]> git.proxmox.com Git - mirror_zfs.git/blob - tests/zfs-tests/tests/functional/delegate/zfs_allow_010_pos.ksh
projects / mirror_zfs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update ZTS to work on FreeBSD
[mirror_zfs.git] / tests / zfs-tests / tests / functional / delegate / zfs_allow_010_pos.ksh
1 #!/bin/ksh -p
2 #
3 # CDDL HEADER START
4 #
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
8 #
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
13 #
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
19 #
20 # CDDL HEADER END
21 #
22
23 #
24 # Copyright 2007 Sun Microsystems, Inc. All rights reserved.
25 # Use is subject to license terms.
26 #
27
28 #
29 # Copyright (c) 2013, 2016 by Delphix. All rights reserved.
30 #
31
32 . $STF_SUITE/tests/functional/delegate/delegate_common.kshlib
33
34 #
35 # DESCRIPTION:
36 # Scan the following permissions one by one to verify privileged user
37 # has correct permission delegation in datasets.
38 #
39 # STRATEGY:
40 # 1. Delegate all the permission one by one to user on dataset.
41 # 2. Verify privileged user has correct permission without any other
42 # permissions allowed.
43 #
44
45 verify_runnable "both"
46
47 log_assert "Verify privileged user has correct permissions once which was "\
48 "delegated to him in datasets"
49 log_onexit restore_root_datasets
50
51 if is_linux; then
52 #
53 # Results in Results in
54 # Permission Filesystem Volume
55 #
56 # Removed for Linux:
57 # - mount - mount(8) does not permit non-superuser mounts
58 # - mountpoint - mount(8) does not permit non-superuser mounts
59 # - canmount - mount(8) does not permit non-superuser mounts
60 # - rename - mount(8) does not permit non-superuser mounts
61 # - zoned - zones are not supported
62 # - destroy - umount(8) does not permit non-superuser umounts
63 # - sharenfs - sharing requires superuser privileges
64 # - share - sharing requires superuser privileges
65 # - readonly - mount(8) does not permit non-superuser remounts
66 #
67 set -A perms create true false \
68 snapshot true true \
69 send true true \
70 allow true true \
71 quota true false \
72 reservation true true \
73 dnodesize true false \
74 recordsize true false \
75 checksum true true \
76 compression true true \
77 atime true false \
78 devices true false \
79 exec true false \
80 volsize false true \
81 setuid true false \
82 snapdir true false \
83 userprop true true \
84 aclinherit true false \
85 rollback true true \
86 clone true true \
87 promote true true \
88 xattr true false \
89 receive true false
90
91 elif is_freebsd; then
92 # Results in Results in
93 # Permission Filesystem Volume
94 #
95 # Removed for FreeBSD
96 # - zoned - zones are not supported
97 # - sharenfs - sharing requires superuser privileges
98 # - share - sharing requires superuser privileges
99 # - xattr - Not supported on FreeBSD
100 #
101 set -A perms create true false \
102 snapshot true true \
103 mount true false \
104 send true true \
105 allow true true \
106 quota true false \
107 reservation true true \
108 dnodesize true false \
109 recordsize true false \
110 mountpoint true false \
111 checksum true true \
112 compression true true \
113 canmount true false \
114 atime true false \
115 devices true false \
116 exec true false \
117 volsize false true \
118 setuid true false \
119 readonly true true \
120 snapdir true false \
121 userprop true true \
122 aclmode true false \
123 aclinherit true false \
124 rollback true true \
125 clone true true \
126 rename true true \
127 promote true true \
128 receive true false \
129 destroy true true
130
131 else
132
133 set -A perms create true false \
134 snapshot true true \
135 mount true false \
136 send true true \
137 allow true true \
138 quota true false \
139 reservation true true \
140 dnodesize true false \
141 recordsize true false \
142 mountpoint true false \
143 checksum true true \
144 compression true true \
145 canmount true false \
146 atime true false \
147 devices true false \
148 exec true false \
149 volsize false true \
150 setuid true false \
151 readonly true true \
152 snapdir true false \
153 userprop true true \
154 aclmode true false \
155 aclinherit true false \
156 rollback true true \
157 clone true true \
158 rename true true \
159 promote true true \
160 zoned true false \
161 xattr true false \
162 receive true false \
163 destroy true true
164
165 if is_global_zone; then
166 typeset -i n=${#perms[@]}
167 perms[((n))]="sharenfs"; perms[((n+1))]="true"; perms[((n+2))]="false"
168 perms[((n+3))]="share"; perms[((n+4))]="true"; perms[((n+5))]="false"
169 fi
170 fi
171
172 for dtst in $DATASETS; do
173 typeset -i k=1
174 typeset type=$(get_prop type $dtst)
175 [[ $type == "volume" ]] && k=2
176
177 typeset -i i=0
178 while (( i < ${#perms[@]} )); do
179 log_must zfs allow $STAFF1 ${perms[$i]} $dtst
180
181 if [[ ${perms[((i+k))]} == "true" ]]; then
182 log_must verify_perm $dtst ${perms[$i]} $STAFF1
183 else
184 log_must verify_noperm $dtst ${perms[$i]} $STAFF1
185 fi
186
187 log_must restore_root_datasets
188
189 ((i += 3))
190 done
191 done
192
193 log_pass "Verify privileged user has correct permissions " \
194 "in datasets passed."
ZFS On Linux mirror for PVE