]>
Commit | Line | Data |
---|---|---|
6bb24f4d BB |
1 | #!/bin/ksh -p |
2 | # | |
3 | # CDDL HEADER START | |
4 | # | |
5 | # The contents of this file are subject to the terms of the | |
6 | # Common Development and Distribution License (the "License"). | |
7 | # You may not use this file except in compliance with the License. | |
8 | # | |
9 | # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE | |
10 | # or http://www.opensolaris.org/os/licensing. | |
11 | # See the License for the specific language governing permissions | |
12 | # and limitations under the License. | |
13 | # | |
14 | # When distributing Covered Code, include this CDDL HEADER in each | |
15 | # file and include the License file at usr/src/OPENSOLARIS.LICENSE. | |
16 | # If applicable, add the following below this CDDL HEADER, with the | |
17 | # fields enclosed by brackets "[]" replaced with your own identifying | |
18 | # information: Portions Copyright [yyyy] [name of copyright owner] | |
19 | # | |
20 | # CDDL HEADER END | |
21 | # | |
22 | ||
23 | # | |
24 | # Copyright 2007 Sun Microsystems, Inc. All rights reserved. | |
25 | # Use is subject to license terms. | |
26 | # | |
27 | ||
28 | # | |
c1d9abf9 | 29 | # Copyright (c) 2013, 2016 by Delphix. All rights reserved. |
6bb24f4d BB |
30 | # |
31 | ||
32 | . $STF_SUITE/tests/functional/delegate/delegate_common.kshlib | |
33 | ||
34 | # | |
35 | # DESCRIPTION: | |
36 | # Scan all permissions one by one to verify privileged user | |
37 | # can not use permissions properly when delegation property is set off | |
38 | # | |
39 | # STRATEGY: | |
40 | # 1. Delegate all the permission one by one to user on dataset. | |
41 | # 2. Verify privileged user can not use permissions properly when | |
42 | # delegation property is off | |
43 | # | |
44 | ||
45 | verify_runnable "global" | |
46 | ||
47 | function cleanup | |
48 | { | |
c1d9abf9 | 49 | log_must zpool set delegation=on $TESTPOOL |
6bb24f4d BB |
50 | log_must restore_root_datasets |
51 | } | |
52 | ||
53 | log_assert "Verify privileged user can not use permissions properly when " \ | |
54 | "delegation property is set off" | |
55 | log_onexit cleanup | |
56 | ||
57 | ||
f74b821a BB |
58 | if is_linux; then |
59 | set -A perms create snapshot mount send allow quota reservation \ | |
60 | recordsize mountpoint checksum compression canmount atime \ | |
61 | devices exec volsize setuid readonly snapdir userprop \ | |
50c957f7 | 62 | rollback clone rename promote dnodesize \ |
f74b821a | 63 | zoned xattr receive destroy |
7839c4b5 MM |
64 | elif is_freebsd; then |
65 | set -A perms create snapshot mount send allow quota reservation \ | |
66 | recordsize mountpoint checksum compression canmount atime \ | |
67 | devices exec volsize setuid readonly snapdir userprop \ | |
68 | aclmode aclinherit rollback clone rename promote dnodesize \ | |
69 | zoned receive destroy | |
f74b821a | 70 | else |
6bb24f4d BB |
71 | set -A perms create snapshot mount send allow quota reservation \ |
72 | recordsize mountpoint checksum compression canmount atime \ | |
73 | devices exec volsize setuid readonly snapdir userprop \ | |
50c957f7 | 74 | aclmode aclinherit rollback clone rename promote dnodesize \ |
6bb24f4d | 75 | zoned xattr receive destroy sharenfs share |
f74b821a | 76 | fi |
6bb24f4d | 77 | |
c1d9abf9 | 78 | log_must zpool set delegation=off $TESTPOOL |
6bb24f4d BB |
79 | |
80 | for dtst in $DATASETS; do | |
81 | typeset -i i=0 | |
82 | while (( i < ${#perms[@]} )); do | |
83 | ||
c1d9abf9 | 84 | log_must zfs allow $STAFF1 ${perms[$i]} $dtst |
6bb24f4d BB |
85 | log_must verify_noperm $dtst ${perms[$i]} $STAFF1 |
86 | ||
87 | log_must restore_root_datasets | |
88 | ((i += 1)) | |
89 | done | |
90 | done | |
91 | ||
92 | log_pass "Verify privileged user can not use permissions properly when " \ | |
93 | "delegation property is set off" |