1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# $FreeBSD$ 24 25# 26# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 27# Use is subject to license terms. 28# 29# ident "@(#)zfs_allow_004_pos.ksh 1.4 09/08/06 SMI" 30# 31 32. $STF_SUITE/tests/delegate/delegate_common.kshlib 33 34################################################################################# 35# 36# __stc_assertion_start 37# 38# ID: zfs_allow_004_pos 39# 40# DESCRIPTION: 41# Verify option '-d' allow permission to the descendent datasets, and not 42# for this dataset itself. 43# 44# STRATEGY: 45# 1. Create descendent datasets of $ROOT_TESTFS 46# 2. Select user, group and everyone and set descendent permission 47# separately. 48# 3. Set descendent permissions to $ROOT_TESTFS or $ROOT_TESTVOL. 49# 4. Verify those permissions are allowed to $ROOT_TESTFS's 50# descendent dataset. 51# 5. Verify the permissions are not allowed to $ROOT_TESTFS or 52# $ROOT_TESTVOL. 53# 54# TESTABILITY: explicit 55# 56# TEST_AUTOMATION_LEVEL: automated 57# 58# CODING_STATUS: COMPLETED (2006-09-18) 59# 60# __stc_assertion_end 61# 62################################################################################ 63 64verify_runnable "both" 65 66log_assert "Verify option '-d' allow permission to the descendent datasets." 67log_onexit restore_root_datasets 68 69childfs=$ROOT_TESTFS/childfs 70 71eval set -A dataset $DATASETS 72enc=$(get_prop encryption $dataset) 73if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then 74 typeset perms="snapshot,reservation,compression,allow,\ 75userprop" 76else 77 typeset perms="snapshot,reservation,compression,checksum,\ 78allow,userprop" 79fi 80 81if check_version "5.10" ; then 82 perms="${perms},send" 83fi 84 85# Verify option '-d' only affect sub-datasets 86log_must $ZFS create $childfs 87for dtst in $DATASETS ; do 88 log_must $ZFS allow -d $STAFF1 $perms $dtst 89 log_must verify_noperm $dtst $perms $STAFF1 90 if [[ $dtst == $ROOT_TESTFS ]]; then 91 log_must verify_perm $childfs $perms $STAFF1 92 fi 93done 94 95log_must restore_root_datasets 96 97# Verify option '-d + -g' affect group in sub-datasets. 98log_must $ZFS create $childfs 99for dtst in $DATASETS ; do 100 log_must $ZFS allow -d -g $STAFF_GROUP $perms $dtst 101 log_must verify_noperm $dtst $perms $STAFF2 102 if [[ $dtst == $ROOT_TESTFS ]]; then 103 log_must verify_perm $childfs $perms $STAFF2 104 fi 105done 106 107log_must restore_root_datasets 108 109# Verify option '-d + -e' affect everyone in sub-datasets. 110log_must $ZFS create $childfs 111for dtst in $DATASETS ; do 112 log_must $ZFS allow -d -e $perms $dtst 113 log_must verify_noperm $dtst $perms $OTHER1 $OTHER2 114 if [[ $dtst == $ROOT_TESTFS ]]; then 115 log_must verify_perm $childfs $perms $OTHER1 $OTHER2 116 fi 117done 118 119log_must restore_root_datasets 120 121log_pass "Verify option '-d' allow permission to the descendent datasets pass." 122