Mercurial > illumos > illumos-gate
diff usr/src/test/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_chmod_001_neg.ksh @ 13899:0bcf78798346
3311 Want a test framework for arbitrary OS unit tests
3312 Add a testrunner package for OS unit tests
3313 Add a testrunner package to convert ZFS tests from STF
Reviewed by: Matt Ahrens <matthew.ahrens@delphix.com>
Reviewed by: Will Guyette <will.guyette@delphix.com>
Reviewed by: Dan Kimmel <dan.kimmel@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Henrik Mattson <henrik.mattson@delphix.com>
Reviewed by: Sonu Pillai <sonu.pillai@delphix.com>
Reviewed by: Christopher Siden <chris.siden@delphix.com>
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Richard Lowe <richlowe@richlowe.net>
Approved by: Richard Lowe <richlowe@richlowe.net>
| author | John Wren Kennedy <john.kennedy@delphix.com> |
|---|---|
| date | Wed, 05 Dec 2012 22:04:50 -0500 |
| parents | |
| children |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/usr/src/test/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_chmod_001_neg.ksh Wed Dec 05 22:04:50 2012 -0500 @@ -0,0 +1,131 @@ +#!/bin/ksh -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2009 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# + +. $STF_SUITE/tests/functional/acl/acl_common.kshlib + +# +# DESCRIPTION: +# Verify 1) Illegal options to chmod should fail. +# 2) Delete all the ACE will lead to fail. +# 3) Add ACE exceed 1024 will cause to fail. +# +# STRATEGY: +# 1. Loop root and non-root users +# 2. Verify all kinds of illegal option will lead to chmod failed. +# 3. Verify 'chmod A0-' will fail when try to delete all the ACE. +# 4. Verify 'chmod A+' will succeed when the ACE number exceed 1024. +# + +verify_runnable "both" + +log_assert "Verify illegal operating to ACL, it will fail." +log_onexit cleanup + +function err_opts #node +{ + typeset A_opts="+A@ -A#- +A% =A^ =A# =A@ +A#\ asd \ + A+@ A-#- A+% A=^ A=# A=@ A+#" + + log_note "Illegal option to chmod should fail." + for A in ${A_opts[@]}; do + log_mustnot usr_exec $CHMOD ${A}owner@:read_data:allow $node + log_mustnot usr_exec $CHMOD A+ asd owner@:execute:deny $node + done + + typeset type_opts="everyone groups owner user@ users" + for tp in ${type_opts[@]}; do + log_mustnot usr_exec $CHMOD A+$tp:read_data:deny $node + done + + return 0 +} + +function del_all_ACE #node +{ + typeset node=$1 + typeset -i cnt + + cnt=$(count_ACE $node) + while (( cnt > 0 )); do + if (( cnt == 1 )); then + log_mustnot $CHMOD A0- $node + else + log_must $CHMOD A0- $node + fi + + (( cnt -= 1 )) + done + + return 0 +} + +function exceed_max_ACE #node +{ + typeset node=$1 + typeset -i max=1024 + typeset -i cnt + + cnt=$(count_ACE $node) + + # One more ACE exceed the max limitation. + (( max = max - cnt + 1 )) + while (( max > 0 )); do + if (( max == 1 )); then + log_mustnot $CHMOD A+owner@:read_data:allow $node + else + $CHMOD A+owner@:read_data:allow $node + if (($? != 0)); then + ((cnt = 1024 - max)) + log_fail "Add No.$cnt ACL item failed." + fi + fi + + (( max -= 1 )) + done + + return 0 +} + +typeset node +typeset func_name="err_opts del_all_ACE exceed_max_ACE" + +for usr in "root" "$ZFS_ACL_STAFF1"; do + log_must set_cur_usr $usr + + for node in $testfile $testdir; do + log_must usr_exec $TOUCH $testfile + log_must usr_exec $MKDIR $testdir + + for func in $func_name; do + log_must eval "$func $node" + done + + log_must usr_exec $RM -rf $testfile $testdir + done +done + +log_pass "Verify illegal operating to ACL passed."