RM -rf $tmpshare 1377 log_must $MKDIR -p $tmpshare 1378 log_must $SHARE $tmpshare 1379 1380 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1381 user_run $user $ZFS set $perm=${modes[$n]} $fs 1382 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; then 1383 return 1 1384 fi 1385 1386 user_run $user $ZFS share $fs 1387 if is_shared $fs; then 1388 return 1 1389 fi 1390 1391 # share permission is needed 1392 log_must $ZFS allow $user share $fs 1393 user_run $user $ZFS share $fs 1394 log_must $ZFS unallow $user share $fs 1395 1396 if [[ $n -eq 0 ]] && ! is_shared $fs ; then 1397 log_must $UNSHARE $tmpshare 1398 log_must $RM -rf $tmpshare 1399 return 1 1400 fi 1401 1402 if [[ $n -eq 1 ]] && is_shared $fs ; then 1403 log_must $UNSHARE $tmpshare 1404 log_must $RM -rf $tmpshare 1405 return 1 1406 fi 1407 1408 log_must $UNSHARE $tmpshare 1409 log_must $RM -rf $tmpshare 1410 1411 return 0 1412} 1413 1414function verify_fs_shareiscsi 1415{ 1416 typeset user=$1 1417 typeset perm=$2 1418 typeset fs=$3 1419 1420 typeset oldval 1421 set -A modes "on" "off" 1422 oldval=$(get_prop $perm $fs) 1423 if [[ $oldval == "on" ]]; then 1424 n=1 1425 elif [[ $oldval == "off" ]]; then 1426 n=0 1427 fi 1428 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1429 user_run $user $ZFS set $perm=${modes[$n]} $fs 1430 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; then 1431 return 1 1432 fi 1433 1434 return 0 1435} 1436 1437function verify_vol_destroy 1438{ 1439 typeset user=$1 1440 typeset perm=$2 1441 typeset vol=$3 1442 1443 user_run $user $ZFS destroy $vol 1444 if ! datasetexists $vol ; then 1445 return 1 1446 fi 1447 1448 # mount permission is required 1449 log_must $ZFS allow $user mount $vol 1450 user_run $user $ZFS destroy $vol 1451 if datasetexists $vol ; then 1452 return 1 1453 fi 1454 1455 return 0 1456} 1457 1458function verify_vol_snapshot 1459{ 1460 typeset user=$1 1461 typeset perm=$2 1462 typeset vol=$3 1463 1464 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1465 typeset basevol=${vol%/*} 1466 typeset snap=$vol@snap.$stamp 1467 1468 user_run $user $ZFS snapshot $snap 1469 if ! datasetexists $snap ; then 1470 return 1 1471 fi 1472 log_must $ZFS destroy $snap 1473 1474 return 0 1475} 1476 1477function verify_vol_rollback 1478{ 1479 typeset user=$1 1480 typeset perm=$2 1481 typeset vol=$3 1482 1483 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1484 typeset basevol=${vol%/*} 1485 typeset snap=$vol@snap.$stamp 1486 1487 typeset oldval 1488 log_must $ZFS snapshot $snap 1489 oldval=$(datasetcksum $vol) 1490 1491 log_must $DD if=/dev/random of=/dev/zvol/$vol \ 1492 bs=512 count=1 1493 1494 user_run $user $ZFS rollback -R $snap 1495 if [[ $oldval != $(datasetcksum $vol) ]]; then 1496 return 1 1497 fi 1498 1499 return 0 1500} 1501 1502function verify_vol_clone 1503{ 1504 typeset user=$1 1505 typeset perm=$2 1506 typeset vol=$3 1507 1508 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1509 typeset basevol=${vol%/*} 1510 typeset snap=$vol@snap.$stamp 1511 typeset clone=$basevol/cvol.$stamp 1512 1513 log_must $ZFS snapshot $snap 1514 1515 user_run $user $ZFS clone $snap $clone 1516 if datasetexists $clone ; then 1517 return 1 1518 fi 1519 1520 log_must $ZFS allow $user create $basevol 1521 user_run $user $ZFS clone $snap $clone 1522 log_must $ZFS unallow $user create $basevol 1523 if datasetexists $clone ; then 1524 return 1 1525 fi 1526 1527 log_must $ZFS allow $user mount $basevol 1528 user_run $user $ZFS clone $snap $clone 1529 log_must $ZFS unallow $user mount $basevol 1530 if datasetexists $clone ; then 1531 return 1 1532 fi 1533 1534 # require create permission on parent and 1535 # mount permission on itself as well 1536 log_must $ZFS allow $user mount $basevol 1537 log_must $ZFS allow $user create $basevol 1538 user_run $user $ZFS clone $snap $clone 1539 log_must $ZFS unallow $user create $basevol 1540 log_must $ZFS unallow $user mount $basevol 1541 if ! datasetexists $clone ; then 1542 return 1 1543 fi 1544 1545 return 0 1546} 1547 1548function verify_vol_rename 1549{ 1550 typeset user=$1 1551 typeset perm=$2 1552 typeset vol=$3 1553 1554 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1555 typeset basevol=${vol%/*} 1556 typeset snap=$vol@snap.$stamp 1557 typeset clone=$basevol/cvol.$stamp 1558 typeset renamevol=$basevol/nvol.$stamp 1559 1560 user_run $user $ZFS rename $vol $renamevol 1561 if datasetexists $renamevol ; then 1562 return 1 1563 fi 1564 1565 log_must $ZFS allow $user create $basevol 1566 user_run $user $ZFS rename $vol $renamevol 1567 log_must $ZFS unallow $user create $basevol 1568 if datasetexists $renamevol ; then 1569 return 1 1570 fi 1571 1572 log_must $ZFS allow $user mount $basevol 1573 user_run $user $ZFS rename $vol $renamevol 1574 log_must $ZFS unallow $user mount $basevol 1575 if datasetexists $renamevol ; then 1576 return 1 1577 fi 1578 1579 # require both create permission on parent and 1580 # mount permission on parent as well 1581 log_must $ZFS allow $user mount $basevol 1582 log_must $ZFS allow $user create $basevol 1583 user_run $user $ZFS rename $vol $renamevol 1584 log_must $ZFS unallow $user mount $basevol 1585 log_must $ZFS unallow $user create $basevol 1586 if ! datasetexists $renamevol ; then 1587 return 1 1588 fi 1589 1590 log_must $ZFS rename $renamevol $vol 1591 1592 return 0 1593} 1594 1595function verify_vol_volsize 1596{ 1597 typeset user=$1 1598 typeset perm=$2 1599 typeset vol=$3 1600 1601 typeset oldval 1602 oldval=$(get_prop volsize $vol) 1603 (( newval = oldval * 2 )) 1604 1605 typeset reserv_size 1606 1607 reserv_size=$(get_prop refreservation $vol) 1608 1609 if [[ "0" == $reserv_size ]]; then 1610 # sparse volume 1611 user_run $user $ZFS set volsize=$newval $vol 1612 if [[ $oldval == $(get_prop volsize $vol) ]]; 1613 then 1614 return 1 1615 fi 1616 1617 else 1618 # normal volume, reservation permission 1619 # is required 1620 user_run $user $ZFS set volsize=$newval $vol 1621 zfs get -p volsize $vol 1622 if [[ $newval != $(get_prop volsize $vol) ]]; 1623 then 1624 return 1 1625 fi 1626 1627 log_must $ZFS allow $user refreservation $vol 1628 user_run $user $ZFS set volsize=$newval $vol 1629 log_must $ZFS unallow $user reservation $vol 1630 log_must $ZFS unallow $user refreservation $vol 1631 if [[ $oldval == $(get_prop volsize $vol) ]]; 1632 then 1633 return 1 1634 fi 1635 fi 1636 1637 return 0 1638} 1639 1640function verify_vol_shareiscsi 1641{ 1642 typeset user=$1 1643 typeset perm=$2 1644 typeset vol=$3 1645 1646 typeset oldval 1647 set -A modes "on" "off" 1648 oldval=$(get_prop $perm $vol) 1649 if [[ $oldval == "on" ]]; then 1650 n=1 1651 elif [[ $oldval == "off" ]]; then 1652 n=0 1653 fi 1654 log_note "$user $ZFS set $perm=${modes[$n]} $vol" 1655 user_run $user $ZFS set $perm=${modes[$n]} $vol 1656 if [[ ${modes[$n]} != $(get_prop $perm $vol) ]]; then 1657 return 1 1658 fi 1659 1660 iscsitgt_setup 1661 1662 if [[ $n -eq 1 ]] && is_iscsi_target $vol ; then 1663 iscsitgt_cleanup 1664 return 1 1665 fi 1666 1667 if [[ $n -eq 0 ]] && ! is_iscsi_target $vol ; then 1668 iscsitgt_cleanup 1669 return 1 1670 fi 1671 1672 iscsitgt_cleanup 1673 1674 return 0 1675} 1676 1677function verify_allow 1678{ 1679 typeset user=$1 1680 typeset perm=$2 1681 typeset dtst=$3 1682 1683 typeset -i ret 1684 1685 user_run $user $ZFS allow $user allow $dtst 1686 ret=$? 1687 if [[ $ret -eq 0 ]]; then 1688 return 1 1689 fi 1690 1691 log_must $ZFS allow $user copies $dtst 1692 user_run $user $ZFS allow $user copies $dtst 1693 ret=$? 1694 log_must $ZFS unallow $user copies $dtst 1695 if [[ $ret -eq 1 ]]; then 1696 return 1 1697 fi 1698 1699 return 0 1700 1701} 1702