d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# CDDL HEADER START
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# The contents of this file are subject to the terms of the
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# Common Development and Distribution License (the "License").
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# You may not use this file except in compliance with the License.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# or http://www.opensolaris.org/os/licensing.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# See the License for the specific language governing permissions
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# and limitations under the License.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# When distributing Covered Code, include this CDDL HEADER in each
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# If applicable, add the following below this CDDL HEADER, with the
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# fields enclosed by brackets "[]" replaced with your own identifying
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# information: Portions Copyright [yyyy] [name of copyright owner]
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# CDDL HEADER END
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# Copyright 2007 Sun Microsystems, Inc. All rights reserved.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# Use is subject to license terms.
1d32ba663e202c24a5a1f2e5aef83fffb447cb7fJohn Wren Kennedy# Copyright (c) 2016 by Delphix. All rights reserved.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy. $STF_SUITE/tests/functional/acl/acl_common.kshlib
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# Verify that the read_data/write_data/execute permission for
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# 1. Loop root and non-root user.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# 2. Separated verify type@:access:allow|deny to file and directory
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# 3. To super user, read and write deny was override.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# 4. According to ACE list and override rule, expect that
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# read/write/execute file or directory succeed or fail.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# owner@ group_users other_users
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy "root" "$ZFS_ACL_ADMIN" "$ZFS_ACL_OTHER1" \
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy "$ZFS_ACL_STAFF1" "$ZFS_ACL_STAFF2" "$ZFS_ACL_OTHER1"
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy# In order to test execute permission, read_data was need firstly.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedyset -A a_access "read_data" "write_data" "read_data/execute"
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedyset -A a_flag "owner@" "group@" "everyone@"
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedylog_assert "Verify that the read_data/write_data/execute permission for" \
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy # To super user, read and write deny permission was override.
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy if [[ $acl_spec == *:allow ]] || \
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy [[ $user == root && -d $node ]] || \
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy [[ $user == root && $acl_spec != *"execute"* ]]
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy elif [[ $acl_spec == *:deny ]]; then
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedyfunction check_chmod_results #node acl_spec g_usr o_usr
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy if [[ $acl_spec == "owner@:"* || $acl_spec == "everyone@:"* ]]; then
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy log=$(logname $node $acl_spec $ZFS_ACL_CUR_USER)
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy $log rwx_node $ZFS_ACL_CUR_USER $node $acl_spec
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy if [[ $acl_spec == "group@:"* || $acl_spec == "everyone@:"* ]]; then
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedyfunction test_chmod_basic_access #node group_user other_user
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy test_chmod_basic_access $testfile ${users[((i+1))]} ${users[((i+2))]}
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedy test_chmod_basic_access $testdir ${users[((i+1))]} ${users[((i+2))]}
1d32ba663e202c24a5a1f2e5aef83fffb447cb7fJohn Wren Kennedy log_must usr_exec rm -rf $testfile $testdir
d583b39bfb4e2571d3e41097c5c357ffe353ad45John Wren Kennedylog_pass "Verify that the read_data/write_data/execute permission for" \