1 #! /usr/bin/ksh -p
2 #
3 # CDDL HEADER START
4 #
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
8 #
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
13 #
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
19 #
20 # CDDL HEADER END
21 #
22
23 #
24 # Copyright 2009 Sun Microsystems, Inc. All rights reserved.
25 # Use is subject to license terms.
26 #
27
28 . $STF_SUITE/tests/acl/acl_common.kshlib
29
30 #################################################################################
31 #
32 # __stc_assertion_start
33 #
34 # ID: acl_chmod_xattr_pos002
35 #
36 # DESCRIPTION:
37 # Verify that the write_xattr for remove the extended attributes of
38 # owner/group/everyone are correct.
39 #
40 # STRATEGY:
41 # 1. Create file and directory in nfs filesystem
42 # 2. Set special write_xattr ACE to the file and directory
43 # 3. Try to remove the extended attributes of the file and directory
44 # 4. Verify above operation is successful.
45 #
46 # TESTABILITY: explicit
47 #
48 # TEST_AUTOMATION_LEVEL: automated
49 #
50 # __stc_assertion_end
51 #
52 ################################################################################
53
54 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
55 && set -x
56
57 function case_cleanup
58 {
59 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
60 && set -x
61
62 cd $cwd
63
64 cleanup_test_files $TESTDIR/basedir
65
66 if [[ -e $TESTDIR/$ARCHIVEFILE ]]; then
67 RUN_CHECK $RM -f $TESTDIR/$ARCHIVEFILE
68 fi
69
70 cleanup $1
71 }
72
73 # owner@ group group_users other_users
74 set -A users \
75 "root" "root" "$ACL_ADMIN" "$ACL_OTHER1" \
76 "$ACL_STAFF1" "$ACL_STAFF_GROUP" "$ACL_STAFF2" "$ACL_OTHER1"
77
78 set -A a_access \
79 "write_xattr:allow" \
80 "write_xattr:deny"
81
82 set -A a_flag "owner@" "group@" "everyone@"
83
84 MYTESTFILE=$STF_SUITE/STF.INFO
85
86 echo "ASSERTION: Verify that the permission of write_xattr for " \
87 "owner/group/everyone while remove extended attributes are correct."
88
89 function operate_node #user node acl
90 {
91 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
92 && set -x
93
94 typeset user=$1
95 typeset node=$2
96 typeset acl_t=$3
97 typeset ret
98
99 if [[ $user == "" || $node == "" ]]; then
100 echo "user, node are not defined."
101 case_cleanup $STF_FAIL
102 fi
103
104 RUN_CHECK chgusr_exec $user $RUNAT $node $RM -f attr.0
105 ret=$?
106
107 if [[ $ret -eq 0 ]]; then
108 RUN_CHECK cleanup_test_files basedir \
109 || case_cleanup $STF_FAIL
110 RUN_CHECK $TAR xpf@ $ARCHIVEFILE \
111 || case_cleanup $STF_FAIL
112 fi
113
114 return $ret
115 }
116
117 function logname #acl_target owner user
118 {
119 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
120 && set -x
121
122 typeset acl_target=$1
123 typeset owner=$2
124 typeset user=$3
125 typeset ret="RUN_CHECKNEG"
126
127 # To super user, read and write deny permission was override.
128 if [[ $user == root || $owner == $user ]] then
129 ret="RUN_CHECK"
130 fi
131
132 print $ret
133 }
134
135 function check_chmod_results #node flag acl_target owner g_usr o_usr
136 {
137 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
138 && set -x
139
140 typeset node=$1
141 typeset flg=$2
142 typeset acl_target=$2:$3
143 typeset owner=$4
144 typeset g_usr=$5
145 typeset o_usr=$6
146 typeset log
147
148 if [[ $flg == "owner@" || $flg == "everyone@" ]]; then
149 eval "log=$(logname $acl_target $owner $ACL_CUR_USER)"
150 $log operate_node $ACL_CUR_USER $node $acl_target \
151 || case_cleanup $STF_FAIL
152 fi
153 if [[ $flg == "group@" || $flg == "everyone@" ]]; then
154 eval "log=$(logname $acl_target $owner $g_usr)"
155 $log operate_node $g_usr $node $acl_target \
156 || case_cleanup $STF_FAIL
157 fi
158 if [[ $flg == "everyone@" ]]; then
159 eval "log=$(logname $acl_target $owner $o_usr)"
160 $log operate_node $o_usr $node $acl_target \
161 || case_cleanup $STF_FAIL
162 fi
163 }
164
165 function test_chmod_basic_access #node owner g_usr o_usr
166 {
167 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
168 && set -x
169
170 typeset node=${1%/}
171 typeset owner=$2
172 typeset g_usr=$3
173 typeset o_usr=$4
174 typeset flg acl_p acl_t parent
175
176 parent=${node%/*}
177
178 for flg in ${a_flag[@]}; do
179 for acl_t in "${a_access[@]}"; do
180 RUN_CHECK usr_exec $CHMOD A+$flg:$acl_t $node \
181 || case_cleanup $STF_FAIL
182
183 RUN_CHECK $TAR cpf@ $ARCHIVEFILE basedir \
184 || case_cleanup $STF_FAIL
185
186 check_chmod_results "$node" "$flg" \
187 "$acl_t" "$owner" "$g_usr" "$o_usr"
188
189 RUN_CHECK usr_exec $CHMOD A0- $node \
190 || case_cleanup $STF_FAIL
191
192 done
193 done
194 }
195
196 function setup_test_files #base_node user group
197 {
198 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
199 && set -x
200
201 typeset base_node=$1
202 typeset user=$2
203 typeset group=$3
204
205 cleanup_test_files $base_node
206
207 RUN_CHECK $MKDIR -p $base_node || case_cleanup $STF_FAIL
208 RUN_CHECK $CHOWN $user:$group $base_node || case_cleanup $STF_FAIL
209
210 RUN_CHECK set_cur_usr $user || case_cleanup $STF_FAIL
211
212 # Prepare all files/sub-dirs for testing.
213
214 file0=$base_node/testfile_rm
215
216 dir0=$base_node/testdir_rm
217
218 RUN_CHECK usr_exec $TOUCH $file0 || case_cleanup $STF_FAIL
219 RUN_CHECK usr_exec $CHMOD 444 $file0 || case_cleanup $STF_FAIL
220
221 RUN_CHECK usr_exec $RUNAT $file0 $CP $MYTESTFILE attr.0 \
222 || case_cleanup $STF_FAIL
223
224 RUN_CHECK usr_exec $MKDIR -p $dir0 || case_cleanup $STF_FAIL
225 RUN_CHECK usr_exec $CHMOD 555 $dir0 || case_cleanup $STF_FAIL
226
227 RUN_CHECK usr_exec $RUNAT $dir0 $CP $MYTESTFILE attr.0 \
228 || case_cleanup $STF_FAIL
229
230 RUN_CHECK usr_exec $CHMOD 555 $base_node || case_cleanup $STF_FAIL
231 return 0
232 }
233
234 function cleanup_test_files #base_node
235 {
236 [[ :$NFSGEN_DEBUG: = *:${NAME}:* || :${NFSGEN_DEBUG}: = *:all:* ]] \
237 && set -x
238
239 typeset base_node=$1
240
241 if [[ -d $base_node ]]; then
242 RUN_CHECK $RM -rf $base_node || cleanup $STF_FAIL
243 elif [[ -e $base_node ]]; then
244 RUN_CHECK $RM -f $base_node || cleanup $STF_FAIL
245 fi
246
247 return 0
248 }
249
250 typeset cwd=$PWD
251 typeset ARCHIVEFILE=archive.tar
252
253 typeset -i i=0
254 typeset -i j=0
255 typeset target
256
257 cd $TESTDIR
258 while (( i < ${#users[@]} )); do
259 setup_test_files basedir ${users[i]} ${users[((i+1))]}
260
261 j=0
262 while (( j < 1 )); do
263 eval target=\$file$j
264 test_chmod_basic_access $target ${users[i]} \
265 "${users[((i+2))]}" "${users[((i+3))]}"
266
267 eval target=\$dir$j
268 test_chmod_basic_access $target ${users[i]} \
269 "${users[((i+2))]}" "${users[((i+3))]}"
270
271 (( j = j + 1 ))
272 done
273
274 (( i += 4 ))
275 done
276
277 # Verify that the permission of write_xattr for
278 # owner/group/everyone while remove extended attributes are correct.
279 case_cleanup $STF_PASS