1 #! /usr/bin/ksh -p
2 #
3 # CDDL HEADER START
4 #
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
8 #
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
13 #
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
19 #
20 # CDDL HEADER END
21 #
22
23 #
24 # Copyright 2009 Sun Microsystems, Inc. All rights reserved.
25 # Use is subject to license terms.
26 #
27
28 . $STF_SUITE/tests/acl/acl_common.kshlib
29
30 #################################################################################
31 #
32 # __stc_assertion_start
33 #
34 # ID: acl_chmod_inherit_pos001
35 #
36 # DESCRIPTION:
37 # Verify chmod have correct behaviour to directory and file when setting
38 # different inherit strategy to them.
39 #
40 # STRATEGY:
41 # 1. Loop super user and non-super user to run the test case.
42 # 2. Create basedir and a set of subdirectores and files within it.
43 # 3. Separately chmod basedir with different inherite options.
44 # 4. Then create nested directories and files like the following.
45 #
46 # _ odir4
47 # |_ ofile4
48 # _ odir3 _|
49 # |_ ofile3
50 # _ odir1 _|
51 # |_ ofile2
52 # basefile |
53 # chmod --> basedir -|
54 # |_ nfile1
55 # |_ ndir1 _
56 # |_ nfile2
57 # |_ ndir2 _
58 # |_ nfile3
59 # |_ ndir3
60 #
61 # 5. Verify each directories and files have the correct access control
62 # capability.
63 #
64 # TESTABILITY: explicit
65 #
66 # TEST_AUTOMATION_LEVEL: automated
67 #
68 # __stc_assertion_end
69 #
70 ################################################################################
71
72 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
73 && set -x
74
75 function case_cleanup
76 {
77 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
78 && set -x
79
80 [[ $1 != $STF_PASS ]] && [[ -f $STF_TMPDIR/$NAME.$$ ]] \
81 && cat $STF_TMPDIR/$NAME.$$
82 rm -rf $STF_TMPDIR/$NAME.$$.*
83
84 if [[ -f $basefile ]]; then
85 RUN_CHECK $RM -f $basefile
86 fi
87 if [[ -d $basedir ]]; then
88 RUN_CHECK $RM -rf $basedir
89 fi
90
91 # restore the mount option and enable attribute cache
92 RUN_CHECK cd /
93 RUN_CHECK do_remount
94
95 [[ -n $1 ]] && exit $1 || return 0
96 }
97
98 echo "ASSERTION: Verify chmod have correct behaviour to directory and file when " \
99 "setting different inherit strategies to them."
100
101 # This case needs to disable the attribute cache.
102 RUN_CHECK cd / || case_cleanup $STF_FAIL
103 RUN_CHECK do_remount noac || case_cleanup $STF_FAIL
104 RUN_CHECK cd $MNTDIR || case_cleanup $STF_FAIL
105
106 # Define inherit flag
107 set -A object_flag file_inherit dir_inherit file_inherit/dir_inherit
108 set -A strategy_flag "" inherit_only no_propagate inherit_only/no_propagate
109
110 # Defile the based directory and file
111 basedir=$TESTDIR/basedir; basefile=$TESTDIR/basefile
112
113 # Define the existed files and directories before chmod
114 odir1=$basedir/odir1; odir2=$odir1/odir2; odir3=$odir2/odir3
115 ofile1=$basedir/ofile1; ofile2=$odir1/ofile2; ofile3=$odir2/ofile3
116
117 # Define the files and directories will be created after chmod
118 ndir1=$basedir/ndir1; ndir2=$ndir1/ndir2; ndir3=$ndir2/ndir3
119 nfile1=$basedir/nfile1; nfile2=$ndir1/nfile2; nfile3=$ndir2/nfile3
120
121 # Verify all the node have expected correct access control
122 allnodes="$basedir $ndir1 $ndir2 $ndir3 $nfile1 $nfile2 $nfile3"
123 allnodes="$allnodes $odir1 $odir2 $odir3 $ofile1 $ofile2 $ofile3"
124
125
126 #
127 # According to inherited flag, verify subdirectories and files within it has
128 # correct inherited access control.
129 #
130 function verify_inherit #<object> [strategy]
131 {
132 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
133 && set -x
134
135 # Define the nodes which will be affected by inherit.
136 typeset inherit_nodes
137 typeset obj=$1
138 typeset str=$2
139
140 RUN_CHECK usr_exec $MKDIR -p $ndir3 || case_cleanup $STF_FAIL
141 RUN_CHECK usr_exec $TOUCH $nfile1 $nfile2 $nfile3 \
142 || case_cleanup $STF_FAIL
143
144 # Except for inherit_only, the basedir was affected always.
145 if [[ $str != *"inherit_only"* ]]; then
146 inherit_nodes="$inherit_nodes $basedir"
147 fi
148 # Get the files which inherited ACE.
149 if [[ $obj == *"file_inherit"* ]]; then
150 inherit_nodes="$inherit_nodes $nfile1"
151
152 if [[ $str != *"no_propagate"* ]]; then
153 inherit_nodes="$inherit_nodes $nfile2 $nfile3"
154 fi
155 fi
156 # Get the directores which inherited ACE.
157 if [[ $obj == *"dir_inherit"* ]]; then
158 inherit_nodes="$inherit_nodes $ndir1"
159
160 if [[ $str != *"no_propagate"* ]]; then
161 inherit_nodes="$inherit_nodes $ndir2 $ndir3"
162 fi
163 fi
164
165 for node in $allnodes; do
166 if [[ " $inherit_nodes " == *" $node "* ]]; then
167 RUN_CHECKNEG chgusr_exec $ACL_OTHER1 $LS -vd $node \
168 > $STF_TMPDIR/$NAME.$$ 2>&1 \
169 || case_cleanup $STF_FAIL
170 else
171 RUN_CHECK chgusr_exec $ACL_OTHER1 $LS -vd $node \
172 > $STF_TMPDIR/$NAME.$$ 2>&1 \
173 || case_cleanup $STF_FAIL
174 fi
175 done
176 }
177
178 for user in root $ACL_STAFF1; do
179 RUN_CHECK set_cur_usr $user || case_cleanup $STF_FAIL
180
181 for obj in "${object_flag[@]}"; do
182 for str in "${strategy_flag[@]}"; do
183 typeset inh_opt=$obj
184 (( ${#str} != 0 )) && inh_opt=$inh_opt/$str
185 aclspec="A+user:$ACL_OTHER1:read_acl:$inh_opt:deny"
186
187 RUN_CHECK usr_exec $MKDIR $basedir \
188 || case_cleanup $STF_FAIL
189 RUN_CHECK usr_exec $TOUCH $basefile \
190 || case_cleanup $STF_FAIL
191 RUN_CHECK usr_exec $MKDIR -p $odir3 \
192 || case_cleanup $STF_FAIL
193 RUN_CHECK usr_exec $TOUCH $ofile1 $ofile2 $ofile3 \
194 || case_cleanup $STF_FAIL
195
196 #
197 # Inherit flag can only be placed on a directory,
198 # otherwise it will fail.
199 #
200 RUN_CHECK usr_exec $CHMOD $aclspec $basefile \
201 || case_cleanup $STF_FAIL
202
203 #
204 # Place on a directory should succeed.
205 #
206 RUN_CHECK usr_exec $CHMOD $aclspec $basedir \
207 || case_cleanup $STF_FAIL
208
209 verify_inherit $obj $str
210
211 RUN_CHECK usr_exec $RM -rf $basefile $basedir \
212 || case_cleanup $STF_FAIL
213 done
214 done
215 done
216
217 # Verify chmod inherit behaviour passed.
218 case_cleanup $STF_PASS