1#!/usr/local/bin/ksh93 -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 25# Use is subject to license terms. 26# 27# ident "@(#)zfs_acl_chmod_001_neg.ksh 1.4 09/01/13 SMI" 28# 29 30. $STF_SUITE/tests/acl/acl_common.kshlib 31 32################################################################################# 33# 34# __stc_assertion_start 35# 36# ID: zfs_acl_chmod_001_neg 37# 38# DESCRIPTION: 39# Verify 1) Illegal options to chmod should fail. 40# 2) Delete all the ACE will lead to fail. 41# 3) Add ACE exceed 1024 will cause to fail. 42# 43# STRATEGY: 44# 1. Loop root and non-root users 45# 2. Verify all kinds of illegal option will lead to chmod failed. 46# 3. Verify 'chmod A0-' will fail when try to delete all the ACE. 47# 4. Verify 'chmod A+' will succeed when the ACE number exceed 1024. 48# 49# TESTABILITY: explicit 50# 51# TEST_AUTOMATION_LEVEL: automated 52# 53# CODING_STATUS: COMPLETED (2005-10-14) 54# 55# __stc_assertion_end 56# 57################################################################################ 58 59verify_runnable "both" 60 61log_assert "Verify illegal operating to ACL, it will fail." 62log_onexit cleanup 63 64test_requires ZFS_ACL 65 66function err_opts #node 67{ 68 typeset A_opts="+A@ -A#- +A% =A^ =A# =A@ +A#\ asd \ 69 A+@ A-#- A+% A=^ A=# A=@ A+#" 70 71 log_note "Illegal option to chmod should fail." 72 for A in ${A_opts[@]}; do 73 log_mustnot usr_exec $CHMOD ${A}owner@:read_data:allow $node 74 log_mustnot usr_exec $CHMOD A+ asd owner@:execute:deny $node 75 done 76 77 typeset type_opts="everyone groups owner user@ users" 78 for tp in ${type_opts[@]}; do 79 log_mustnot usr_exec $CHMOD A+$tp:read_data:deny $node 80 done 81 82 return 0 83} 84 85function del_all_ACE #node 86{ 87 typeset node=$1 88 typeset -i cnt 89 90 cnt=$(count_ACE $node) 91 while (( cnt > 0 )); do 92 if (( cnt == 1 )); then 93 log_mustnot $CHMOD A0- $node 94 else 95 log_must $CHMOD A0- $node 96 fi 97 98 (( cnt -= 1 )) 99 done 100 101 return 0 102} 103 104function exceed_max_ACE #node 105{ 106 typeset node=$1 107 typeset -i max=1024 108 typeset -i cnt 109 110 cnt=$(count_ACE $node) 111 112 # One more ACE exceed the max limitation. 113 (( max = max - cnt + 1 )) 114 while (( max > 0 )); do 115 if (( max == 1 )); then 116 log_mustnot $CHMOD A+owner@:read_data:allow $node 117 else 118 $CHMOD A+owner@:read_data:allow $node 119 if (($? != 0)); then 120 ((cnt = 1024 - max)) 121 log_fail "Add No.$cnt ACL item failed." 122 fi 123 fi 124 125 (( max -= 1 )) 126 done 127 128 return 0 129} 130 131typeset node 132typeset func_name="err_opts del_all_ACE exceed_max_ACE" 133 134for usr in "root" "$ZFS_ACL_STAFF1"; do 135 log_must set_cur_usr $usr 136 137 for node in $testfile $testdir; do 138 log_must usr_exec $TOUCH $testfile 139 log_must usr_exec $MKDIR $testdir 140 141 for func in $func_name; do 142 log_must eval "$func $node" 143 done 144 145 log_must usr_exec $RM -rf $testfile $testdir 146 done 147done 148 149log_pass "Verify illegal operating to ACL passed." 150