1 #
2 # CDDL HEADER START
3 #
4 # The contents of this file are subject to the terms of the
5 # Common Development and Distribution License (the "License").
6 # You may not use this file except in compliance with the License.
7 #
8 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 # or http://www.opensolaris.org/os/licensing.
10 # See the License for the specific language governing permissions
11 # and limitations under the License.
12 #
13 # When distributing Covered Code, include this CDDL HEADER in each
14 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 # If applicable, add the following below this CDDL HEADER, with the
16 # fields enclosed by brackets "[]" replaced with your own identifying
17 # information: Portions Copyright [yyyy] [name of copyright owner]
18 #
19 # CDDL HEADER END
20 #
21
22 #
23 # Copyright 2006 Sun Microsystems, Inc. All rights reserved.
24 # Use is subject to license terms.
25 #
26 # NFSv4 ACL attributes:
27 #
28 # a: Test set ACL WHO attr to INTERACTIVE@; return ATTRNOTSUPP
29 # b: Test set ACL WHO attr to NETWORK@; return ATTRNOTSUPP
30 # c: Test set ACL WHO attr to DIALUP@; return ATTRNOTSUPP
31 # d: Test set ACL WHO attr to BATCH@; return ATTRNOTSUPP
32 # e: Test set ACL WHO attr to ANONYMOUS@; return ATTRNOTSUPP
33 # f: Test set ACL WHO attr to AUTHENTICATED@; return ATTRNOTSUPP
34 # g: Test set ACL WHO attr to SERVICE@; return ATTRNOTSUPP
35 # These tests return ATTRNOTSUPP for ufs, and return BADOWNER for zfs
36
37 set TESTROOT $env(TESTROOT)
38
39 # include common code and init section
40 source [file join ${TESTROOT} tcl.init]
41 source [file join ${TESTROOT} testproc]
42 source [file join ${TESTROOT} acltools]
43
44 # connect to the test server
45 Connect
46
47 # setting local variables
48 set TNAME $argv0
49
50 # Set params relating to test file
51 set filename "newfile.[pid]"
52 set fpath [file join ${BASEDIR} ${filename}]
53
54 # Create the test file and get its handle.
55 set tfh "[creatv4_file $fpath 777]"
56 if {$tfh == $NULL} {
57 putmsg stdout 0 "$TNAME: test setup"
58 putmsg stderr 0 "\t Test UNRESOLVED: failed to create tmp file=($filename)"
59 putmsg stderr 0 "\t\t status=($status)."
60 Disconnect
61 exit $UNRESOLVED
62 }
63
64 # Get handle for base directory
65 set bfh [get_fh "$BASEDIRS"]
66
67 # Generate default access masks.
68 set default_allow_mask [ aclmask { ACE4_READ_ATTRIBUTES \
69 ACE4_READ_ACL ACE4_READ_NAMED_ATTRS ACE4_READ_DATA \
70 ACE4_APPEND_DATA ACE4_WRITE_DATA ACE4_WRITE_NAMED_ATTRS ACE4_EXECUTE } ]
71
72 set default_deny_mask [ aclmask { ACE4_WRITE_ATTRIBUTES ACE4_WRITE_ACL} ]
73
74 set expcode_get "OK"
75 if $IsZFS {
76 set expcode_set "BADOWNER"
77 } else {
78 set expcode_set "ATTRNOTSUPP"
79 }
80
81 # Start testing
82 # ---------------------------------------------------------------
83 #a: Test set ACL WHO attr to INTERACTIVE@;
84
85 set tag "$TNAME{a}"
86 set ASSERTION "Test set ACL WHO attr to INTERACTIVE@ expect $expcode_set"
87 putmsg stdout 0 "$tag: $ASSERTION"
88
89 set sid {0 0}
90
91 # get the initial ACL settings.
92 set initial_acl [compound {Putfh $tfh; \
93 Getattr acl }]
94
95 ckres "Getattr acl" $status $expcode_get $initial_acl $FAIL
96
97 #
98 # Break the string returned from the Geattr acl command into
99 # a list and then extract the actual ACL settings.
100 #
101 set acl_list [extract_acl_list $initial_acl]
102 putmsg stderr 1 "$tag: initial ACL : $acl_list"
103
104 # Create the new ACL settings by modifying the appropriate entries.
105 #
106 # Order of entries in the list is as follows:
107 # <OWNER><OWNER><GROUP><GROUP><GROUP><EVERYONE><EVERYONE>
108 # For these tests we add a new WHO group to the end.
109 #
110 set acl_list_ln [llength $acl_list]
111 set acl_list [linsert $acl_list $acl_list_ln "0 0 $default_allow_mask INTERACTIVE\@"]
112 set acl_list_ln [llength $acl_list]
113 set acl_list [linsert $acl_list $acl_list_ln "1 0 $default_deny_mask INTERACTIVE\@"]
114 putmsg stderr 1 "$tag: new ACL : $acl_list"
115
116 # Attempt to set the new ACL values, expect this to fail.
117 set res [compound {Putfh $tfh; \
118 Setattr $sid { {acl \
119 { $acl_list } } } } ]
120
121 ckres "Setattr" $status $expcode_set $res $PASS
122
123 puts ""
124
125 # ---------------------------------------------------------------
126 #b: Test set ACL WHO attr to NETWORK@;
127
128 set tag "$TNAME{b}"
129 set ASSERTION "Test set ACL WHO attr to NETWORK@ expect $expcode_set"
130 putmsg stdout 0 "$tag: $ASSERTION"
131
132 set sid {0 0}
133
134 # get the initial ACL settings.
135 set initial_acl [compound {Putfh $tfh; \
136 Getattr acl }]
137
138 ckres "Getattr acl" $status $expcode_get $initial_acl $FAIL
139
140 #
141 # Break the string returned from the Geattr acl command into
142 # a list and then extract the actual ACL settings.
143 #
144 set acl_list [extract_acl_list $initial_acl]
145 putmsg stderr 1 "$tag: initial ACL : $acl_list"
146
147 # Create the new ACL settings by modifying the appropriate entries.
148 #
149 # Order of entries in the list is as follows:
150 # <OWNER><OWNER><GROUP><GROUP><GROUP><EVERYONE><EVERYONE>
151 # For these tests we add a new WHO group to the end.
152 #
153 set acl_list_ln [llength $acl_list]
154 set acl_list [linsert $acl_list $acl_list_ln "0 0 $default_allow_mask NETWORK\@"]
155 set acl_list_ln [llength $acl_list]
156 set acl_list [linsert $acl_list $acl_list_ln "1 0 $default_deny_mask NETWORK\@"]
157 putmsg stderr 1 "$tag: new ACL : $acl_list"
158
159 # Attempt to set the new ACL values, expect this to fail.
160 set res [compound {Putfh $tfh; \
161 Setattr $sid { {acl \
162 { $acl_list } } } } ]
163
164 ckres "Setattr" $status $expcode_set $res $PASS
165
166 puts ""
167
168 # ---------------------------------------------------------------
169 #c: Test set ACL WHO attr to DIALUP@;
170
171 set tag "$TNAME{c}"
172 set ASSERTION "Test set ACL WHO attr to DIALUP@ expect $expcode_set"
173 putmsg stdout 0 "$tag: $ASSERTION"
174
175 set sid {0 0}
176
177 # get the initial ACL settings.
178 set initial_acl [compound {Putfh $tfh; \
179 Getattr acl }]
180
181 ckres "Getattr acl" $status $expcode_get $initial_acl $FAIL
182
183 #
184 # Break the string returned from the Geattr acl command into
185 # a list and then extract the actual ACL settings.
186 #
187 set acl_list [extract_acl_list $initial_acl]
188 putmsg stderr 1 "$tag: initial ACL : $acl_list"
189
190 # Create the new ACL settings by modifying the appropriate entries.
191 #
192 # Order of entries in the list is as follows:
193 # <OWNER><OWNER><GROUP><GROUP><GROUP><EVERYONE><EVERYONE>
194 # For these tests we add a new WHO group to the end.
195 #
196 set acl_list_ln [llength $acl_list]
197 set acl_list [linsert $acl_list $acl_list_ln "0 0 $default_allow_mask DIALUP\@"]
198 set acl_list_ln [llength $acl_list]
199 set acl_list [linsert $acl_list $acl_list_ln "1 0 $default_deny_mask DIALUP\@"]
200 putmsg stderr 1 "$tag: new ACL : $acl_list"
201
202 # Attempt to set the new ACL values, expect this to fail.
203 set res [compound {Putfh $tfh; \
204 Setattr $sid { {acl \
205 { $acl_list } } } } ]
206
207 ckres "Setattr" $status $expcode_set $res $PASS
208
209 puts ""
210
211 # ---------------------------------------------------------------
212 #d: Test set ACL WHO attr to BATCH@;
213
214 set tag "$TNAME{d}"
215 set ASSERTION "Test set ACL WHO attr to BATCH@ expect $expcode_set"
216 putmsg stdout 0 "$tag: $ASSERTION"
217
218 set sid {0 0}
219
220 # get the initial ACL settings.
221 set initial_acl [compound {Putfh $tfh; \
222 Getattr acl }]
223
224 ckres "Getattr acl" $status $expcode_get $initial_acl $FAIL
225
226 #
227 # Break the string returned from the Geattr acl command into
228 # a list and then extract the actual ACL settings.
229 #
230 set acl_list [extract_acl_list $initial_acl]
231 putmsg stderr 1 "$tag: initial ACL : $acl_list"
232
233 # Create the new ACL settings by modifying the appropriate entries.
234 #
235 # Order of entries in the list is as follows:
236 # <OWNER><OWNER><GROUP><GROUP><GROUP><EVERYONE><EVERYONE>
237 # For these tests we add a new WHO group to the end.
238 #
239 set acl_list_ln [llength $acl_list]
240 set acl_list [linsert $acl_list $acl_list_ln "0 0 $default_allow_mask BATCH\@"]
241 set acl_list_ln [llength $acl_list]
242 set acl_list [linsert $acl_list $acl_list_ln "1 0 $default_deny_mask BATCH\@"]
243 putmsg stderr 1 "$tag: new ACL : $acl_list"
244
245 # Attempt to set the new ACL values, expect this to fail.
246 set res [compound {Putfh $tfh; \
247 Setattr $sid { {acl \
248 { $acl_list } } } } ]
249
250
251 ckres "Setattr" $status $expcode_set $res $PASS
252
253 puts ""
254
255 # ---------------------------------------------------------------
256 #e: Test set ACL WHO attr to ANONYMOUS@;
257
258 set tag "$TNAME{e}"
259 set ASSERTION "Test set ACL WHO attr to ANONYMOUS@ expect $expcode_set"
260 putmsg stdout 0 "$tag: $ASSERTION"
261
262 set sid {0 0}
263
264 # get the initial ACL settings.
265 set initial_acl [compound {Putfh $tfh; \
266 Getattr acl }]
267
268 ckres "Getattr acl" $status $expcode_get $initial_acl $FAIL
269
270 #
271 # Break the string returned from the Geattr acl command into
272 # a list and then extract the actual ACL settings.
273 #
274 set acl_list [extract_acl_list $initial_acl]
275 putmsg stderr 1 "$tag: initial ACL : $acl_list"
276
277 # Create the new ACL settings by modifying the appropriate entries.
278 #
279 # Order of entries in the list is as follows:
280 # <OWNER><OWNER><GROUP><GROUP><GROUP><EVERYONE><EVERYONE>
281 # For these tests we add a new WHO group to the end.
282 #
283 set acl_list_ln [llength $acl_list]
284 set acl_list [linsert $acl_list $acl_list_ln "0 0 $default_allow_mask ANONYMOUS\@"]
285 set acl_list_ln [llength $acl_list]
286 set acl_list [linsert $acl_list $acl_list_ln "1 0 $default_deny_mask ANONYMOUS\@"]
287 putmsg stderr 1 "$tag: new ACL : $acl_list"
288
289 # Attempt to set the new ACL values, expect this to fail.
290 set res [compound {Putfh $tfh; \
291 Setattr $sid { {acl \
292 { $acl_list } } } } ]
293
294
295 ckres "Setattr" $status $expcode_set $res $PASS
296
297 puts ""
298
299 # ---------------------------------------------------------------
300 #f: Test set ACL WHO attr to AUTHENTICATED@;
301
302 set tag "$TNAME{f}"
303 set ASSERTION "Test set ACL WHO attr to AUTHENTICATED@ expect $expcode_set"
304 putmsg stdout 0 "$tag: $ASSERTION"
305
306 set sid {0 0}
307
308 # get the initial ACL settings.
309 set initial_acl [compound {Putfh $tfh; \
310 Getattr acl }]
311
312 ckres "Getattr acl" $status $expcode_get $initial_acl $FAIL
313
314 #
315 # Break the string returned from the Geattr acl command into
316 # a list and then extract the actual ACL settings.
317 #
318 set acl_list [extract_acl_list $initial_acl]
319 putmsg stderr 1 "$tag: initial ACL : $acl_list"
320
321 # Create the new ACL settings by modifying the appropriate entries.
322 #
323 # Order of entries in the list is as follows:
324 # <OWNER><OWNER><GROUP><GROUP><GROUP><EVERYONE><EVERYONE>
325 # For these tests we add a new WHO group to the end.
326 #
327 set acl_list_ln [llength $acl_list]
328 set acl_list [linsert $acl_list $acl_list_ln "0 0 $default_allow_mask ANONYMOUS\@"]
329 set acl_list_ln [llength $acl_list]
330 set acl_list [linsert $acl_list $acl_list_ln "1 0 $default_deny_mask ANONYMOUS\@"]
331 putmsg stderr 1 "$tag: new ACL : $acl_list"
332
333 # Attempt to set the new ACL values, expect this to fail.
334 set res [compound {Putfh $tfh; \
335 Setattr $sid { {acl \
336 { $acl_list } } } } ]
337
338 ckres "Setattr" $status $expcode_set $res $PASS
339
340 puts ""
341
342 # ---------------------------------------------------------------
343 #g: Test set ACL WHO attr to SERVICE@;
344
345 set tag "$TNAME{g}"
346 set ASSERTION "Test set ACL WHO attr to SERVICE@ expect $expcode_set"
347 putmsg stdout 0 "$tag: $ASSERTION"
348
349 set sid {0 0}
350
351 # get the initial ACL settings.
352 set initial_acl [compound {Putfh $tfh; \
353 Getattr acl }]
354
355 ckres "Getattr acl" $status $expcode_get $initial_acl $FAIL
356
357 #
358 # Break the string returned from the Geattr acl command into
359 # a list and then extract the actual ACL settings.
360 #
361 set acl_list [extract_acl_list $initial_acl]
362 putmsg stderr 1 "$tag: initial ACL : $acl_list"
363
364 # Create the new ACL settings by modifying the appropriate entries.
365 #
366 # Order of entries in the list is as follows:
367 # <OWNER><OWNER><GROUP><GROUP><GROUP><EVERYONE><EVERYONE>
368 # For these tests we add a new WHO group to the end.
369 #
370 set acl_list_ln [llength $acl_list]
371 set acl_list [linsert $acl_list $acl_list_ln "0 0 $default_allow_mask ANONYMOUS\@"]
372 set acl_list_ln [llength $acl_list]
373 set acl_list [linsert $acl_list $acl_list_ln "1 0 $default_deny_mask ANONYMOUS\@"]
374 putmsg stderr 1 "$tag: new ACL : $acl_list"
375
376 # Attempt to set the new ACL values, expect this to fail.
377 set res [compound {Putfh $tfh; \
378 Setattr $sid { {acl \
379 { $acl_list } } } } ]
380
381 ckres "Setattr" $status $expcode_set $res $PASS
382
383 puts ""
384
385 #
386 # Cleanup
387 #
388 set tag "$TNAME-cleanup"
389 set res3 [compound {Putfh $bfh; Remove $filename}]
390 if {$status != "OK"} {
391 putmsg stderr 0 "\t WARNING: cleanup to remove created tmp file failed"
392 putmsg stderr 0 "\t status=$status; please cleanup manually."
393 putmsg stderr 1 "\t res=($res3)"
394 putmsg stderr 1 " "
395 }
396
397 Disconnect
398 exit $PASS