projects / mirror_zfs.git / blame
| Commit | Line | Data |
|---|---|---|
| 6bb24f4d BB |
1 | #!/bin/ksh -p |
| 2 | # | |
| 3 | # CDDL HEADER START | |
| 4 | # | |
| 5 | # The contents of this file are subject to the terms of the | |
| 6 | # Common Development and Distribution License (the "License"). | |
| 7 | # You may not use this file except in compliance with the License. | |
| 8 | # | |
| 9 | # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE | |
| 10 | # or http://www.opensolaris.org/os/licensing. | |
| 11 | # See the License for the specific language governing permissions | |
| 12 | # and limitations under the License. | |
| 13 | # | |
| 14 | # When distributing Covered Code, include this CDDL HEADER in each | |
| 15 | # file and include the License file at usr/src/OPENSOLARIS.LICENSE. | |
| 16 | # If applicable, add the following below this CDDL HEADER, with the | |
| 17 | # fields enclosed by brackets "[]" replaced with your own identifying | |
| 18 | # information: Portions Copyright [yyyy] [name of copyright owner] | |
| 19 | # | |
| 20 | # CDDL HEADER END | |
| 21 | # | |
| 22 | ||
| 23 | # | |
| 24 | # Copyright 2007 Sun Microsystems, Inc. All rights reserved. | |
| 25 | # Use is subject to license terms. | |
| 26 | # | |
| 27 | ||
| 28 | # | |
| c1d9abf9 | 29 | # Copyright (c) 2013, 2016 by Delphix. All rights reserved. |
| 6bb24f4d BB |
30 | # |
| 31 | ||
| 32 | . $STF_SUITE/tests/functional/delegate/delegate_common.kshlib | |
| 33 | ||
| 34 | # | |
| 35 | # DESCRIPTION: | |
| 36 | # Scan all permissions one by one to verify privileged user | |
| 37 | # can not use permissions properly when delegation property is set off | |
| 38 | # | |
| 39 | # STRATEGY: | |
| 40 | # 1. Delegate all the permission one by one to user on dataset. | |
| 41 | # 2. Verify privileged user can not use permissions properly when | |
| 42 | # delegation property is off | |
| 43 | # | |
| 44 | ||
| 45 | verify_runnable "global" | |
| 46 | ||
| 47 | function cleanup | |
| 48 | { | |
| c1d9abf9 | 49 | log_must zpool set delegation=on $TESTPOOL |
| 6bb24f4d BB |
50 | log_must restore_root_datasets |
| 51 | } | |
| 52 | ||
| 53 | log_assert "Verify privileged user can not use permissions properly when " \ | |
| 54 | "delegation property is set off" | |
| 55 | log_onexit cleanup | |
| 56 | ||
| 57 | ||
| f74b821a BB |
58 | if is_linux; then |
| 59 | set -A perms create snapshot mount send allow quota reservation \ | |
| 60 | recordsize mountpoint checksum compression canmount atime \ | |
| 61 | devices exec volsize setuid readonly snapdir userprop \ | |
| 50c957f7 | 62 | rollback clone rename promote dnodesize \ |
| f74b821a | 63 | zoned xattr receive destroy |
| 7839c4b5 MM |
64 | elif is_freebsd; then |
| 65 | set -A perms create snapshot mount send allow quota reservation \ | |
| 66 | recordsize mountpoint checksum compression canmount atime \ | |
| 67 | devices exec volsize setuid readonly snapdir userprop \ | |
| 68 | aclmode aclinherit rollback clone rename promote dnodesize \ | |
| 69 | zoned receive destroy | |
| f74b821a | 70 | else |
| 6bb24f4d BB |
71 | set -A perms create snapshot mount send allow quota reservation \ |
| 72 | recordsize mountpoint checksum compression canmount atime \ | |
| 73 | devices exec volsize setuid readonly snapdir userprop \ | |
| 50c957f7 | 74 | aclmode aclinherit rollback clone rename promote dnodesize \ |
| 6bb24f4d | 75 | zoned xattr receive destroy sharenfs share |
| f74b821a | 76 | fi |
| 6bb24f4d | 77 | |
| c1d9abf9 | 78 | log_must zpool set delegation=off $TESTPOOL |
| 6bb24f4d BB |
79 | |
| 80 | for dtst in $DATASETS; do | |
| 81 | typeset -i i=0 | |
| 82 | while (( i < ${#perms[@]} )); do | |
| 83 | ||
| c1d9abf9 | 84 | log_must zfs allow $STAFF1 ${perms[$i]} $dtst |
| 6bb24f4d BB |
85 | log_must verify_noperm $dtst ${perms[$i]} $STAFF1 |
| 86 | ||
| 87 | log_must restore_root_datasets | |
| 88 | ((i += 1)) | |
| 89 | done | |
| 90 | done | |
| 91 | ||
| 92 | log_pass "Verify privileged user can not use permissions properly when " \ | |
| 93 | "delegation property is set off" |