[mirror_zfs.git] / tests / zfs-tests / tests / functional / acl / posix / posix_001_pos.ksh

#!/bin/ksh -p
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#

#
# Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#

. $STF_SUITE/include/libtest.shlib

#
# Copyright (c) 2012 by Delphix. All rights reserved.
#

#
# DESCRIPTION:
#	Verify that user can access file/directory if acltype=posixacl.
#
# STRATEGY:
#	1. Test access to file (mode=rw-)
#	   a. Can modify file
#	   b. Can't create new file
#	   b. Can't execute file
#

verify_runnable "both"
log_assert "Verify acltype=posixacl works on file"

# Test access to FILE
log_note "Testing access to FILE"
log_must touch $TESTDIR/file.0
log_must setfacl -m g:$ZFS_ACL_STAFF_GROUP:rw $TESTDIR/file.0
getfacl $TESTDIR/file.0 2> /dev/null | egrep -q "^group:$ZFS_ACL_STAFF_GROUP:rw-$"
if [ "$?" -eq "0" ]; then
	# Should be able to write to file
	log_must user_run $ZFS_ACL_STAFF1 "echo 'echo test > /dev/null' > $TESTDIR/file.0"

	# Should NOT be able to create new file
	log_mustnot user_run $ZFS_ACL_STAFF1 "touch $TESTDIR/file.1"

	# Root should be able to run file, but not user
	chmod +x $TESTDIR/file.0
	log_must $TESTDIR/file.0
	log_mustnot user_run $ZFS_ACL_STAFF1 $TESTDIR/file.0

	log_pass "POSIX ACL mode works on files"
else
	log_fail "Group '$ZFS_ACL_STAFF_GROUP' does not have 'rw' as specified"
fi
Commit	Line	Data
6bb24f4d BB	1	#!/bin/ksh -p
	2	#
	3	# CDDL HEADER START
	4	#
	5	# The contents of this file are subject to the terms of the
	6	# Common Development and Distribution License (the "License").
	7	# You may not use this file except in compliance with the License.
	8	#
	9	# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
	10	# or http://www.opensolaris.org/os/licensing.
	11	# See the License for the specific language governing permissions
	12	# and limitations under the License.
	13	#
	14	# When distributing Covered Code, include this CDDL HEADER in each
	15	# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
	16	# If applicable, add the following below this CDDL HEADER, with the
	17	# fields enclosed by brackets "[]" replaced with your own identifying
	18	# information: Portions Copyright [yyyy] [name of copyright owner]
	19	#
	20	# CDDL HEADER END
	21	#
	22
	23	#
	24	# Copyright 2008 Sun Microsystems, Inc. All rights reserved.
	25	# Use is subject to license terms.
	26	#
	27
	28	. $STF_SUITE/include/libtest.shlib
	29
	30	#
	31	# Copyright (c) 2012 by Delphix. All rights reserved.
	32	#
	33
	34	#
	35	# DESCRIPTION:
	36	# Verify that user can access file/directory if acltype=posixacl.
	37	#
	38	# STRATEGY:
	39	# 1. Test access to file (mode=rw-)
	40	# a. Can modify file
	41	# b. Can't create new file
	42	# b. Can't execute file
	43	#
	44
	45	verify_runnable "both"
	46	log_assert "Verify acltype=posixacl works on file"
	47
	48	# Test access to FILE
	49	log_note "Testing access to FILE"
c1d9abf9	50	log_must touch $TESTDIR/file.0
9c3dcab5 GM	51	log_must setfacl -m g:$ZFS_ACL_STAFF_GROUP:rw $TESTDIR/file.0
9c3dcab5 GM	52	getfacl $TESTDIR/file.0 2> /dev/null \| egrep -q "^group:$ZFS_ACL_STAFF_GROUP:rw-$"
6bb24f4d BB	53	if [ "$?" -eq "0" ]; then
6bb24f4d BB	54	# Should be able to write to file
9c3dcab5	55	log_must user_run $ZFS_ACL_STAFF1 "echo 'echo test > /dev/null' > $TESTDIR/file.0"
6bb24f4d BB	56
6bb24f4d BB	57	# Should NOT be able to create new file
9c3dcab5	58	log_mustnot user_run $ZFS_ACL_STAFF1 "touch $TESTDIR/file.1"
6bb24f4d BB	59
	60	# Root should be able to run file, but not user
	61	chmod +x $TESTDIR/file.0
	62	log_must $TESTDIR/file.0
9c3dcab5	63	log_mustnot user_run $ZFS_ACL_STAFF1 $TESTDIR/file.0
6bb24f4d BB	64
	65	log_pass "POSIX ACL mode works on files"
	66	else
9c3dcab5	67	log_fail "Group '$ZFS_ACL_STAFF_GROUP' does not have 'rw' as specified"
6bb24f4d	68	fi