1 #! /usr/bin/ksh -p
2 #
3 # CDDL HEADER START
4 #
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
8 #
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
13 #
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
19 #
20 # CDDL HEADER END
21 #
22
23 #
24 # Copyright 2008 Sun Microsystems, Inc. All rights reserved.
25 # Use is subject to license terms.
26 #
27 # ACL setfacl/getfacl negative basic test
28 #
29
30 if [ -z "$DEBUG" ]; then
31 export DEBUG=0
32 else
33 [ "$DEBUG" != "0" ] && set -x
34 fi
35
36 NAME=`basename $0`
37 CDIR=`pwd`
38
39 # Source for common functions
40 . $CDIR/ACL.utils
41
42 # Preparation: create temp file/directory for testing
43 # Assume MNTPTR is the base test directory.
44 TFILE=$MNTPTR/$NAME.file.$$
45 EFILE=$TMPDIR/$NAME.err.$$
46
47 function test_setup
48 {
49 [ "$DEBUG" != "0" ] && set -x
50 echo "\n" > $EFILE
51 echo "This is test file for $NAME" > $TFILE 2>> $EFILE || return $?
52 chmod 0666 $TFILE >> $EFILE 2>&1 || return $?
53 }
54
55 function cleanup
56 {
57 [ "$DEBUG" != "0" ] && set -x
58 rm -fr $TFILE $EFILE $TMPDIR/$NAME.*.$$
59 exit $1
60 }
61
62 # Test assertion driver
63 function run_assertion
64 {
65 [ "$DEBUG" != "0" ] && set -x
66 OP=${1}
67 TOBJ=${2}
68 ULIST=${3}
69 CKLIST=$4
70
71 echo "\n" > $EFILE
72 for ac in $ULIST
73 do
74 CMD="setfacl -$OP $ac $TOBJ"
75 $CMD > $EFILE 2>&1
76 if [ $? -eq 0 ]; then
77 echo "\t Test FAIL: <$CMD> did not fail"
78 cat $EFILE
79 return $FAIL
80 fi
81 [ "$DEBUG" != "0" ] && echo "CMD=<$CMD>" && cat $EFILE
82 done
83 get_acls $TOBJ $TMPDIR/$NAME.ga.$$ || return $FAIL
84 [ -n "$CKLIST" ] && ULIST=$CKLIST
85 ULIST=$(echo $ULIST | sed 's/,/ /g')
86 ck_aces m "$ULIST" $TMPDIR/$NAME.ga.$$ || return $FAIL
87 [ "$DEBUG" != "0" ] && cat $TMPDIR/$NAME.ga.$$
88
89 echo "\t Test PASS"
90
91 }
92
93 # Start main program here:
94 # ----------------------------------------------------------------------
95 test_setup
96 if [ $? -ne 0 ]; then
97 echo "$NAME{setup}: preparation for $NAME test"
98 echo "\t UNINITIATED - no assertions will be run"
99 cat $EFILE
100 cleanup $UNINITIATED
101 fi
102
103 # Assertions
104 # ----------------------------------------------------------------------
105 # a: setfacl to delete default user/group/other of a file
106 if [[ $TestZFS == 1 ]]; then
107 ULIST="user::rw- group::rw-"
108 else
109 ULIST="user::rw- group::rw- other:rw-"
110 fi
111 ASSERTION="setfacl to delete these ACLs:\n\t<$ULIST> on a file; expect fail"
112 echo "$NAME{a}: $ASSERTION"
113 run_assertion d $TFILE "$ULIST" ""
114
115 # b: reset the ACLs in file with no user for owner
116 ULIST="group::rw- other:rw-"
117 ASSERTION="setfacl to reset ACLs in a file w/no user owner:\n\t"
118 ASSERTION="$ASSERTION<$ULIST>, expect fail"
119 echo "$NAME{b}: $ASSERTION"
120 run_assertion s $TFILE "$ULIST" ""
121
122 # c: reset the ACLs in file with no group for owner
123 ULIST="user::rw- other:rw-"
124 ASSERTION="setfacl to reset ACLs in a file w/no group owner:\n\t"
125 ASSERTION="$ASSERTION<$ULIST>, expect fail"
126 echo "$NAME{c}: $ASSERTION"
127 run_assertion s $TFILE "$ULIST" ""
128
129 # d: reset the ACLs in file with no other entry
130 ULIST="user::rw- group::rw-"
131 ASSERTION="setfacl to reset ACLs in a file w/no other entry:\n\t"
132 ASSERTION="$ASSERTION<$ULIST>, expect fail"
133 echo "$NAME{d}: $ASSERTION"
134 run_assertion s $TFILE "$ULIST" ""
135
136 # e: reset the ACLs in file w/additional user, but not mask
137 ULIST="user::rw-,group::rw-,other:rw-,user:$TUSER1:rwx"
138 ASSERTION="setfacl to reset ACLs in a file w/additional user, but not\n\t"
139 ASSERTION="$ASSERTION mask: <$ULIST>, expect fail"
140 echo "$NAME{e}: $ASSERTION"
141 run_assertion s $TFILE "$ULIST" "user::rw-,group::rw-,other:rw-"
142
143 # f: reset the ACLs in file w/two same users
144 ULIST="user::rw-,group::rw-,other:rw-,mask:rw-"
145 ULIST="$ULIST,user:$TUSER2:rwx,user:$TUSER2:rwx"
146 ASSERTION="setfacl to reset ACLs in a file w/two same users, \n <$ULIST>"
147 ASSERTION="$ASSERTION\n\texpect fail"
148 echo "$NAME{f}: $ASSERTION"
149 if [[ $TestZFS == 1 ]]; then
150 run_assertion s $TFILE "$ULIST" "user::rw-,group::rw-,other:rw-,mask:rwx"
151 else
152 run_assertion s $TFILE "$ULIST" "user::rw-,group::rw-,other:rw-,mask:rw-"
153 fi
154
155 # g: reset the ACLs in file w/two same group
156 ULIST="user::rw-,group::rw-,other:rw-,mask:rw-"
157 ULIST="$ULIST,group:bin:r-x,group:bin:rwx"
158 ASSERTION="setfacl to reset ACLs in a file w/two same group, \n <$ULIST>"
159 ASSERTION="$ASSERTION\n\texpect fail"
160 echo "$NAME{g}: $ASSERTION"
161 if [[ $TestZFS == 1 ]]; then
162 run_assertion s $TFILE "$ULIST" "user::rw-,group::rw-,other:rw-,mask:rwx"
163 else
164 run_assertion s $TFILE "$ULIST" "user::rw-,group::rw-,other:rw-,mask:rw-"
165 fi
166
167 # h: reset the ACLs in file w/default user
168 ULIST="user::rw-,group::rw-,other:rw-,mask:rw-"
169 ULIST="$ULIST,default:user:$TUSER1:r-x"
170 ASSERTION="setfacl to reset ACLs in a file w/default user, \n <$ULIST>"
171 ASSERTION="$ASSERTION\n\texpect fail"
172 echo "$NAME{h}: $ASSERTION"
173 if [[ $TestZFS == 1 ]]; then
174 run_assertion s $TFILE "$ULIST" "user::rw-,group::rw-,other:rw-,mask:rwx"
175 else
176 run_assertion s $TFILE "$ULIST" "user::rw-,group::rw-,other:rw-,mask:rw-"
177 fi
178
179 # Finally cleanup and exit
180 cleanup $PASS