diff options
Diffstat (limited to 'sys/contrib/openzfs/tests/zfs-tests/tests/functional/limits/filesystem_limit.ksh')
-rwxr-xr-x | sys/contrib/openzfs/tests/zfs-tests/tests/functional/limits/filesystem_limit.ksh | 139 |
1 files changed, 139 insertions, 0 deletions
diff --git a/sys/contrib/openzfs/tests/zfs-tests/tests/functional/limits/filesystem_limit.ksh b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/limits/filesystem_limit.ksh new file mode 100755 index 000000000000..fbfc141be3e3 --- /dev/null +++ b/sys/contrib/openzfs/tests/zfs-tests/tests/functional/limits/filesystem_limit.ksh @@ -0,0 +1,139 @@ +#!/bin/ksh -p +# +# This file and its contents are supplied under the terms of the +# Common Development and Distribution License ("CDDL"), version 1.0. +# You may only use this file in accordance with the terms of version +# 1.0 of the CDDL. +# +# A full copy of the text of the CDDL should have accompanied this +# source. A copy of the CDDL is also available via the Internet at +# http://www.illumos.org/license/CDDL. +# + +# +# Copyright 2018, loli10K <ezomori.nozomu@gmail.com>. All rights reserved. +# + +. $STF_SUITE/include/libtest.shlib +. $STF_SUITE/tests/functional/delegate/delegate_common.kshlib + +# +# DESCRIPTION: +# ZFS 'filesystem_limit' is enforced when executing various actions +# NOTE: the limit should *not* be enforced if the user is allowed to change it. +# +# STRATEGY: +# 1. Verify 'zfs create' and 'zfs clone' cannot exceed the filesystem_limit +# 2. Verify 'zfs rename' cannot move filesystems exceeding the limit +# 3. Verify 'zfs receive' cannot exceed the limit +# + +verify_runnable "both" + +# +# The has_capability() function was first exported in the 4.10 Linux kernel +# then backported to some LTS kernels. Prior to this change there was no +# mechanism to perform the needed permission check. Therefore, this test +# is expected to fail on older kernels and is skipped. +# +if is_linux; then + if [[ $(linux_version) -lt $(linux_version "4.10") ]]; then + log_unsupported "Requires has_capability() kernel function" + fi +fi + +function setup +{ + # We can't delegate 'mount' privs under Linux: to avoid issues with + # commands that may need to (re)mount datasets we set mountpoint=none + if is_linux; then + log_must zfs create -o mountpoint=none "$DATASET_TEST" + log_must zfs create -o mountpoint=none "$DATASET_UTIL" + else + log_must zfs create "$DATASET_TEST" + log_must zfs create "$DATASET_UTIL" + fi + if is_freebsd; then + # Ensure our non-root user has the permission to create the + # mountpoints and mount the filesystems. + sysctl vfs.usermount=1 + log_must chmod 777 $(get_prop mountpoint "$DATASET_TEST") + log_must chmod 777 $(get_prop mountpoint "$DATASET_UTIL") + fi + log_must zfs allow -d -l $STAFF1 'create,mount,rename,clone,receive' \ + "$DATASET_TEST" + log_must zfs allow -d -l $STAFF1 'create,mount,rename,clone,receive' \ + "$DATASET_UTIL" +} + +function cleanup +{ + if is_freebsd; then + sysctl vfs.usermount=0 + fi + destroy_dataset "$DATASET_TEST" "-Rf" + destroy_dataset "$DATASET_UTIL" "-Rf" + rm -f $ZSTREAM +} + +log_assert "Verify 'filesystem_limit' is enforced executing various actions" +log_onexit cleanup + +DATASET_TEST="$TESTPOOL/$TESTFS/filesystem_limit_test" +DATASET_UTIL="$TESTPOOL/$TESTFS/filesystem_limit_util" +ZSTREAM="$TEST_BASE_DIR/filesystem_limit.$$" + +# 1. Verify 'zfs create' and 'zfs clone' cannot exceed the filesystem_limit +setup +# NOTE: we allow 'canmount' to the non-root user so we can use 'log_must' with +# 'user_run zfs create -o canmount=off' successfully +log_must zfs allow -d -l $STAFF1 'canmount' "$DATASET_TEST" +log_must zfs set filesystem_limit=1 "$DATASET_TEST" +log_must user_run $STAFF1 zfs create -o canmount=off "$DATASET_TEST/create" +log_mustnot user_run $STAFF1 zfs create -o canmount=off "$DATASET_TEST/create_exceed" +log_mustnot datasetexists "$DATASET_TEST/create_exceed" +log_must zfs set filesystem_limit=2 "$DATASET_TEST" +log_must zfs snapshot "$DATASET_TEST/create@snap" +log_must user_run $STAFF1 zfs clone -o canmount=off "$DATASET_TEST/create@snap" "$DATASET_TEST/clone" +log_mustnot user_run $STAFF1 zfs clone -o canmount=off "$DATASET_TEST/create@snap" "$DATASET_TEST/clone_exceed" +log_mustnot datasetexists "$DATASET_TEST/clone_exceed" +log_must test "$(get_prop 'filesystem_count' "$DATASET_TEST")" == "2" +# Verify filesystem_limit is *not* enforced for users allowed to change it +log_must zfs create "$DATASET_TEST/create_notenforced_root" +log_must zfs allow -l $STAFF1 'filesystem_limit' "$DATASET_TEST" +log_must user_run $STAFF1 zfs create -o canmount=off "$DATASET_TEST/create_notenforced_user" +log_must test "$(get_prop 'filesystem_count' "$DATASET_TEST")" == "4" +cleanup + +# 2. Verify 'zfs rename' cannot move filesystems exceeding the limit +setup +log_must zfs set filesystem_limit=0 "$DATASET_UTIL" +log_must zfs create "$DATASET_TEST/rename" +log_mustnot user_run $STAFF1 zfs rename "$DATASET_TEST/rename" "$DATASET_UTIL/renamed" +log_mustnot datasetexists "$DATASET_UTIL/renamed" +log_must test "$(get_prop 'filesystem_count' "$DATASET_UTIL")" == "0" +# Verify filesystem_limit is *not* enforced for users allowed to change it +log_must zfs rename "$DATASET_TEST/rename" "$DATASET_UTIL/renamed_notenforced_root" +log_must zfs rename "$DATASET_UTIL/renamed_notenforced_root" "$DATASET_TEST/rename" +log_must zfs allow -l $STAFF1 'filesystem_limit' "$DATASET_UTIL" +log_must user_run $STAFF1 zfs rename "$DATASET_TEST/rename" "$DATASET_UTIL/renamed_notenforced_user" +log_must datasetexists "$DATASET_UTIL/renamed_notenforced_user" +cleanup + +# 3. Verify 'zfs receive' cannot exceed the limit +setup +log_must zfs set filesystem_limit=0 "$DATASET_TEST" +log_must zfs create "$DATASET_UTIL/send" +log_must zfs snapshot "$DATASET_UTIL/send@snap1" +log_must eval "zfs send $DATASET_UTIL/send@snap1 > $ZSTREAM" +log_mustnot user_run $STAFF1 eval "zfs receive $DATASET_TEST/received < $ZSTREAM" +log_mustnot datasetexists "$DATASET_TEST/received" +log_must test "$(get_prop 'filesystem_count' "$DATASET_TEST")" == "0" +# Verify filesystem_limit is *not* enforced for users allowed to change it +log_must eval "zfs receive $DATASET_TEST/received < $ZSTREAM" +log_must zfs destroy -r "$DATASET_TEST/received" +log_must zfs allow -l $STAFF1 'filesystem_limit' "$DATASET_TEST" +log_must user_run $STAFF1 eval "zfs receive $DATASET_TEST/received < $ZSTREAM" +log_must datasetexists "$DATASET_TEST/received" + +log_pass "'filesystem_limit' property is enforced" |