da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#!/bin/ksh -p
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# CDDL HEADER START
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# The contents of this file are subject to the terms of the
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# Common Development and Distribution License (the "License").
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin# You may not use this file except in compliance with the License.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# or http://www.opensolaris.org/os/licensing.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# See the License for the specific language governing permissions
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# and limitations under the License.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# When distributing Covered Code, include this CDDL HEADER in each
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# If applicable, add the following below this CDDL HEADER, with the
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# fields enclosed by brackets "[]" replaced with your own identifying
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# information: Portions Copyright [yyyy] [name of copyright owner]
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# CDDL HEADER END
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# Copyright 2009 Sun Microsystems, Inc. All rights reserved.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# Use is subject to license terms.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# Copyright (c) 2012, 2016 by Delphix. All rights reserved.
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin. $STF_SUITE/tests/functional/acl/acl_common.kshlib
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# DESCRIPTION:
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# chmod A{+|-|=} could set compact ACL correctly.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# STRATEGY:
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# 1. Loop root and non-root user.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# 2. Get the random compact ACL string.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# 4. Separately chmod +|-|=
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# 5. Check compact ACL display as expected
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chinverify_runnable "both"
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chinlog_assert "chmod A{+|=} should set compact ACL correctly."
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chinlog_onexit cleanup
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chintypeset a_flag=('owner' 'group' 'everyone')
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chintypeset a_access=('r' 'w' 'x' 'p' 'd' 'D' 'a' 'A' 'R' 'W' 'c' 'C' 'o' 's')
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chintypeset a_inherit_object=('f' 'd')
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chintypeset a_inherit_strategy=('i' 'n')
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chintypeset a_type=('allow' 'deny')
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# Get a random item from an array.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# $1 the base set
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chinfunction random_select
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin{
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset arr_name=$1
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset -i ind
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin eval typeset -i cnt=\${#${arr_name}[@]}
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin ((ind = $RANDOM % cnt))
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin eval print \${${arr_name}[$ind]}
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin}
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin# Create a random string according to array name, the item number and
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# separated tag.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz# $1 array name where the function get the elements
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# $2 the items number which you want to form the random string
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz# $3 the separated tag
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz#
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainzfunction form_random_str
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz{
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz typeset arr_name=$1
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz typeset -i count=${2:-1}
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz typeset sep=${3:-""}
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz typeset str=""
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz while ((count > 0)); do
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz str="${str}$(random_select $arr_name)${sep}"
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz ((count -= 1))
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz done
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz print $str
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz}
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz#
34f9b3eef6fdadbda0a846aa4d68691ac40eace5Roland Mainz# According to the input ACE access,ACE type, and inherit flags, return the
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# expect compact ACE that could be used by chmod A0{+|=}'.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# $1 ACE flag which is owner, group, or everyone
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# $2 ACE access generated by the element of a_access
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# $3 ACE inherit_object generated by the element of a_inherit_object
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# $4 ACE inherit_strategy generated by the element of a_inherit_strategy
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# $5 ACE type which is allow or deny
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chinfunction cal_ace
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin{
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset acl_flag=$1
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset acl_access=$2
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset acl_inherit_object=$3
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset acl_inherit_strategy=$4
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset acl_type=$5
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin tmp_ace=${acl_flag}@:
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin for element in ${a_access[@]} ; do
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin if [[ $acl_access == *"$element"* ]]; then
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin tmp_ace="${tmp_ace}${element}"
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin else
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin tmp_ace="${tmp_ace}-"
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin fi
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin done
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin tmp_ace=${tmp_ace}:
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin for element in ${a_inherit_object[@]} ; do
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin if [[ $acl_inherit_object == *"$element"* ]]; then
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin tmp_ace="${tmp_ace}${element}"
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin else
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin tmp_ace="${tmp_ace}-"
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin fi
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin done
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin for element in ${a_inherit_strategy[@]} ; do
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin if [[ $acl_inherit_strategy == *"$element"* ]]; then
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin tmp_ace="${tmp_ace}${element}"
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin else
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin tmp_ace="${tmp_ace}-"
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin fi
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin done
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin tmp_ace=${tmp_ace}---:${acl_type}
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin echo "${tmp_ace}"
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin}
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin# Check if chmod set the compact ACE correctly.
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin#
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chinfunction check_test_result
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin{
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset node=$1
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset acl_flag=$2
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin typeset acl_access=$3
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin typeset acl_inherit_object=$4
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin typeset acl_inherit_strategy=$5
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin typeset acl_type=$6
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin typeset expect_ace=$(cal_ace "$acl_flag" "$acl_access" \
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin "$acl_inherit_object" "$acl_inherit_strategy" "$acl_type")
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin typeset cur_ace=$(get_ACE $node 0 "compact")
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin if [[ $cur_ace != $expect_ace ]]; then
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin log_fail "FAIL: Current map($cur_ace) != \
7c2fbfb345896881c631598ee3852ce9ce33fb07April Chin expected ace($expect_ace)"
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin fi
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin}
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chinfunction test_chmod_map
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin{
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset node=$1
da2e3ebdc1edfbc5028edf1354e7dd2fa69a7968chin typeset acl_flag acl_access acl_inherit_object acl_inherit_strategy \
acl_type
typeset -i cnt
if ((${#node} == 0)); then
log_fail "FAIL: file name or directroy name is not defined."
fi
# Get ACL flag, access & type
acl_flag=$(form_random_str a_flag)
((cnt = ($RANDOM % ${#a_access[@]}) + 1))
acl_access=$(form_random_str a_access $cnt)
acl_access=${acl_access%/}
acl_type=$(form_random_str a_type 1)
acl_spec=${acl_flag}@:${acl_access}
if [[ -d $node ]]; then
# Get ACL inherit_object & inherit_strategy
((cnt = ($RANDOM % ${#a_inherit_object[@]}) + 1))
acl_inherit_object=$(form_random_str a_inherit_object $cnt)
((cnt = ($RANDOM % ${#a_inherit_strategy[@]}) + 1))
acl_inherit_strategy=$(form_random_str a_inherit_strategy $cnt)
acl_spec=${acl_spec}:${acl_inherit_object}${acl_inherit_strategy}
fi
acl_spec=${acl_spec}:${acl_type}
# Set the initial map and back the initial ACEs
typeset orig_ace=/tmp/orig_ace.$$
typeset cur_ace=/tmp/cur_ace.$$
for operator in "A0+" "A0="; do
log_must usr_exec eval "ls -Vd $node > $orig_ace"
# To "A=", firstly add one ACE which can't modify map
if [[ $operator == "A0=" ]]; then
log_must chmod A0+user:$ZFS_ACL_OTHER1:execute:deny \
$node
fi
log_must usr_exec chmod ${operator}${acl_spec} $node
check_test_result "$node" "$acl_flag" "$acl_access" \
"$acl_inherit_object" "$acl_inherit_strategy" "$acl_type"
# Check "chmod A-"
log_must usr_exec chmod A0- $node
log_must usr_exec eval "ls -Vd $node > $cur_ace"
diff $orig_ace $cur_ace
[[ $? -ne 0 ]] && log_fail "FAIL: 'chmod A-' failed."
done
[[ -f $orig_ace ]] && log_must usr_exec rm -f $orig_ace
[[ -f $cur_ace ]] && log_must usr_exec rm -f $cur_ace
}
for user in root $ZFS_ACL_STAFF1; do
set_cur_usr $user
typeset -i loop_cnt=2
while ((loop_cnt > 0)); do
log_must usr_exec touch $testfile
test_chmod_map $testfile
log_must rm -f $testfile
log_must usr_exec mkdir $testdir
test_chmod_map $testdir
log_must rm -rf $testdir
((loop_cnt -= 1))
done
done
log_pass "chmod A{+|=} set compact ACL correctly."