d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# CDDL HEADER START
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# The contents of this file are subject to the terms of the
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# Common Development and Distribution License (the "License").
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# You may not use this file except in compliance with the License.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# or http://www.opensolaris.org/os/licensing.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# See the License for the specific language governing permissions
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# and limitations under the License.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# When distributing Covered Code, include this CDDL HEADER in each
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# If applicable, add the following below this CDDL HEADER, with the
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# fields enclosed by brackets "[]" replaced with your own identifying
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# information: Portions Copyright [yyyy] [name of copyright owner]
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# CDDL HEADER END
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# Copyright 2009 Sun Microsystems, Inc. All rights reserved.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# Use is subject to license terms.
1d32ba663e202c24a5a1f2e5aef83fffb447cb7fJohn Wren Kennedy# Copyright (c) 2016 by Delphix. All rights reserved.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy. $STF_SUITE/tests/functional/acl/acl_common.kshlib
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# chmod A{+|-|=} read_data|write_data|execute for owner@ group@ or
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# everyone@ correctly alters mode bits .
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# 1. Loop root and non-root user.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# 2. Get the random initial map.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# 3. Get the random ACL string.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# 4. Separately chmod +|-|= read_data|write_data|execute
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# 5. Check map bits
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedylog_assert "chmod A{+|-|=} read_data|write_data|execute for owner@, group@ " \
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy "or everyone@ correctly alters mode bits."
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedyset -A a_access read_data write_data execute
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# Get a random item from an array.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# $1 the base set
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy eval print \${${arr_name}[$ind]}
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# Create a random string according to array name, the item number and
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# separated tag.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# $1 array name where the function get the elements
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# $2 the items number which you want to form the random string
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# $3 the separated tag
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedyfunction form_random_str #<array_name> <count> <sep>
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy typeset -i count=${2:-1}
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy str="${str}$(random_select $arr_name)${sep}"
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# According to the original bits, the input ACE access and ACE type, return the
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# expect bits after 'chmod A0{+|=}'.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# $1 bits which was make up of three bit 'rwx'
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# $2 ACE access which is read_data, write_data or execute
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# $3 ACE type which is allow or deny
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedyfunction cal_bits #bits acl_access acl_type
01ff4119377acad6b30d6f06f2bfd0f982720b10Yuri Pankov typeset -i i=0
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy if [[ $acl_access == *"${a_access[i]}"* ]]; then
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# Based on the initial node map before chmod and the ace-spec, check if chmod
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# has the correct behaven to map bits.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedyfunction check_test_result #init_mode node acl_flag acl_access a_type
01ff4119377acad6b30d6f06f2bfd0f982720b10Yuri Pankov typeset g_bits=${init_mode:3:3}
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy if [[ $acl_flag == "owner" || $acl_flag == "everyone" ]]; then
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy u_bits=$(cal_bits $u_bits $acl_access $acl_type)
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy if [[ $acl_flag == "group" || $acl_flag == "everyone" ]]; then
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy g_bits=$(cal_bits $g_bits $acl_access $acl_type)
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy o_bits=$(cal_bits $o_bits $acl_access $acl_type)
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy if [[ $cur_mode == $u_bits$g_bits$o_bits ]]; then
fa517adbe8e043d0cdff8c3b22591c6fdec89934Yuri Pankov log_note "SUCCESS: Current map($cur_mode) == " \
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy log_fail "FAIL: Current map($cur_mode) != " \
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy typeset init_mask acl_flag acl_access acl_type
fa517adbe8e043d0cdff8c3b22591c6fdec89934Yuri Pankov log_fail "FAIL: file name or directory name is not defined."
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy (( cnt = ($RANDOM % ${#a_access[@]}) + 1 ))
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy acl_access=$(form_random_str a_access $cnt '/')
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy typeset acl_spec=${acl_flag}@:${acl_access}:${acl_type}
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy # Set the initial map and back the initial ACEs
1d32ba663e202c24a5a1f2e5aef83fffb447cb7fJohn Wren Kennedy log_must usr_exec eval "ls -vd $node > $orig_ace"
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy # To "A=", firstly add one ACE which can't modify map
1d32ba663e202c24a5a1f2e5aef83fffb447cb7fJohn Wren Kennedy log_must chmod A0+user:$ZFS_ACL_OTHER1:execute:deny \
1d32ba663e202c24a5a1f2e5aef83fffb447cb7fJohn Wren Kennedy log_must usr_exec chmod $operator$acl_spec $node
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy $init_mode $node $acl_flag $acl_access $acl_type
1d32ba663e202c24a5a1f2e5aef83fffb447cb7fJohn Wren Kennedy log_must usr_exec eval "ls -vd $node > $cur_ace"
fa517adbe8e043d0cdff8c3b22591c6fdec89934Yuri Pankov log_note "SUCCESS: current ACEs are equal to " \
1d32ba663e202c24a5a1f2e5aef83fffb447cb7fJohn Wren Kennedy [[ -f $orig_ace ]] && log_must usr_exec rm -f $orig_ace
1d32ba663e202c24a5a1f2e5aef83fffb447cb7fJohn Wren Kennedy [[ -f $cur_ace ]] && log_must usr_exec rm -f $cur_ace
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedylog_pass "chmod A{+|-|=} read_data|write_data|execute for owner@, group@ " \
fa517adbe8e043d0cdff8c3b22591c6fdec89934Yuri Pankov "or everyone@ correctly alters mode bits passed."