1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2008 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26# 27# ident "@(#)zfs_allow_002_pos.ksh 1.3 08/11/03 SMI" 28# 29 30. $STF_SUITE/tests/delegate/delegate_common.kshlib 31 32################################################################################# 33# 34# __stc_assertion_start 35# 36# ID: zfs_allow_002_pos 37# 38# DESCRIPTION: 39# <user|group> argument is interpreted as a user if possible, then as a group as 40# possible. 41# 42# STRATEGY: 43# 1. Create user $STAFF_GROUP 44# 2. Delegate permissions to $STAFF_GROUP 45# 3. Verify user $STAFF_GROUP has the permissions. 46# 4. Delete user $STAFF_GROUP and allow the permission to $STAFF_GROUP 47# 5. Verify $STAFF_GROUP is interpreted as group. 48# 49# TESTABILITY: explicit 50# 51# TEST_AUTOMATION_LEVEL: automated 52# 53# CODING_STATUS: COMPLETED (2006-09-14) 54# 55# __stc_assertion_end 56# 57################################################################################ 58 59verify_runnable "both" 60 61function cleanup 62{ 63 if $ID $STAFF_GROUP > /dev/null 2>&1; then 64 log_must del_user $STAFF_GROUP 65 fi 66} 67 68log_assert "<user|group> is interpreted as user if possible, then as group." 69log_onexit cleanup 70 71eval set -A dataset $DATASETS 72enc=$(get_prop encryption $dataset) 73if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then 74 typeset perms="snapshot,reservation,compression,send,allow,\ 75userprop" 76else 77 typeset perms="snapshot,reservation,compression,checksum,\ 78send,allow,userprop" 79fi 80 81log_must $USERADD $STAFF_GROUP 82for dtst in $DATASETS ; do 83 log_must $ZFS allow $STAFF_GROUP $perms $dtst 84 log_must verify_perm $dtst $perms $STAFF_GROUP 85 log_must verify_noperm $dtst $perms $STAFF1 $STAFF2 86done 87 88log_must restore_root_datasets 89 90log_must del_user $STAFF_GROUP 91for dtst in $datasets ; do 92 log_must $ZFS allow $STAFF_GROUP $perms $dtst 93 log_must verify_perm $dtst $perms $STAFF1 $STAFF2 94done 95 96log_pass "<user|group> is interpreted as user if possible, then as group passed." 97