diff options
Diffstat (limited to 'sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix')
4 files changed, 44 insertions, 55 deletions
diff --git a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/Makefile.am b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/Makefile.am deleted file mode 100644 index e63f63185afe..000000000000 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/Makefile.am +++ /dev/null @@ -1,8 +0,0 @@ -pkgdatadir = $(datadir)/@PACKAGE@/zfs-tests/tests/functional/acl/posix -dist_pkgdata_SCRIPTS = \ - cleanup.ksh \ - setup.ksh \ - posix_001_pos.ksh \ - posix_002_pos.ksh \ - posix_003_pos.ksh \ - posix_004_pos.ksh diff --git a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_001_pos.ksh b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_001_pos.ksh index d62bf9c346b6..65c15388cf20 100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_001_pos.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_001_pos.ksh @@ -57,41 +57,41 @@ log_onexit cleanup log_note "Testing access to FILE" log_must touch $TESTDIR/file.0 log_must setfacl -m g:$ZFS_ACL_STAFF_GROUP:rw $TESTDIR/file.0 -getfacl $TESTDIR/file.0 2> /dev/null | egrep -q \ - "^group:$ZFS_ACL_STAFF_GROUP:rw-$" -if [ "$?" -eq "0" ]; then - # Should be able to write to file - log_must user_run $ZFS_ACL_STAFF1 \ - "echo 'echo test > /dev/null' > $TESTDIR/file.0" +if ! getfacl $TESTDIR/file.0 2> /dev/null | + grep -qFx "group:$ZFS_ACL_STAFF_GROUP:rw-" +then + log_note "$(getfacl $TESTDIR/file.0 2> /dev/null)" + log_fail "Group '$ZFS_ACL_STAFF_GROUP' does not have 'rw' as specified" +fi - # Since $TESTDIR is 777, create a new dir with controlled permissions - # for testing that creating a new file is not allowed. - log_must mkdir $TESTDIR/dir.0 - log_must chmod 700 $TESTDIR/dir.0 - log_must setfacl -m g:$ZFS_ACL_STAFF_GROUP:rw $TESTDIR/dir.0 - # Confirm permissions - ls -l $TESTDIR |grep "dir.0" |grep -q "drwxrw----+" - if [ "$?" -ne "0" ]; then - msk=$(ls -l $TESTDIR |grep "dir.0" | awk '{print $1}') - log_note "expected mask drwxrw----+ but found $msk" - log_fail "Expected permissions were not set." - fi - getfacl $TESTDIR/dir.0 2> /dev/null | egrep -q \ - "^group:$ZFS_ACL_STAFF_GROUP:rw-$" - if [ "$?" -ne "0" ]; then - acl=$(getfacl $TESTDIR/dir.0 2> /dev/null) - log_note $acl - log_fail "ACL group:$ZFS_ACL_STAFF_GROUP:rw- was not set." - fi - # Should NOT be able to create new file - log_mustnot user_run $ZFS_ACL_STAFF1 "touch $TESTDIR/dir.0/file.1" +# Should be able to write to file +log_must user_run $ZFS_ACL_STAFF1 \ + "echo 'echo test > /dev/null' > $TESTDIR/file.0" - # Root should be able to run file, but not user - chmod +x $TESTDIR/file.0 - log_must $TESTDIR/file.0 - log_mustnot user_run $ZFS_ACL_STAFF1 $TESTDIR/file.0 +# Since $TESTDIR is 777, create a new dir with controlled permissions +# for testing that creating a new file is not allowed. +log_must mkdir $TESTDIR/dir.0 +log_must chmod 700 $TESTDIR/dir.0 +log_must setfacl -m g:$ZFS_ACL_STAFF_GROUP:rw $TESTDIR/dir.0 +# Confirm permissions +msk=$(ls -ld $TESTDIR/dir.0 | awk '{print $1}') +if ! [ "$msk" = "drwxrw----+" ]; then + log_note "expected mask drwxrw----+ but found $msk" + log_fail "Expected permissions were not set." +fi - log_pass "POSIX ACL mode works on files" -else - log_fail "Group '$ZFS_ACL_STAFF_GROUP' does not have 'rw' as specified" +if ! getfacl $TESTDIR/dir.0 2> /dev/null | + grep -qFx "group:$ZFS_ACL_STAFF_GROUP:rw-" +then + log_note "$(getfacl $TESTDIR/dir.0 2> /dev/null)" + log_fail "ACL group:$ZFS_ACL_STAFF_GROUP:rw- was not set." fi +# Should NOT be able to create new file +log_mustnot user_run $ZFS_ACL_STAFF1 "touch $TESTDIR/dir.0/file.1" + +# Root should be able to run file, but not user +chmod +x $TESTDIR/file.0 +log_must $TESTDIR/file.0 +log_mustnot user_run $ZFS_ACL_STAFF1 $TESTDIR/file.0 + +log_pass "POSIX ACL mode works on files" diff --git a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_002_pos.ksh b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_002_pos.ksh index d9b5036458f8..ac718ec58897 100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_002_pos.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_002_pos.ksh @@ -53,15 +53,14 @@ log_must mkdir $TESTDIR/dir.0 log_must chmod 700 $TESTDIR/dir.0 log_must setfacl -m g:$ZFS_ACL_STAFF_GROUP:wx $TESTDIR/dir.0 # Confirm permissions -ls -l $TESTDIR |grep "dir.0" |grep -q "drwx-wx---+" -if [ "$?" -ne "0" ]; then - msk=$(ls -l $TESTDIR |grep "dir.0" | awk '{print $1}') +if ! ls -l $TESTDIR | grep "dir.0" | grep -q "drwx-wx---+"; then + msk=$(ls -l $TESTDIR | awk '/dir.0/ {print $1}') log_note "expected mask drwx-wx---+ but found $msk" log_fail "Expected permissions were not set." fi -getfacl $TESTDIR/dir.0 2> /dev/null | egrep -q \ - "^group:$ZFS_ACL_STAFF_GROUP:-wx$" -if [ "$?" -eq "0" ]; then +if getfacl $TESTDIR/dir.0 2> /dev/null | + grep -q "^group:$ZFS_ACL_STAFF_GROUP:-wx$" +then # Should be able to create file in directory log_must user_run $ZFS_ACL_STAFF1 "touch $TESTDIR/dir.0/file.0" diff --git a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_003_pos.ksh b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_003_pos.ksh index 1b04a024f2ad..bdd77bd37603 100755 --- a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_003_pos.ksh +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/acl/posix/posix_003_pos.ksh @@ -43,16 +43,14 @@ log_note "Testing access to DIRECTORY" log_must mkdir $ACLDIR log_must setfacl -m g:$ZFS_ACL_STAFF_GROUP:wx $ACLDIR log_must setfacl -d -m g:$ZFS_ACL_STAFF_GROUP:wx $ACLDIR -getfacl $ACLDIR 2> /dev/null | egrep -q "$acl_str1" -if [ "$?" -eq "0" ]; then - getfacl $ACLDIR 2> /dev/null | egrep -q "$acl_str2" -fi -if [ "$?" -eq "0" ]; then +if getfacl $ACLDIR 2> /dev/null | grep -q "$acl_str1" && + getfacl $ACLDIR 2> /dev/null | grep -q "$acl_str2" +then log_must zfs unmount $TESTPOOL/$TESTFS log_must zfs mount $TESTPOOL/$TESTFS - log_must eval "getfacl $ACLDIR 2> /dev/null | egrep -q \"$acl_str1\"" - log_must eval "getfacl $ACLDIR 2> /dev/null | egrep -q \"$acl_str2\"" + log_must eval "getfacl $ACLDIR 2> /dev/null | grep -q \"$acl_str1\"" + log_must eval "getfacl $ACLDIR 2> /dev/null | grep -q \"$acl_str2\"" log_pass "POSIX ACLs survive remount" else log_fail "Group '$ZFS_ACL_STAFF_GROUP' does not have 'rwx'" |