1# vim: filetype=sh 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# $FreeBSD$ 24 25# 26# Copyright 2008 Sun Microsystems, Inc. All rights reserved. 27# Use is subject to license terms. 28# 29# ident "@(#)delegate_common.kshlib 1.6 08/05/14 SMI" 30# 31 32. $STF_SUITE/include/libtest.kshlib 33 34# 35# Cleanup exist user/group. 36# 37function cleanup_user_group 38{ 39 typeset i 40 for i in $STAFF1 $STAFF2 $OTHER1 $OTHER2 ; do 41 del_user $i 42 done 43 for i in $STAFF_GROUP $OTHER_GROUP ; do 44 del_group $i 45 done 46 47 return 0 48} 49 50# 51# Restore test file system to the original status. 52# 53function restore_root_datasets 54{ 55 if datasetexists $ROOT_TESTFS ; then 56 log_must $ZFS destroy -Rf $ROOT_TESTFS 57 fi 58 log_must $ZFS create $ROOT_TESTFS 59 60 if is_global_zone ; then 61 if datasetexists $ROOT_TESTVOL ; then 62 log_must $ZFS destroy -Rf $ROOT_TESTVOL 63 fi 64 log_must $ZFS create -V $VOLSIZE $ROOT_TESTVOL 65 fi 66 67 return 0 68} 69 70# 71# Verify the specified user have permission on the dataset 72# 73# $1 dataset 74# $2 permissions which are separated by comma(,) 75# $3-n users 76# 77function verify_perm 78{ 79 typeset dtst=$1 80 typeset permissions=$2 81 shift 2 82 83 if [[ -z $@ || -z $permissions || -z $dtst ]]; then 84 return 1 85 fi 86 87 typeset type=$(get_prop type $dtst) 88 permissions=$($ECHO $permissions | $TR -s "," " ") 89 90 typeset user 91 for user in $@; do 92 typeset perm 93 for perm in $permissions; do 94 typeset -i ret=1 95 if [[ $type == "filesystem" ]]; then 96 check_fs_perm $user $perm $dtst 97 ret=$? 98 elif [[ $type == "volume" ]]; then 99 check_vol_perm $user $perm $dtst 100 ret=$? 101 fi 102 103 if ((ret != 0)) ; then 104 log_note "Fail: $user should have $perm " \ 105 "on $dtst" 106 return 1 107 fi 108 done 109 done 110 111 return 0 112} 113 114# 115# Verify the specified user have no permission on the dataset 116# 117# $1 dataset 118# $2 permissions which are separated by comma(,) 119# $3-n users 120# 121function verify_noperm 122{ 123 typeset dtst=$1 124 typeset permissions=$2 125 shift 2 126 127 if [[ -z $@ || -z $permissions || -z $dtst ]]; then 128 return 1 129 fi 130 131 typeset type=$(get_prop type $dtst) 132 permissions=$($ECHO $permissions | $TR -s "," " ") 133 134 typeset user 135 for user in $@; do 136 typeset perm 137 for perm in $permissions; do 138 typeset -i ret=1 139 if [[ $type == "filesystem" ]]; then 140 check_fs_perm $user $perm $dtst 141 ret=$? 142 elif [[ $type == "volume" ]]; then 143 check_vol_perm $user $perm $dtst 144 ret=$? 145 fi 146 147 if ((ret == 0)) ; then 148 log_note "Fail: $user should not have $perm " \ 149 "on $dtst" 150 return 1 151 fi 152 done 153 done 154 155 return 0 156} 157 158function user_run 159{ 160 typeset user=$1 161 typeset group=$($GROUPS $user) 162 shift 163 164 sudo -u $user -g $group $@ 165} 166 167function common_perm 168{ 169 typeset user=$1 170 typeset perm=$2 171 typeset dtst=$3 172 173 typeset -i ret=1 174 case $perm in 175 send) 176 verify_send $user $perm $dtst 177 ret=$? 178 ;; 179 allow) 180 verify_allow $user $perm $dtst 181 ret=$? 182 ;; 183 userprop) 184 verify_userprop $user $perm $dtst 185 ret=$? 186 ;; 187 compression|checksum|readonly) 188 verify_ccr $user $perm $dtst 189 ret=$? 190 ;; 191 copies) 192 verify_copies $user $perm $dtst 193 ret=$? 194 ;; 195 reservation) 196 verify_reservation $user $perm $dtst 197 ret=$? 198 ;; 199 *) 200 ret=1 201 ;; 202 esac 203 204 return $ret 205} 206 207function check_fs_perm 208{ 209 typeset user=$1 210 typeset perm=$2 211 typeset fs=$3 212 213 typeset -i ret=1 214 case $perm in 215 create) 216 verify_fs_create $user $perm $fs 217 ret=$? 218 ;; 219 destroy) 220 verify_fs_destroy $user $perm $fs 221 ret=$? 222 ;; 223 snapshot) 224 verify_fs_snapshot $user $perm $fs 225 ret=$? 226 ;; 227 rollback) 228 verify_fs_rollback $user $perm $fs 229 ret=$? 230 ;; 231 clone) 232 verify_fs_clone $user $perm $fs 233 ret=$? 234 ;; 235 rename) 236 verify_fs_rename $user $perm $fs 237 ret=$? 238 ;; 239 mount) 240 verify_fs_mount $user $perm $fs 241 ret=$? 242 ;; 243 share) 244 verify_fs_share $user $perm $fs 245 ret=$? 246 ;; 247 mountpoint) 248 verify_fs_mountpoint $user $perm $fs 249 ret=$? 250 ;; 251 promote) 252 verify_promote $user $perm $fs 253 ret=$? 254 ;; 255 canmount) 256 verify_fs_canmount $user $perm $fs 257 ret=$? 258 ;; 259 recordsize) 260 verify_fs_recordsize $user $perm $fs 261 ret=$? 262 ;; 263 quota) 264 verify_fs_quota $user $perm $fs 265 ret=$? 266 ;; 267 aclmode) 268 verify_fs_aclmode $user $perm $fs 269 ret=$? 270 ;; 271 aclinherit) 272 verify_fs_aclinherit $user $perm $fs 273 ret=$? 274 ;; 275 snapdir) 276 verify_fs_snapdir $user $perm $fs 277 ret=$? 278 ;; 279 atime|exec|devices|setuid|xattr) 280 verify_fs_aedsx $user $perm $fs 281 ret=$? 282 ;; 283 zoned) 284 verify_fs_zoned $user $perm $fs 285 ret=$? 286 ;; 287 sharenfs) 288 verify_fs_sharenfs $user $perm $fs 289 ret=$? 290 ;; 291 shareiscsi) 292 verify_fs_shareiscsi $user $perm $fs 293 ret=$? 294 ;; 295 receive) 296 verify_fs_receive $user $perm $fs 297 ret=$? 298 ;; 299 *) 300 common_perm $user $perm $fs 301 ret=$? 302 ;; 303 esac 304 305 return $ret 306} 307 308function check_vol_perm 309{ 310 typeset user=$1 311 typeset perm=$2 312 typeset vol=$3 313 314 typeset -i ret=1 315 case $perm in 316 destroy) 317 verify_vol_destroy $user $perm $vol 318 ret=$? 319 ;; 320 snapshot) 321 verify_vol_snapshot $user $perm $vol 322 ret=$? 323 ;; 324 rollback) 325 verify_vol_rollback $user $perm $vol 326 ret=$? 327 ;; 328 clone) 329 verify_vol_clone $user $perm $vol 330 ret=$? 331 ;; 332 rename) 333 verify_vol_rename $user $perm $vol 334 ret=$? 335 ;; 336 promote) 337 verify_promote $user $perm $vol 338 ret=$? 339 ;; 340 volsize) 341 verify_vol_volsize $user $perm $vol 342 ret=$? 343 ;; 344 shareiscsi) 345 verify_vol_shareiscsi $user $perm $vol 346 ret=$? 347 ;; 348 *) 349 common_perm $user $perm $vol 350 ret=$? 351 ;; 352 esac 353 354 return $ret 355} 356 357function setup_unallow_testenv 358{ 359 typeset dtst 360 361 log_must restore_root_datasets 362 363 log_must $ZFS create $SUBFS 364 365 for dtst in $DATASETS ; do 366 log_must $ZFS allow -l $STAFF1 $LOCAL_SET $dtst 367 log_must $ZFS allow -d $STAFF2 $DESC_SET $dtst 368 log_must $ZFS allow $OTHER1 $LOCAL_DESC_SET $dtst 369 log_must $ZFS allow $OTHER2 $LOCAL_DESC_SET $dtst 370 371 log_must verify_perm $dtst $LOCAL_SET $STAFF1 372 log_must verify_perm $dtst $LOCAL_DESC_SET $OTHER1 373 log_must verify_perm $dtst $LOCAL_DESC_SET $OTHER2 374 if [[ $dtst == $ROOT_TESTFS ]]; then 375 log_must verify_perm $SUBFS $DESC_SET $STAFF2 376 log_must verify_perm $SUBFS $LOCAL_DESC_SET $OTHER1 377 log_must verify_perm $SUBFS $LOCAL_DESC_SET $OTHER2 378 fi 379 done 380 381 return 0 382} 383 384# 385# Verify permission send for specified user on the dataset 386# $1 user 387# $2 permission 388# $3 dataset 389# 390function verify_send 391{ 392 typeset user=$1 393 typeset perm=$2 394 typeset dtst=$3 395 396 typeset oldval 397 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 398 typeset snap=$dtst@snap.$stamp 399 400 typeset -i ret=1 401 402 log_must $ZFS snapshot $snap 403 typeset bak_user=$TMPDIR/bak.$user.$stamp 404 typeset bak_root=$TMPDIR/bak.root.$stamp 405 406 user_run $user $ZFS send $snap > $bak_user 407 log_must eval "$ZFS send $snap > $bak_root" 408 log_must $ZFS destroy $snap 409 410 if [[ $(checksum $bak_user) == $(checksum $bak_root) ]]; then 411 ret=0 412 fi 413 414 $RM -rf $bak_user > /dev/null 415 $RM -rf $bak_root > /dev/null 416 417 return $ret 418} 419 420function verify_fs_receive 421{ 422 typeset user=$1 423 typeset perm=$2 424 typeset fs=$3 425 426 typeset dtst 427 typeset oldval 428 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 429 typeset newfs=$fs/newfs.$stamp 430 typeset newvol=$fs/newvol.$stamp 431 typeset bak_user=$TMPDIR/bak.$user.$stamp 432 typeset bak_root=$TMPDIR/bak.root.$stamp 433 434 log_must $ZFS create $newfs 435 typeset datasets="$newfs" 436 if is_global_zone ; then 437 log_must $ZFS create -V $VOLSIZE $newvol 438 datasets="$newfs $newvol" 439 fi 440 441 for dtst in $datasets ; do 442 443 typeset dtstsnap=$dtst@snap.$stamp 444 log_must $ZFS snapshot $dtstsnap 445 446 log_must eval "$ZFS send $dtstsnap > $bak_root" 447 log_must $ZFS destroy -rf $dtst 448 449 user_run $user $ZFS receive $dtst < $bak_root 450 if datasetexists $dtstsnap ; then 451 return 1 452 fi 453 454 log_must $ZFS allow $user create $fs 455 user_run $user $ZFS receive $dtst < $bak_root 456 log_must $ZFS unallow $user create $fs 457 if datasetexists $dtstsnap ; then 458 return 1 459 fi 460 461 log_must $ZFS allow $user mount $fs 462 user_run $user $ZFS receive $dtst < $bak_root 463 log_must $ZFS unallow $user mount $fs 464 if datasetexists $dtstsnap ; then 465 return 1 466 fi 467 468 log_must $ZFS allow $user mount,create $fs 469 user_run $user $ZFS receive $dtst < $bak_root 470 log_must $ZFS unallow $user mount,create $fs 471 if ! datasetexists $dtstsnap ; then 472 return 1 473 fi 474 475 # check the data integrity 476 log_must eval "$ZFS send $dtstsnap > $bak_user" 477 log_must $ZFS destroy -rf $dtst 478 log_must eval "$ZFS receive $dtst < $bak_root" 479 log_must eval "$ZFS send $dtstsnap > $bak_root" 480 log_must $ZFS destroy -rf $dtst 481 if [[ $(checksum $bak_user) != $(checksum $bak_root) ]]; then 482 return 1 483 fi 484 485 $RM -rf $bak_user > /dev/null 486 $RM -rf $bak_root > /dev/null 487 488 done 489 490 return 0 491} 492 493function verify_userprop 494{ 495 typeset user=$1 496 typeset perm=$2 497 typeset dtst=$3 498 499 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 500 501 user_run $user $ZFS set "$user:ts=$stamp" $dtst 502 if [[ $stamp != $(get_prop "$user:ts" $dtst) ]]; then 503 return 1 504 fi 505 log_must $ZFS inherit "$user:ts" $dtst 506 507 return 0 508} 509 510function verify_ccr 511{ 512 typeset user=$1 513 typeset perm=$2 514 typeset dtst=$3 515 516 typeset oldval 517 518 set -A modes "on" "off" 519 oldval=$(get_prop $perm $dtst) 520 if [[ $oldval == "on" ]]; then 521 n=1 522 elif [[ $oldval == "off" ]]; then 523 n=0 524 fi 525 log_note "$user $ZFS set $perm=${modes[$n]} $dtst" 526 user_run $user $ZFS set $perm=${modes[$n]} $dtst 527 if [[ ${modes[$n]} != $(get_prop $perm $dtst) ]]; then 528 return 1 529 fi 530 531 return 0 532} 533 534function verify_copies 535{ 536 typeset user=$1 537 typeset perm=$2 538 typeset dtst=$3 539 540 typeset oldval 541 542 set -A modes 1 2 3 543 oldval=$(get_prop $perm $dtst) 544 if [[ $oldval -eq 1 ]]; then 545 n=1 546 elif [[ $oldval -eq 2 ]]; then 547 n=2 548 elif [[ $oldval -eq 3 ]]; then 549 n=0 550 fi 551 log_note "$user $ZFS set $perm=${modes[$n]} $dtst" 552 user_run $user $ZFS set $perm=${modes[$n]} $dtst 553 if [[ ${modes[$n]} != $(get_prop $perm $dtst) ]]; then 554 return 1 555 fi 556 557 return 0 558} 559 560function verify_reservation 561{ 562 typeset user=$1 563 typeset perm=$2 564 typeset dtst=$3 565 566 typeset value32m=$(( 1024 * 1024 * 32 )) 567 typeset oldval=$(get_prop reservation $dtst) 568 user_run $user $ZFS set reservation=$value32m $dtst 569 if [[ $value32m != $(get_prop reservation $dtst) ]]; then 570 log_must $ZFS set reservation=$oldval $dtst 571 return 1 572 fi 573 574 log_must $ZFS set reservation=$oldval $dtst 575 return 0 576} 577 578function verify_fs_create 579{ 580 typeset user=$1 581 typeset perm=$2 582 typeset fs=$3 583 584 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 585 typeset newfs=$fs/nfs.$stamp 586 typeset newvol=$fs/nvol.$stamp 587 588 user_run $user $ZFS create $newfs 589 if datasetexists $newfs ; then 590 return 1 591 fi 592 593 log_must $ZFS allow $user mount $fs 594 user_run $user $ZFS create $newfs 595 log_must $ZFS unallow $user mount $fs 596 if ! datasetexists $newfs ; then 597 return 1 598 fi 599 log_must $ZFS destroy $newfs 600 601 if is_global_zone ; then 602 # mount permission is required for sparse volume 603 user_run $user $ZFS create -V 150m -s $newvol 604 if datasetexists $newvol ; then 605 return 1 606 fi 607 608 log_must $ZFS allow $user mount $fs 609 user_run $user $ZFS create -V 150m -s $newvol 610 log_must $ZFS unallow $user mount $fs 611 if ! datasetexists $newvol ; then 612 return 1 613 fi 614 log_must $ZFS destroy $newvol 615 616 # mount and reserveration permission are 617 # required for normal volume 618 user_run $user $ZFS create -V 150m $newvol 619 if datasetexists $newvol ; then 620 return 1 621 fi 622 623 log_must $ZFS allow $user mount $fs 624 user_run $user $ZFS create -V 150m $newvol 625 log_must $ZFS unallow $user mount $fs 626 if datasetexists $newvol ; then 627 return 1 628 fi 629 630 log_must $ZFS allow $user reservation $fs 631 user_run $user $ZFS create -V 150m $newvol 632 log_must $ZFS unallow $user reservation $fs 633 if datasetexists $newvol ; then 634 return 1 635 fi 636 637 log_must $ZFS allow $user refreservation $fs 638 user_run $user $ZFS create -V 150m $newvol 639 log_must $ZFS unallow $user refreservation $fs 640 if datasetexists $newvol ; then 641 return 1 642 fi 643 644 log_must $ZFS allow $user mount $fs 645 log_must $ZFS allow $user reservation $fs 646 log_must $ZFS allow $user refreservation $fs 647 user_run $user $ZFS create -V 150m $newvol 648 log_must $ZFS unallow $user mount $fs 649 log_must $ZFS unallow $user reservation $fs 650 log_must $ZFS unallow $user refreservation $fs 651 if ! datasetexists $newvol ; then 652 return 1 653 fi 654 log_must $ZFS destroy $newvol 655 fi 656 657 return 0 658} 659 660function verify_fs_destroy 661{ 662 typeset user=$1 663 typeset perm=$2 664 typeset fs=$3 665 666 if ! ismounted $fs ; then 667 user_run $user $ZFS destroy $fs 668 if datasetexists $fs ; then 669 return 1 670 fi 671 fi 672 673 if ismounted $fs ; then 674 user_run $user $ZFS destroy $fs 675 if ! datasetexists $fs ; then 676 return 1 677 fi 678 679 # mount permission is required 680 log_must $ZFS allow $user mount $fs 681 user_run $user $ZFS destroy $fs 682 if datasetexists $fs ; then 683 return 1 684 fi 685 fi 686 687 return 0 688} 689 690function verify_fs_snapshot 691{ 692 typeset user=$1 693 typeset perm=$2 694 typeset fs=$3 695 696 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 697 typeset snap=$fs@snap.$stamp 698 typeset mntpt=$(get_prop mountpoint $fs) 699 700 if [[ "yes" == $(get_prop mounted $fs) ]]; then 701 log_must $ZFS umount $fs 702 fi 703 user_run $user $ZFS snapshot $snap 704 if ! datasetexists $snap ; then 705 return 1 706 fi 707 log_must $ZFS destroy $snap 708 709 if [[ "no" == $(get_prop mounted $fs) ]]; then 710 log_must $ZFS mount $fs 711 fi 712 user_run $user $ZFS snapshot $snap 713 if ! datasetexists $snap ; then 714 return 1 715 fi 716 log_must $ZFS destroy $snap 717 718 # TODO 719 # FreeBSD does not yet support creating snapshots with mkdir. 720 # See tests/sys/cddl/zfs/tests/snapshot/snapshot_015_pos.ksh 721 # typeset snapdir=${mntpt}/$(get_snapdir_name)/snap.$stamp 722 # user_run $user $MKDIR $snapdir 723 # if ! datasetexists $snap ; then 724 # return 1 725 # fi 726 # log_must $ZFS destroy $snap 727 728 return 0 729} 730 731function verify_fs_rollback 732{ 733 typeset user=$1 734 typeset perm=$2 735 typeset fs=$3 736 737 typeset oldval 738 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 739 typeset snap=$fs@snap.$stamp 740 typeset mntpt=$(get_prop mountpoint $fs) 741 742 oldval=$(datasetcksum $fs) 743 log_must $ZFS snapshot $snap 744 745 if ! ismounted $fs; then 746 log_must $ZFS mount $fs 747 fi 748 log_must $TOUCH $mntpt/testfile.$stamp 749 750 user_run $user $ZFS rollback -R $snap 751 if [[ -e $mntpt/testfile.$stamp ]]; then 752 return 1 753 fi 754 755 # rollback on mounted fs has to be with mount permission 756 log_must $ZFS allow $user mount $fs 757 user_run $user $ZFS rollback -R $snap 758 log_must $ZFS unallow $user mount $fs 759 if is_global_zone ; then 760 if [[ $oldval != $(datasetcksum $fs) ]]; then 761 return 1 762 fi 763 else 764 # datasetcksum can not be used in local zone 765 if [[ -e $mntpt/testfile.$stamp ]]; then 766 return 1 767 fi 768 fi 769 770 return 0 771} 772 773function verify_fs_clone 774{ 775 typeset user=$1 776 typeset perm=$2 777 typeset fs=$3 778 779 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 780 typeset basefs=${fs%/*} 781 typeset snap=$fs@snap.$stamp 782 typeset clone=$basefs/cfs.$stamp 783 784 log_must $ZFS snapshot $snap 785 user_run $user $ZFS clone $snap $clone 786 if datasetexists $clone ; then 787 return 1 788 fi 789 790 log_must $ZFS allow $user create $basefs 791 user_run $user $ZFS clone $snap $clone 792 log_must $ZFS unallow $user create $basefs 793 if datasetexists $clone ; then 794 return 1 795 fi 796 797 log_must $ZFS allow $user mount $basefs 798 user_run $user $ZFS clone $snap $clone 799 log_must $ZFS unallow $user mount $basefs 800 if datasetexists $clone ; then 801 return 1 802 fi 803 804 log_must $ZFS allow $user mount $basefs 805 log_must $ZFS allow $user create $basefs 806 user_run $user $ZFS clone $snap $clone 807 log_must $ZFS unallow $user create $basefs 808 log_must $ZFS unallow $user mount $basefs 809 if ! datasetexists $clone ; then 810 return 1 811 fi 812 813 log_must $ZFS destroy -R $snap 814 815 return 0 816} 817 818function verify_fs_rename 819{ 820 typeset user=$1 821 typeset perm=$2 822 typeset fs=$3 823 824 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 825 typeset basefs=${fs%/*} 826 typeset snap=$fs@snap.$stamp 827 typeset renamefs=$basefs/nfs.$stamp 828 829 if ! ismounted $fs; then 830 log_must $ZFS mount $fs 831 fi 832 833 # case 1 834 user_run $user $ZFS rename $fs $renamefs 835 if datasetexists $renamefs ; then 836 return 1 837 fi 838 839 # case 2 840 log_must $ZFS allow $user create $basefs 841 user_run $user $ZFS rename $fs $renamefs 842 log_must $ZFS unallow $user create $basefs 843 if datasetexists $renamefs ; then 844 return 1 845 fi 846 847 # case 3 848 log_must $ZFS allow $user mount $basefs 849 user_run $user $ZFS rename $fs $renamefs 850 log_must $ZFS unallow $user mount $basefs 851 if datasetexists $renamefs ; then 852 return 1 853 fi 854 855 # case 4 856 log_must $ZFS allow $user mount $fs 857 user_run $user $ZFS rename $fs $renamefs 858 if datasetexists $renamefs ; then 859 log_must $ZFS unallow $user mount $renamefs 860 return 1 861 fi 862 log_must $ZFS unallow $user mount $fs 863 864 # case 5 865 log_must $ZFS allow $user create $basefs 866 log_must $ZFS allow $user mount $fs 867 user_run $user $ZFS rename $fs $renamefs 868 log_must $ZFS unallow $user create $basefs 869 if datasetexists $renamefs ; then 870 log_must $ZFS unallow $user mount $renamefs 871 return 1 872 fi 873 log_must $ZFS unallow $user mount $fs 874 875 # case 6 876 log_must $ZFS allow $user mount $basefs 877 log_must $ZFS allow $user mount $fs 878 user_run $user $ZFS rename $fs $renamefs 879 log_must $ZFS unallow $user mount $basefs 880 if datasetexists $renamefs ; then 881 log_must $ZFS unallow $user mount $renamefs 882 return 1 883 fi 884 log_must $ZFS unallow $user mount $fs 885 886 # case 7 887 log_must $ZFS allow $user create $basefs 888 log_must $ZFS allow $user mount $basefs 889 user_run $user $ZFS rename $fs $renamefs 890 log_must $ZFS unallow $user mount $basefs 891 log_must $ZFS unallow $user create $basefs 892 if ! datasetexists $renamefs ; then 893 return 1 894 fi 895 896 log_must $ZFS rename $renamefs $fs 897 898 return 0 899} 900 901function verify_fs_mount 902{ 903 typeset user=$1 904 typeset perm=$2 905 typeset fs=$3 906 907 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 908 typeset mntpt=$(get_prop mountpoint $fs) 909 typeset newmntpt=$TMPDIR/mnt.$stamp 910 911 if ismounted $fs ; then 912 user_run $user $ZFS unmount $fs 913 if ismounted $fs ; then 914 return 1 915 fi 916 fi 917 918 if ! ismounted $fs ; then 919 log_must $ZFS set mountpoint=$newmntpt $fs 920 log_must $RM -rf $newmntpt 921 log_must $MKDIR $newmntpt 922 923 user_run $user $ZFS mount $fs 924 if ismounted $fs ; then 925 return 1 926 fi 927 928 # mountpoint's owner must be the user 929 log_must $CHOWN $user $newmntpt 930 user_run $user $ZFS mount $fs 931 if ! ismounted $fs ; then 932 return 1 933 fi 934 log_must $ZFS umount $fs 935 log_must $RM -rf $newmntpt 936 log_must $ZFS set mountpoint=$mntpt $fs 937 fi 938 939 return 0 940} 941 942function verify_fs_share 943{ 944 typeset user=$1 945 typeset perm=$2 946 typeset fs=$3 947 948 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 949 typeset mntpt=$(get_prop mountpoint $fs) 950 951 typeset stat=$($SVCS -H -o STA nfs/server:default) 952 if [[ $stat != "ON" ]]; then 953 log_note "Current nfs/server status: $stat" 954 # legacy share 955 user_run $user $SHARE $mntpt 956 if is_shared $fs; then 957 return 1 958 fi 959 960 # sharenfs=on 961 log_must $ZFS set sharenfs=on $fs 962 user_run $user $ZFS share $fs 963 if is_shared $fs; then 964 log_must $ZFS set sharenfs=off $fs 965 return 1 966 fi 967 log_must $ZFS set sharenfs=off $fs 968 fi 969 970 # turn on nfs/server service if it is not enabled 971 typeset tmpshare=$TMPDIR/a.${TESTCASE_ID} 972 $RM -rf $tmpshare 973 log_must $MKDIR -p $tmpshare 974 log_must $SHARE $tmpshare 975 976 # legacy share 977 user_run $user $SHARE $mntpt 978 if ! is_shared $fs ; then 979 log_must $UNSHARE $tmpshare 980 log_must $RM -rf $tmpshare 981 return 1 982 fi 983 984 user_run $user $UNSHARE $mntpt 985 if is_shared $fs ; then 986 log_must $UNSHARE $tmpshare 987 log_must $RM -rf $tmpshare 988 return 1 989 fi 990 991 # sharenfs=on 992 log_must $ZFS set sharenfs=on $fs 993 user_run $user $ZFS share $fs 994 if ! is_shared $fs; then 995 log_must $ZFS set sharenfs=off $fs 996 return 1 997 fi 998 999 user_run $user $ZFS unshare $fs 1000 if is_shared $fs; then 1001 log_must $ZFS set sharenfs=off $fs 1002 return 1 1003 fi 1004 log_must $ZFS set sharenfs=off $fs 1005 1006 log_must $UNSHARE $tmpshare 1007 log_must $RM -rf $tmpshare 1008 1009 return 0 1010} 1011 1012function verify_fs_mountpoint 1013{ 1014 typeset user=$1 1015 typeset perm=$2 1016 typeset fs=$3 1017 1018 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1019 typeset mntpt=$(get_prop mountpoint $fs) 1020 typeset newmntpt=$TMPDIR/mnt.$stamp 1021 1022 if ! ismounted $fs ; then 1023 user_run $user $ZFS set mountpoint=$newmntpt $fs 1024 if [[ $newmntpt != \ 1025 $(get_prop mountpoint $fs) ]] ; then 1026 return 1 1027 fi 1028 log_must $ZFS set mountpoint=$mntpt $fs 1029 fi 1030 1031 if ismounted $fs ; then 1032 user_run $user $ZFS set mountpoint=$newmntpt $fs 1033 if [[ $mntpt != $(get_prop mountpoint $fs) ]] ; 1034 then 1035 return 1 1036 fi 1037 1038 # require mount permission when fs is mounted 1039 log_must $ZFS allow $user mount $fs 1040 user_run $user $ZFS set mountpoint=$newmntpt $fs 1041 log_must $ZFS unallow $user mount $fs 1042 if [[ $newmntpt != \ 1043 $(get_prop mountpoint $fs) ]] ; then 1044 return 1 1045 fi 1046 log_must $ZFS set mountpoint=$mntpt $fs 1047 fi 1048 1049 return 0 1050} 1051 1052function verify_promote 1053{ 1054 typeset user=$1 1055 typeset perm=$2 1056 typeset fs=$3 1057 1058 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1059 typeset basefs=${fs%/*} 1060 typeset snap=$fs@snap.$stamp 1061 typeset clone=$basefs/cfs.$stamp 1062 1063 log_must $ZFS snapshot $snap 1064 log_must $ZFS clone $snap $clone 1065 log_must $ZFS promote $clone 1066 1067 typeset fs_orig=$(get_prop origin $fs) 1068 typeset clone_orig=$(get_prop origin $clone) 1069 1070 user_run $user $ZFS promote $fs 1071 # promote should fail if original fs does not have mount and promote 1072 # permissions 1073 if [[ $fs_orig != $(get_prop origin $fs) || \ 1074 $clone_orig != $(get_prop origin $clone) ]]; then 1075 return 1 1076 fi 1077 1078 # promote should fail if original fs does not have mount permission 1079 log_must $ZFS allow $user promote $clone 1080 user_run $user $ZFS promote $fs 1081 log_must $ZFS unallow $user promote $clone 1082 if [[ $fs_orig != $(get_prop origin $fs) || \ 1083 $clone_orig != $(get_prop origin $clone) ]]; then 1084 return 1 1085 fi 1086 1087 # promote should fail if original fs does not have promote permission 1088 log_must $ZFS allow $user mount $fs 1089 user_run $user $ZFS promote $fs 1090 log_must $ZFS unallow $user mount $fs 1091 if [[ $fs_orig != $(get_prop origin $fs) || \ 1092 $clone_orig != $(get_prop origin $clone) ]]; then 1093 return 1 1094 fi 1095 1096 log_must $ZFS allow $user mount $fs 1097 log_must $ZFS allow $user promote $clone 1098 user_run $user $ZFS promote $fs 1099 log_must $ZFS unallow $user promote $clone 1100 log_must $ZFS unallow $user mount $fs 1101 if [[ $snap != $(get_prop origin $clone) || \ 1102 $clone_orig != $(get_prop origin $fs) ]]; then 1103 return 1 1104 fi 1105 1106 return 0 1107} 1108 1109function verify_fs_canmount 1110{ 1111 typeset user=$1 1112 typeset perm=$2 1113 typeset fs=$3 1114 1115 typeset oldval 1116 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1117 1118 if ! ismounted $fs ; then 1119 set -A modes "on" "off" 1120 oldval=$(get_prop $perm $fs) 1121 if [[ $oldval == "on" ]]; then 1122 n=1 1123 elif [[ $oldval == "off" ]]; then 1124 n=0 1125 fi 1126 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1127 user_run $user $ZFS set $perm=${modes[$n]} $fs 1128 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; 1129 then 1130 return 1 1131 fi 1132 fi 1133 1134 1135 # fs is mounted 1136 if ismounted $fs ; then 1137 # property value does not change if 1138 # no mount permission 1139 set -A modes "on" "off" 1140 oldval=$(get_prop $perm $fs) 1141 if [[ $oldval == "on" ]]; then 1142 n=1 1143 elif [[ $oldval == "off" ]]; then 1144 n=0 1145 fi 1146 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1147 log_must $ZFS allow $user mount $fs 1148 user_run $user $ZFS set $perm=${modes[$n]} $fs 1149 log_must $ZFS unallow $user mount $fs 1150 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; 1151 then 1152 return 1 1153 fi 1154 fi 1155 1156 return 0 1157} 1158 1159function verify_fs_recordsize 1160{ 1161 typeset user=$1 1162 typeset perm=$2 1163 typeset fs=$3 1164 1165 typeset value8k=$(( 1024 * 8 )) 1166 user_run $user $ZFS set recordsize=$value8k $fs 1167 if [[ $value8k != $(get_prop recordsize $fs) ]]; then 1168 return 1 1169 fi 1170 1171 return 0 1172} 1173 1174function verify_fs_quota 1175{ 1176 typeset user=$1 1177 typeset perm=$2 1178 typeset fs=$3 1179 1180 typeset value32m=$(( 1024 * 1024 * 32 )) 1181 user_run $user $ZFS set quota=$value32m $fs 1182 if [[ $value32m != $(get_prop quota $fs) ]]; then 1183 return 1 1184 fi 1185 1186 return 0 1187} 1188 1189function verify_fs_aclmode 1190{ 1191 typeset user=$1 1192 typeset perm=$2 1193 typeset fs=$3 1194 1195 typeset oldval 1196 set -A modes "discard" "groupmask" "passthrough" 1197 oldval=$(get_prop $perm $fs) 1198 if [[ $oldval == "discard" ]]; then 1199 n=1 1200 elif [[ $oldval == "groupmask" ]]; then 1201 n=2 1202 elif [[ $oldval == "passthrough" ]]; then 1203 n=0 1204 fi 1205 log_note "$user $ZFS set aclmode=${modes[$n]} $fs" 1206 user_run $user $ZFS set aclmode=${modes[$n]} $fs 1207 if [[ ${modes[$n]} != $(get_prop aclmode $fs) ]]; then 1208 return 1 1209 fi 1210 1211 return 0 1212} 1213 1214function verify_fs_aclinherit 1215{ 1216 typeset user=$1 1217 typeset perm=$2 1218 typeset fs=$3 1219 1220 # 1221 # PSARC/2008/231 change the default value of aclinherit to "restricted" 1222 # but still keep the old interface of "secure" 1223 # 1224 1225 typeset oldval 1226 set -A modes "discard" "noallow" "secure" "passthrough" 1227 oldval=$(get_prop $perm $fs) 1228 if [[ $oldval == "discard" ]]; then 1229 n=1 1230 elif [[ $oldval == "noallow" ]]; then 1231 n=2 1232 elif [[ $oldval == "secure" || $oldval == "restricted" ]]; then 1233 n=3 1234 elif [[ $oldval == "passthrough" ]]; then 1235 n=0 1236 fi 1237 log_note "$user $ZFS set aclinherit=${modes[$n]} $fs" 1238 user_run $user $ZFS set aclinherit=${modes[$n]} $fs 1239 1240 typeset newval=$(get_prop aclinherit $fs) 1241 if [[ ${modes[$n]} == "secure" && $newval == "restricted" ]]; then 1242 return 0 1243 elif [[ ${modes[$n]} != $(get_prop aclinherit $fs) ]]; then 1244 return 1 1245 fi 1246 1247 return 0 1248} 1249 1250function verify_fs_snapdir 1251{ 1252 typeset user=$1 1253 typeset perm=$2 1254 typeset fs=$3 1255 1256 typeset oldval 1257 set -A modes "visible" "hidden" 1258 oldval=$(get_prop $perm $fs) 1259 if [[ $oldval == "visible" ]]; then 1260 n=1 1261 elif [[ $oldval == "hidden" ]]; then 1262 n=0 1263 fi 1264 log_note "$user $ZFS set snapdir=${modes[$n]} $fs" 1265 user_run $user $ZFS set snapdir=${modes[$n]} $fs 1266 if [[ ${modes[$n]} != $(get_prop snapdir $fs) ]]; then 1267 return 1 1268 fi 1269 1270 return 0 1271} 1272 1273function verify_fs_aedsx 1274{ 1275 typeset user=$1 1276 typeset perm=$2 1277 typeset fs=$3 1278 1279 typeset oldval 1280 set -A modes "on" "off" 1281 oldval=$(get_prop $perm $fs) 1282 if [[ $oldval == "on" ]]; then 1283 n=1 1284 elif [[ $oldval == "off" ]]; then 1285 n=0 1286 fi 1287 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1288 user_run $user $ZFS set $perm=${modes[$n]} $fs 1289 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; then 1290 return 1 1291 fi 1292 1293 return 0 1294} 1295 1296function verify_fs_zoned 1297{ 1298 typeset user=$1 1299 typeset perm=$2 1300 typeset fs=$3 1301 1302 typeset oldval 1303 set -A modes "on" "off" 1304 oldval=$(get_prop $perm $fs) 1305 if [[ $oldval == "on" ]]; then 1306 n=1 1307 elif [[ $oldval == "off" ]]; then 1308 n=0 1309 fi 1310 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1311 if is_global_zone ; then 1312 if ! ismounted $fs ; then 1313 user_run $user $ZFS set \ 1314 $perm=${modes[$n]} $fs 1315 if [[ ${modes[$n]} != \ 1316 $(get_prop $perm $fs) ]]; then 1317 return 1 1318 fi 1319 if [[ $n -eq 0 ]]; then 1320 log_mustnot $ZFS mount $fs 1321 else 1322 log_must $ZFS mount $fs 1323 fi 1324 fi 1325 1326 if ismounted $fs; then 1327 # n always is 1 in this case 1328 user_run $user $ZFS set \ 1329 $perm=${modes[$n]} $fs 1330 if [[ $oldval != \ 1331 $(get_prop $perm $fs) ]]; then 1332 return 1 1333 fi 1334 1335 # mount permission is needed 1336 # to make zoned=on 1337 log_must $ZFS allow $user mount $fs 1338 user_run $user $ZFS set \ 1339 $perm=${modes[$n]} $fs 1340 log_must $ZFS unallow $user mount $fs 1341 if [[ ${modes[$n]} != \ 1342 $(get_prop $perm $fs) ]]; then 1343 return 1 1344 fi 1345 fi 1346 fi 1347 1348 if ! is_global_zone; then 1349 user_run $user $ZFS set $perm=${modes[$n]} $fs 1350 if [[ $oldval != $(get_prop $perm $fs) ]]; then 1351 return 1 1352 fi 1353 fi 1354 1355 return 0 1356} 1357 1358function verify_fs_sharenfs 1359{ 1360 typeset user=$1 1361 typeset perm=$2 1362 typeset fs=$3 1363 1364 typeset oldval 1365 set -A modes "on" "off" 1366 oldval=$(get_prop $perm $fs) 1367 if [[ $oldval == "on" ]]; then 1368 n=1 1369 elif [[ $oldval == "off" ]]; then 1370 n=0 1371 fi 1372 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1373 user_run $user $ZFS set $perm=${modes[$n]} $fs 1374 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; then 1375 return 1 1376 fi 1377 log_must $ZFS set $perm=$oldval $fs 1378 1379 # turn on nfs/server service if it is not enabled 1380 typeset tmpshare=$TMPDIR/a.${TESTCASE_ID} 1381 $RM -rf $tmpshare 1382 log_must $MKDIR -p $tmpshare 1383 log_must $SHARE $tmpshare 1384 1385 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1386 user_run $user $ZFS set $perm=${modes[$n]} $fs 1387 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; then 1388 return 1 1389 fi 1390 1391 user_run $user $ZFS share $fs 1392 if is_shared $fs; then 1393 return 1 1394 fi 1395 1396 # share permission is needed 1397 log_must $ZFS allow $user share $fs 1398 user_run $user $ZFS share $fs 1399 log_must $ZFS unallow $user share $fs 1400 1401 if [[ $n -eq 0 ]] && ! is_shared $fs ; then 1402 log_must $UNSHARE $tmpshare 1403 log_must $RM -rf $tmpshare 1404 return 1 1405 fi 1406 1407 if [[ $n -eq 1 ]] && is_shared $fs ; then 1408 log_must $UNSHARE $tmpshare 1409 log_must $RM -rf $tmpshare 1410 return 1 1411 fi 1412 1413 log_must $UNSHARE $tmpshare 1414 log_must $RM -rf $tmpshare 1415 1416 return 0 1417} 1418 1419function verify_fs_shareiscsi 1420{ 1421 typeset user=$1 1422 typeset perm=$2 1423 typeset fs=$3 1424 1425 typeset oldval 1426 set -A modes "on" "off" 1427 oldval=$(get_prop $perm $fs) 1428 if [[ $oldval == "on" ]]; then 1429 n=1 1430 elif [[ $oldval == "off" ]]; then 1431 n=0 1432 fi 1433 log_note "$user $ZFS set $perm=${modes[$n]} $fs" 1434 user_run $user $ZFS set $perm=${modes[$n]} $fs 1435 if [[ ${modes[$n]} != $(get_prop $perm $fs) ]]; then 1436 return 1 1437 fi 1438 1439 return 0 1440} 1441 1442function verify_vol_destroy 1443{ 1444 typeset user=$1 1445 typeset perm=$2 1446 typeset vol=$3 1447 1448 user_run $user $ZFS destroy $vol 1449 if ! datasetexists $vol ; then 1450 return 1 1451 fi 1452 1453 # mount permission is required 1454 log_must $ZFS allow $user mount $vol 1455 user_run $user $ZFS destroy $vol 1456 if datasetexists $vol ; then 1457 return 1 1458 fi 1459 1460 return 0 1461} 1462 1463function verify_vol_snapshot 1464{ 1465 typeset user=$1 1466 typeset perm=$2 1467 typeset vol=$3 1468 1469 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1470 typeset basevol=${vol%/*} 1471 typeset snap=$vol@snap.$stamp 1472 1473 user_run $user $ZFS snapshot $snap 1474 if ! datasetexists $snap ; then 1475 return 1 1476 fi 1477 log_must $ZFS destroy $snap 1478 1479 return 0 1480} 1481 1482function verify_vol_rollback 1483{ 1484 typeset user=$1 1485 typeset perm=$2 1486 typeset vol=$3 1487 1488 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1489 typeset basevol=${vol%/*} 1490 typeset snap=$vol@snap.$stamp 1491 1492 typeset oldval 1493 log_must $ZFS snapshot $snap 1494 oldval=$(datasetcksum $vol) 1495 1496 log_must $DD if=/dev/random of=/dev/zvol/$vol \ 1497 bs=512 count=1 1498 1499 user_run $user $ZFS rollback -R $snap 1500 if [[ $oldval != $(datasetcksum $vol) ]]; then 1501 return 1 1502 fi 1503 1504 return 0 1505} 1506 1507function verify_vol_clone 1508{ 1509 typeset user=$1 1510 typeset perm=$2 1511 typeset vol=$3 1512 1513 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1514 typeset basevol=${vol%/*} 1515 typeset snap=$vol@snap.$stamp 1516 typeset clone=$basevol/cvol.$stamp 1517 1518 log_must $ZFS snapshot $snap 1519 1520 user_run $user $ZFS clone $snap $clone 1521 if datasetexists $clone ; then 1522 return 1 1523 fi 1524 1525 log_must $ZFS allow $user create $basevol 1526 user_run $user $ZFS clone $snap $clone 1527 log_must $ZFS unallow $user create $basevol 1528 if datasetexists $clone ; then 1529 return 1 1530 fi 1531 1532 log_must $ZFS allow $user mount $basevol 1533 user_run $user $ZFS clone $snap $clone 1534 log_must $ZFS unallow $user mount $basevol 1535 if datasetexists $clone ; then 1536 return 1 1537 fi 1538 1539 # require create permission on parent and 1540 # mount permission on itself as well 1541 log_must $ZFS allow $user mount $basevol 1542 log_must $ZFS allow $user create $basevol 1543 user_run $user $ZFS clone $snap $clone 1544 log_must $ZFS unallow $user create $basevol 1545 log_must $ZFS unallow $user mount $basevol 1546 if ! datasetexists $clone ; then 1547 return 1 1548 fi 1549 1550 return 0 1551} 1552 1553function verify_vol_rename 1554{ 1555 typeset user=$1 1556 typeset perm=$2 1557 typeset vol=$3 1558 1559 typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') 1560 typeset basevol=${vol%/*} 1561 typeset snap=$vol@snap.$stamp 1562 typeset clone=$basevol/cvol.$stamp 1563 typeset renamevol=$basevol/nvol.$stamp 1564 1565 user_run $user $ZFS rename $vol $renamevol 1566 if datasetexists $renamevol ; then 1567 return 1 1568 fi 1569 1570 log_must $ZFS allow $user create $basevol 1571 user_run $user $ZFS rename $vol $renamevol 1572 log_must $ZFS unallow $user create $basevol 1573 if datasetexists $renamevol ; then 1574 return 1 1575 fi 1576 1577 log_must $ZFS allow $user mount $basevol 1578 user_run $user $ZFS rename $vol $renamevol 1579 log_must $ZFS unallow $user mount $basevol 1580 if datasetexists $renamevol ; then 1581 return 1 1582 fi 1583 1584 # require both create permission on parent and 1585 # mount permission on parent as well 1586 log_must $ZFS allow $user mount $basevol 1587 log_must $ZFS allow $user create $basevol 1588 user_run $user $ZFS rename $vol $renamevol 1589 log_must $ZFS unallow $user mount $basevol 1590 log_must $ZFS unallow $user create $basevol 1591 if ! datasetexists $renamevol ; then 1592 return 1 1593 fi 1594 1595 log_must $ZFS rename $renamevol $vol 1596 1597 return 0 1598} 1599 1600function verify_vol_volsize 1601{ 1602 typeset user=$1 1603 typeset perm=$2 1604 typeset vol=$3 1605 1606 typeset oldval 1607 oldval=$(get_prop volsize $vol) 1608 (( newval = oldval * 2 )) 1609 1610 typeset reserv_size 1611 1612 reserv_size=$(get_prop refreservation $vol) 1613 1614 if [[ "0" == $reserv_size ]]; then 1615 # sparse volume 1616 user_run $user $ZFS set volsize=$newval $vol 1617 if [[ $oldval == $(get_prop volsize $vol) ]]; 1618 then 1619 return 1 1620 fi 1621 1622 else 1623 # normal volume, reservation permission 1624 # is required 1625 user_run $user $ZFS set volsize=$newval $vol 1626 zfs get -p volsize $vol 1627 if [[ $newval != $(get_prop volsize $vol) ]]; 1628 then 1629 return 1 1630 fi 1631 1632 log_must $ZFS allow $user refreservation $vol 1633 user_run $user $ZFS set volsize=$newval $vol 1634 log_must $ZFS unallow $user reservation $vol 1635 log_must $ZFS unallow $user refreservation $vol 1636 if [[ $oldval == $(get_prop volsize $vol) ]]; 1637 then 1638 return 1 1639 fi 1640 fi 1641 1642 return 0 1643} 1644 1645function verify_vol_shareiscsi 1646{ 1647 typeset user=$1 1648 typeset perm=$2 1649 typeset vol=$3 1650 1651 typeset oldval 1652 set -A modes "on" "off" 1653 oldval=$(get_prop $perm $vol) 1654 if [[ $oldval == "on" ]]; then 1655 n=1 1656 elif [[ $oldval == "off" ]]; then 1657 n=0 1658 fi 1659 log_note "$user $ZFS set $perm=${modes[$n]} $vol" 1660 user_run $user $ZFS set $perm=${modes[$n]} $vol 1661 if [[ ${modes[$n]} != $(get_prop $perm $vol) ]]; then 1662 return 1 1663 fi 1664 1665 iscsitgt_setup 1666 1667 if [[ $n -eq 1 ]] && is_iscsi_target $vol ; then 1668 iscsitgt_cleanup 1669 return 1 1670 fi 1671 1672 if [[ $n -eq 0 ]] && ! is_iscsi_target $vol ; then 1673 iscsitgt_cleanup 1674 return 1 1675 fi 1676 1677 iscsitgt_cleanup 1678 1679 return 0 1680} 1681 1682function verify_allow 1683{ 1684 typeset user=$1 1685 typeset perm=$2 1686 typeset dtst=$3 1687 1688 typeset -i ret 1689 1690 user_run $user $ZFS allow $user allow $dtst 1691 ret=$? 1692 if [[ $ret -eq 0 ]]; then 1693 return 1 1694 fi 1695 1696 log_must $ZFS allow $user copies $dtst 1697 user_run $user $ZFS allow $user copies $dtst 1698 ret=$? 1699 log_must $ZFS unallow $user copies $dtst 1700 if [[ $ret -eq 1 ]]; then 1701 return 1 1702 fi 1703 1704 return 0 1705 1706} 1707