1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26 27. $STF_SUITE/tests/delegate/delegate_common.kshlib 28 29################################################################################# 30# 31# __stc_assertion_start 32# 33# ID: zfs_allow_004_pos 34# 35# DESCRIPTION: 36# Verify option '-d' allow permission to the descendent datasets, and not 37# for this dataset itself. 38# 39# STRATEGY: 40# 1. Create descendent datasets of $ROOT_TESTFS 41# 2. Select user, group and everyone and set descendent permission 42# separately. 43# 3. Set descendent permissions to $ROOT_TESTFS or $ROOT_TESTVOL. 44# 4. Verify those permissions are allowed to $ROOT_TESTFS's 45# descendent dataset. 46# 5. Verify the permissions are not allowed to $ROOT_TESTFS or 47# $ROOT_TESTVOL. 48# 49# TESTABILITY: explicit 50# 51# TEST_AUTOMATION_LEVEL: automated 52# 53# CODING_STATUS: COMPLETED (2006-09-18) 54# 55# __stc_assertion_end 56# 57################################################################################ 58 59verify_runnable "both" 60 61log_assert "Verify option '-d' allow permission to the descendent datasets." 62log_onexit restore_root_datasets 63 64childfs=$ROOT_TESTFS/childfs 65 66eval set -A dataset $DATASETS 67enc=$(get_prop encryption $dataset) 68if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then 69 typeset perms="snapshot,reservation,compression,allow,\ 70userprop" 71else 72 typeset perms="snapshot,reservation,compression,checksum,\ 73allow,userprop" 74fi 75 76if check_version "5.10" ; then 77 perms="${perms},send" 78fi 79 80# Verify option '-d' only affect sub-datasets 81log_must $ZFS create $childfs 82for dtst in $DATASETS ; do 83 log_must $ZFS allow -d $STAFF1 $perms $dtst 84 log_must verify_noperm $dtst $perms $STAFF1 85 if [[ $dtst == $ROOT_TESTFS ]]; then 86 log_must verify_perm $childfs $perms $STAFF1 87 fi 88done 89 90log_must restore_root_datasets 91 92# Verify option '-d + -g' affect group in sub-datasets. 93log_must $ZFS create $childfs 94for dtst in $DATASETS ; do 95 log_must $ZFS allow -d -g $STAFF_GROUP $perms $dtst 96 log_must verify_noperm $dtst $perms $STAFF2 97 if [[ $dtst == $ROOT_TESTFS ]]; then 98 log_must verify_perm $childfs $perms $STAFF2 99 fi 100done 101 102log_must restore_root_datasets 103 104# Verify option '-d + -e' affect everyone in sub-datasets. 105log_must $ZFS create $childfs 106for dtst in $DATASETS ; do 107 log_must $ZFS allow -d -e $perms $dtst 108 log_must verify_noperm $dtst $perms $OTHER1 $OTHER2 109 if [[ $dtst == $ROOT_TESTFS ]]; then 110 log_must verify_perm $childfs $perms $OTHER1 $OTHER2 111 fi 112done 113 114log_must restore_root_datasets 115 116log_pass "Verify option '-d' allow permission to the descendent datasets pass." 117