big-one New usr/src/test/nfsv4-tests/tests/acl/cmd_tests/setfacl

   1 #! /usr/bin/ksh -p
   2 #
   3 # CDDL HEADER START
   4 #
   5 # The contents of this file are subject to the terms of the
   6 # Common Development and Distribution License (the "License").
   7 # You may not use this file except in compliance with the License.
   8 #
   9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10 # or http://www.opensolaris.org/os/licensing.
  11 # See the License for the specific language governing permissions
  12 # and limitations under the License.
  13 #
  14 # When distributing Covered Code, include this CDDL HEADER in each
  15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16 # If applicable, add the following below this CDDL HEADER, with the
  17 # fields enclosed by brackets "[]" replaced with your own identifying
  18 # information: Portions Copyright [yyyy] [name of copyright owner]
  19 #
  20 # CDDL HEADER END
  21 #
  22 
  23 #
  24 # Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  25 # Use is subject to license terms.
  26 #
  27 # ACL setfacl/getfacl positive basic test
  28 #     Call setfacl(1) modify 'users' in the ACL entries to a file;
  29 #     then verify ACLs are set correctly with getfacl(1).
  30 #
  31 
  32 if [ -z "$DEBUG" ]; then
  33     export DEBUG=0 
  34 else
  35     [ "$DEBUG" != "0" ] && set -x
  36 fi
  37 
  38 NAME=`basename $0`
  39 CDIR=`pwd`
  40 
  41 # Source for common functions
  42 . $CDIR/ACL.utils
  43 
  44 # Preparation: create temp file/directory for testing 
  45 # Assume MNTPTR is the base test directory.
  46 TFILE=$MNTPTR/$NAME.file.$$
  47 EFILE=$TMPDIR/$NAME.err.$$
  48 
  49 function test_setup
  50 {
  51     [ "$DEBUG" != "0" ] && set -x
  52     echo "\n" > $EFILE
  53     echo "This is test file for $NAME" > $TFILE  2>> $EFILE || return $?
  54     chmod 0666 $TFILE >> $EFILE 2>&1 || return $?
  55 }
  56 
  57 function cleanup
  58 {
  59     [ "$DEBUG" != "0" ] && set -x
  60     rm -fr $TFILE $EFILE $TMPDIR/$NAME.*.$$
  61     exit $1
  62 }
  63 
  64 # Test assertion driver
  65 function run_assertion
  66 {
  67     [ "$DEBUG" != "0" ] && set -x
  68     OP=${1}
  69     TOBJ=${2}
  70     ULIST=${3}
  71     WHO=$4
  72     CANREAD=$5
  73 
  74     echo "\n" > $EFILE
  75     set_acls $OP $TOBJ "$ULIST" $WHO || return $FAIL
  76     get_acls $TOBJ $TMPDIR/$NAME.ga.$$  || return $FAIL
  77     ck_aces $OP "$ULIST" $TMPDIR/$NAME.ga.$$ || return $FAIL
  78     # try to read the file as user in ULIST
  79     if [ -n "$CANREAD" ]; then
  80         # get the user and try to read
  81         user=$(echo $ULIST | nawk -F\: '{print $1}')
  82         su $user -c "cat $TOBJ" > $TMPDIR/$NAME.ga2.$$ 2>&1
  83         if [[ $? -eq 0 && "$CANREAD" != "true" ]]; then
  84                 echo "\t Test FAIL, user<$user> still can read $TOBJ"
  85                 grep $user $TMPDIR/$NAME.ga.$$
  86                 cat $TMPDIR/$NAME.ga2.$$
  87                 return $FAIL
  88         fi
  89         [ "$DEBUG" != "0" ] && cat $TMPDIR/$NAME.ga2.$$
  90     fi
  91         
  92     echo "\t Test PASS"
  93 
  94 }
  95 
  96 # Start main program here:
  97 # ----------------------------------------------------------------------
  98 test_setup
  99 if [ $? -ne 0 ]; then
 100     echo "$NAME{setup}: preparation for $NAME test"
 101     echo "\t UNINITIATED - no assertions will be run"
 102     cat $EFILE
 103     cleanup $UNINITIATED
 104 fi
 105 
 106 # Assertions
 107 # ----------------------------------------------------------------------
 108 # setfacl to modify/delete user & perms to a file:
 109 ULIST="$TUSER1:rwx $TUSER2:rw- $TUSER3:--x sys:r-x"
 110 ASSERTION="setfacl to add <$ULIST>\n\tusers to the file, expect successful"
 111 echo "$NAME{a}: $ASSERTION"
 112 run_assertion m $TFILE "$ULIST" user
 113 
 114 # b: setfacl to modify user & perms in a file, expect successful
 115 ULIST="$TUSER1:r-x $TUSER3:rwx sys:rw-"
 116 ASSERTION="setfacl to modify these <$ULIST>\n\tusers to the file,"
 117 ASSERTION="$ASSERTION expect successful"
 118 echo "$NAME{b}: $ASSERTION"
 119 run_assertion m $TFILE "$ULIST" user
 120 
 121 # c: setfacl to modify mask in a file, expect successful
 122 ULIST="mask:--x"
 123 ASSERTION="setfacl to modify <$ULIST> to the file, expect successful"
 124 echo "$NAME{c}: $ASSERTION"
 125 run_assertion m $TFILE $ULIST ""
 126 
 127 # d: verify users' perms are correct after the mask changed
 128 ULIST="$TUSER1:--x $TUSER3--x sys:---"
 129 ASSERTION="verify effective perms on file of users \n\t<$ULIST> set correctly"
 130 echo "$NAME{d}: $ASSERTION"
 131 get_acls $TFILE $TMPDIR/$NAME.gd.$$ && \
 132         ck_aces me "$ULIST" $TMPDIR/$NAME.gd.$$ && echo "\t Test PASS" 
 133 
 134 # e: setfacl to modify user w/all perms; but can't read the file due to mask
 135 ULIST="$TUSER2:rwx"
 136 ASSERTION="setfacl to modify <$ULIST> to the file; but user\n\tshould still"
 137 ASSERTION="$ASSERTION not able to read the file due to mask set before."
 138 echo "$NAME{e}: $ASSERTION"
 139 run_assertion m $TFILE $ULIST user true
 140 
 141 # f: setfacl to delete user & perms in the file, expect successful
 142 ULIST="$TUSER1:r-x $TUSER2:r-- $TUSER3:rwx sys:rw-"
 143 ASSERTION="delete users <$ULIST>\n\tACLs from the file, expect successful"
 144 echo "$NAME{f}: $ASSERTION"
 145 run_assertion d $TFILE "$ULIST" user
 146 
 147 
 148 # Finally cleanup and exit
 149 cleanup $PASS