#! /usr/bin/ksh # # # This file and its contents are supplied under the terms of the # Common Development and Distribution License ("CDDL"), version 1.0. # You may only use this file in accordance with the terms of version # 1.0 of the CDDL. # # A full copy of the text of the CDDL should have accompanied this # source. A copy of the CDDL is also available via the Internet at # http://www.illumos.org/license/CDDL. # # Copyright 2015, Richard Lowe. # Verify that zones can be configured with security-flags LC_ALL=C # Collation is important expect_success() { name=$1 (echo "create -b"; echo "set zonepath=/$name.$$"; cat /dev/stdin; echo "verify"; echo "commit"; echo "exit") | zonecfg -z $name.$$ > out.$$ 2>&1 r=$? zonecfg -z $name.$$ delete -F if (($r != 0)); then printf "%s: FAIL\n" $name cat out.$$ rm out.$$ return 1 else rm out.$$ printf "%s: PASS\n" $name return 0 fi } expect_fail() { name=$1 expect=$2 (echo "create -b"; echo "set zonepath=/$name.$$"; cat /dev/stdin; echo "verify"; echo "commit"; echo "exit") | zonecfg -z $name.$$ > out.$$ 2>&1 r=$? # Ideally will fail, since we don't want the create to have succeeded. zonecfg -z $name.$$ delete -F >/dev/null 2>&1 if (($r == 0)); then printf "%s: FAIL (succeeded)\n" $name rm out.$$ return 1 else grep -q "$expect" out.$$ if (( $? != 0 )); then printf "%s: FAIL (error didn't match)\n" $name echo "Wanted:" echo " $expect" echo "Got:" sed -e 's/^/ /' out.$$ rm out.$$ return 1; else rm out.$$ printf "%s: PASS\n" $name return 0 fi fi } ret=0 expect_success valid-no-config <