xref: /illumos-gate/usr/src/test/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_chmod_inherit_004_pos.ksh (revision b6805bf78d2bbbeeaea8909a05623587b42d58b3) 
1#!/bin/ksh -p
2#
3# CDDL HEADER START
4#
5# The contents of this file are subject to the terms of the
6# Common Development and Distribution License (the "License").
7# You may not use this file except in compliance with the License.
8#
9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10# or http://www.opensolaris.org/os/licensing.
11# See the License for the specific language governing permissions
12# and limitations under the License.
13#
14# When distributing Covered Code, include this CDDL HEADER in each
15# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16# If applicable, add the following below this CDDL HEADER, with the
17# fields enclosed by brackets "[]" replaced with your own identifying
18# information: Portions Copyright [yyyy] [name of copyright owner]
19#
20# CDDL HEADER END
21#
22
23#
24# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
25# Use is subject to license terms.
26#
27
28#
29# Copyright (c) 2012 by Delphix. All rights reserved.
30#
31
32. $STF_SUITE/tests/functional/acl/acl_common.kshlib
33
34#
35# DESCRIPTION:
36#	Verify aclinherit=passthrough-x will inherit the 'x' bits while mode request.
37#
38# STRATEGY:
39#	1. Loop super user and non-super user to run the test case.
40#	2. Create basedir and a set of subdirectores and files within it.
41#	3. Set aclinherit=passthrough-x
42#	4. Verify only passthrough-x will inherit the 'x' bits while mode request.
43#
44
45verify_runnable "both"
46
47function cleanup
48{
49	if [[ -d $basedir ]]; then
50		log_must $RM -rf $basedir
51	fi
52}
53$ZPOOL upgrade -v
54$ZPOOL upgrade -v | $GREP "passthrough-x aclinherit" > /dev/null 2>&1
55if (($? != 0)); then
56	log_unsupported "passthrough-x aclinherit not supported."
57fi
58
59log_assert "Verify aclinherit=passthrough-x will inherit the 'x' bits while" \
60    " mode request."
61log_onexit cleanup
62
63set -A aces \
64    "owner@:read_data/write_data/add_subdirectory/append_data/execute:dir_inherit/inherit_only:allow" \
65    "owner@:read_data/write_data/add_subdirectory/append_data/execute::allow" \
66    "group@:add_subdirectory/append_data/execute:dir_inherit/inherit_only:allow" \
67    "group@:add_subdirectory/append_data/execute::allow" \
68    "everyone@:add_subdirectory/append_data/execute:dir_inherit/inherit_only:allow" \
69    "everyone@:add_subdirectory/append_data/execute::allow" \
70    "owner@:read_data/write_data/add_subdirectory/append_data/execute:file_inherit/inherit_only:allow" \
71    "group@:read_data/add_subdirectory/append_data/execute:file_inherit/inherit_only:allow" \
72    "everyone@:read_data/add_subdirectory/append_data/execute:file_inherit/inherit_only:allow"
73
74# Defile the based directory and file
75basedir=$TESTDIR/basedir
76
77
78#
79# According to inherited flag, verify subdirectories and files within it has
80# correct inherited access control.
81#
82function verify_inherit # <object>
83{
84	typeset obj=$1
85
86	# Define the files and directories will be created after chmod
87	ndir1=$obj/ndir1; ndir2=$ndir1/ndir2
88	nfile1=$ndir1/nfile1.c; nfile2=$ndir1/nfile2
89
90	log_must usr_exec $MKDIR -p $ndir1
91
92	typeset -i i=0
93	while ((i < ${#aces[*]})); do
94		if ((i < 3)); then
95			log_must usr_exec $CHMOD A$i=${aces[i]} $ndir1
96		else
97			log_must usr_exec $CHMOD A$i+${aces[i]} $ndir1
98		fi
99		((i = i + 1))
100	done
101	log_must usr_exec $MKDIR -p $ndir2
102	log_must usr_exec $TOUCH $nfile1
103
104	$CAT > $nfile1 <<EOF
105#include <stdlib.h>
106#include <stdio.h>
107int main()
108{ return 0; }
109EOF
110
111	mode=$(get_mode $ndir2)
112	if [[ $mode != "drwx--x--x"* ]]; then
113		log_fail "Unexpect mode of $ndir2, expect: drwx--x--x, current: $mode"
114	fi
115
116	mode=$(get_mode $nfile1)
117	if [[ $mode != "-rw-r--r--"* ]]; then
118		log_fail "Unexpect mode of $nfile1, expect: -rw-r--r--, current: $mode"
119	fi
120
121	if [[ -x /usr/sfw/bin/gcc ]]; then
122		log_must /usr/sfw/bin/gcc -o $nfile2 $nfile1
123		mode=$(get_mode $nfile2)
124		if [[ $mode != "-rwxr-xr-x"* ]]; then
125			log_fail "Unexpect mode of $nfile2, expect: -rwxr-xr-x, current: $mode"
126		fi
127	fi
128}
129
130#
131# Set aclmode=passthrough to make sure
132# the acl will not change during chmod.
133# A general testing should verify the combination of
134# aclmode/aclinherit works well,
135# here we just simple test them separately.
136#
137
138log_must $ZFS set aclmode=passthrough $TESTPOOL/$TESTFS
139log_must $ZFS set aclinherit=passthrough-x $TESTPOOL/$TESTFS
140
141for user in root $ZFS_ACL_STAFF1; do
142	log_must set_cur_usr $user
143
144	verify_inherit $basedir
145
146	cleanup
147done
148
149log_pass "Verify aclinherit=passthrough-x will inherit the 'x' bits while mode request."
150