big-one New usr/src/test/nfsv4-tests/tests/acl/cmd_tests/setfacl

   1 #! /usr/bin/ksh -p
   2 #
   3 # CDDL HEADER START
   4 #
   5 # The contents of this file are subject to the terms of the
   6 # Common Development and Distribution License (the "License").
   7 # You may not use this file except in compliance with the License.
   8 #
   9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10 # or http://www.opensolaris.org/os/licensing.
  11 # See the License for the specific language governing permissions
  12 # and limitations under the License.
  13 #
  14 # When distributing Covered Code, include this CDDL HEADER in each
  15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16 # If applicable, add the following below this CDDL HEADER, with the
  17 # fields enclosed by brackets "[]" replaced with your own identifying
  18 # information: Portions Copyright [yyyy] [name of copyright owner]
  19 #
  20 # CDDL HEADER END
  21 #
  22 
  23 #
  24 # Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  25 # Use is subject to license terms.
  26 #
  27 # ACL setfacl/getfacl positive basic test
  28 #     Call setfacl(1) modify 'groups' in the ACL entries to a
  29 #     directory; then verify ACLs are set correctly with getfacl(1).
  30 #
  31 
  32 if [ -z "$DEBUG" ]; then
  33     export DEBUG=0 
  34 else
  35     [ "$DEBUG" != "0" ] && set -x
  36 fi
  37 
  38 NAME=`basename $0`
  39 CDIR=`pwd`
  40 
  41 # Source for common functions
  42 . $CDIR/ACL.utils
  43 
  44 # Preparation: create temp file/directory for testing 
  45 # Assume MNTPTR is the base test directory.
  46 TDIR=$MNTPTR/$NAME.dir.$$
  47 EFILE=$TMPDIR/$NAME.err.$$
  48 
  49 function test_setup
  50 {
  51     [ "$DEBUG" != "0" ] && set -x
  52     echo "\n" > $EFILE
  53     mkdir -m 0777 $TDIR >> $EFILE 2>&1 || return $?
  54 }
  55 
  56 function cleanup
  57 {
  58     [ "$DEBUG" != "0" ] && set -x
  59     rm -fr $TDIR $EFILE $TMPDIR/$NAME.*.$$
  60     exit $1
  61 }
  62 
  63 # Test assertion driver
  64 function run_assertion
  65 {
  66     [ "$DEBUG" != "0" ] && set -x
  67     OP=${1}
  68     TOBJ=${2}
  69     ULIST=${3}
  70     WHO=$4
  71     CANREAD=$5
  72 
  73     echo "\n" > $EFILE
  74     set_acls $OP $TOBJ "$ULIST" $WHO || return $FAIL
  75     get_acls $TOBJ $TMPDIR/$NAME.ga.$$  || return $FAIL
  76     ULIST=$(echo $ULIST | sed 's/,/ /g')
  77     ck_aces $OP "$ULIST" $TMPDIR/$NAME.ga.$$ || return $FAIL
  78     # try to read the directory as group in ULIST
  79     if [ -n "$CANREAD" ]; then
  80         su $TUSER1 -c "ls $TOBJ" > $TMPDIR/$NAME.ga2.$$ 2>&1
  81         if [[ $? -eq 0 && $CANREAD != "true" ]]; then
  82                 echo "\t Test FAIL, user<$user> still can ls $TOBJ"
  83                 grep $user $TMPDIR/$NAME.ga.$$
  84                 cat $TMPDIR/$NAME.ga2.$$
  85                 return $FAIL
  86         fi
  87         [ "$DEBUG" != "0" ] && cat $TMPDIR/$NAME.ga2.$$
  88     fi
  89         
  90     echo "\t Test PASS"
  91 
  92 }
  93 
  94 # Start main program here:
  95 # ----------------------------------------------------------------------
  96 test_setup
  97 if [ $? -ne 0 ]; then
  98     echo "$NAME{setup}: preparation for $NAME test"
  99     echo "\t UNINITIATED - no assertions will be run"
 100     cat $EFILE
 101     cleanup $UNINITIATED
 102 fi
 103 
 104 # Assertions
 105 # ----------------------------------------------------------------------
 106 # a: setfacl to modify/delete group & perms to a directory:
 107 ULIST="other:rwx staff:rw- bin:--x nobody:r-x"
 108 ASSERTION="setfacl to add <$ULIST>\n\tgroups to the dir, expect successful"
 109 echo "$NAME{a}: $ASSERTION"
 110 run_assertion m $TDIR "$ULIST" group
 111 
 112 # b: setfacl to modify group & perms in a dir, expect successful
 113 ULIST="other:--- staff:r-- bin:-wx nobody:rwx"
 114 ASSERTION="modify these groups <$ULIST>\n\tof the directory,"
 115 ASSERTION="$ASSERTION expect successful"
 116 echo "$NAME{b}: $ASSERTION"
 117 run_assertion m $TDIR "$ULIST" group
 118 
 119 # c: setfacl to modify mask in a directory, expect successful
 120 ULIST="mask:-w-"
 121 ASSERTION="setfacl to modify <$ULIST> to the dir, expect successful"
 122 echo "$NAME{c}: $ASSERTION"
 123 run_assertion m $TDIR $ULIST ""
 124 
 125 # d: verify groups' perms are correct after the mask changed
 126 ULIST="other:--- staff:--- bin:-w- nobody:-w-"
 127 ASSERTION="verify effective perms on dir of groups \n\t<$ULIST> set correctly"
 128 echo "$NAME{d}: $ASSERTION"
 129 get_acls $TDIR $TMPDIR/$NAME.gd.$$ && \
 130         ck_aces me "$ULIST" $TMPDIR/$NAME.gd.$$ && echo "\t Test PASS" 
 131 
 132 # e: setfacl to modify group w/all perms; but can't <ls dir> due to mask
 133 ULIST="staff:rwx"
 134 ASSERTION="setfacl to modify <$ULIST> to the dir; but group\n\tshould still"
 135 ASSERTION="$ASSERTION not able to <ls> the directory due to mask set before."
 136 echo "$NAME{e}: $ASSERTION"
 137 run_assertion m $TDIR $ULIST group true
 138 
 139 # f: setfacl to delete group & perms in the directory, expect successful
 140 ULIST="other:--- staff:rwx bin:rw- nobody:rwx"
 141 ASSERTION="delete groups <$ULIST>\n\tACLs from the directory, expect successful"
 142 echo "$NAME{f}: $ASSERTION"
 143 run_assertion d $TDIR "$ULIST" group
 144 
 145 
 146 # Finally cleanup and exit
 147 cleanup $PASS