Mercurial > illumos > illumos-gate
diff usr/src/test/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_chmod_rwx_004_pos.ksh @ 13899:0bcf78798346
3311 Want a test framework for arbitrary OS unit tests
3312 Add a testrunner package for OS unit tests
3313 Add a testrunner package to convert ZFS tests from STF
Reviewed by: Matt Ahrens <matthew.ahrens@delphix.com>
Reviewed by: Will Guyette <will.guyette@delphix.com>
Reviewed by: Dan Kimmel <dan.kimmel@delphix.com>
Reviewed by: Adam Leventhal <ahl@delphix.com>
Reviewed by: Henrik Mattson <henrik.mattson@delphix.com>
Reviewed by: Sonu Pillai <sonu.pillai@delphix.com>
Reviewed by: Christopher Siden <chris.siden@delphix.com>
Reviewed by: George Wilson <george.wilson@delphix.com>
Reviewed by: Richard Lowe <richlowe@richlowe.net>
Approved by: Richard Lowe <richlowe@richlowe.net>
| author | John Wren Kennedy <john.kennedy@delphix.com> |
|---|---|
| date | Wed, 05 Dec 2012 22:04:50 -0500 |
| parents | |
| children |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/usr/src/test/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_chmod_rwx_004_pos.ksh Wed Dec 05 22:04:50 2012 -0500 @@ -0,0 +1,138 @@ +#!/bin/ksh -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2007 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# + +# +# Copyright (c) 2012 by Delphix. All rights reserved. +# + +. $STF_SUITE/tests/functional/acl/acl_common.kshlib + +# +# DESCRIPTION: +# Verify that explicit ACL setting to specified user or group will +# override existed access rule. +# +# STRATEGY: +# 1. Loop root and non-root user. +# 2. Loop the specified access one by one. +# 3. Loop verify explicit ACL set to specified user and group. +# + +verify_runnable "both" + +function check_access #log user node access rflag +{ + typeset log=$1 + typeset user=$2 + typeset node=$3 + typeset access=$4 + typeset rflag=$5 + + if [[ $rflag == "allow" && $access == execute ]]; then + rwx_node $user $node $access + # + # When everyone@ were deny, this file can't execute. + # So,'cannot execute' means user has the permission to + # execute, just the file can't be execute. + # + if [[ $ZFS_ACL_ERR_STR == *"cannot execute"* ]]; then + log_note "SUCCESS: rwx_node $user $node $access" + else + log_fail "FAIL: rwx_node $user $node $access" + fi + else + $log rwx_node $user $node $access + fi +} + +function verify_explicit_ACL_rule #node access flag +{ + typeset node=$1 + typeset access=$2 + typeset flag=$3 + typeset log rlog rflag + + # Get the expect log check + if [[ $flag == allow ]]; then + log=log_mustnot + rlog=log_must + rflag=deny + else + log=log_must + rlog=log_mustnot + rflag=allow + fi + + log_must usr_exec $CHMOD A+everyone@:$access:$flag $node + log_must usr_exec $CHMOD A+user:$ZFS_ACL_OTHER1:$access:$rflag $node + check_access $log $ZFS_ACL_OTHER1 $node $access $rflag + log_must usr_exec $CHMOD A0- $node + + log_must usr_exec \ + $CHMOD A+group:$ZFS_ACL_OTHER_GROUP:$access:$rflag $node + check_access $log $ZFS_ACL_OTHER1 $node $access $rflag + check_access $log $ZFS_ACL_OTHER2 $node $access $rflag + log_must usr_exec $CHMOD A0- $node + log_must usr_exec $CHMOD A0- $node + + log_must usr_exec \ + $CHMOD A+group:$ZFS_ACL_OTHER_GROUP:$access:$flag $node + log_must usr_exec $CHMOD A+user:$ZFS_ACL_OTHER1:$access:$rflag $node + $log rwx_node $ZFS_ACL_OTHER1 $node $access + $rlog rwx_node $ZFS_ACL_OTHER2 $node $access + log_must usr_exec $CHMOD A0- $node + log_must usr_exec $CHMOD A0- $node +} + +log_assert "Verify that explicit ACL setting to specified user or group will" \ + "override existed access rule." +log_onexit cleanup + +set -A a_access "read_data" "write_data" "execute" +set -A a_flag "allow" "deny" +typeset node + +for user in root $ZFS_ACL_STAFF1; do + log_must set_cur_usr $user + + log_must usr_exec $TOUCH $testfile + log_must usr_exec $MKDIR $testdir + log_must usr_exec $CHMOD 755 $testfile $testdir + + for node in $testfile $testdir; do + for access in ${a_access[@]}; do + for flag in ${a_flag[@]}; do + verify_explicit_ACL_rule $node $access $flag + done + done + done + + log_must usr_exec $RM -rf $testfile $testdir +done + +log_pass "Explicit ACL setting to specified user or group will override " \ + "existed access rule passed."