1#!/bin/ksh -p 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22 23# 24# Copyright 2010 Sun Microsystems, Inc. All rights reserved. 25# 26 27# 28# ID: acl_004 29# 30# DESCRIPTION: 31# Verify we can modify an ACL (add $TUSER1) 32# 33# STRATEGY: 34# 1. run "mount -F smbfs //$TUSER@..." $TMNT 35# 2. run "mount -F smbfs //$TUSER1@..." $TMNT2 36# 3. create a file, as $TUSER 37# 4. create file2, as $TUSER1 and get owner UID 38# 5. chmod A+user:$TUSER1@:rxaRcs::allow file 39# 6. verify $TUSER1 ACE is there 40# 41 42. $STF_SUITE/include/libtest.ksh 43 44tc_id="acl004" 45tc_desc="Verify we can modify an ACL (add user ACE)" 46print_test_case $tc_id - $tc_desc 47 48if [[ $STC_CIFS_CLIENT_DEBUG == 1 ]] || \ 49 [[ *:${STC_CIFS_CLIENT_DEBUG}:* == *:$tc_id:* ]]; then 50 set -x 51fi 52 53server=$(server_name) || return 54 55smbmount_clean $TMNT 56smbmount_clean $TMNT2 57 58smbmount_init $TMNT 59smbmount_init $TMNT2 60 61# 1. run "mount -F smbfs //$TUSER@..." $TMNT 62 63cmd="mount -F smbfs -oacl //$TUSER:$TPASS@$server/public $TMNT" 64cti_execute -i '' FAIL $cmd 65if [[ $? != 0 ]]; then 66 cti_fail "FAIL: $cmd" 67 return 68else 69 cti_report "PASS: $cmd" 70fi 71 72# Require that the mount supports ACLs 73smbmount_getmntopts $TMNT |grep /acl/ >/dev/null 74if [[ $? != 0 ]]; then 75 smbmount_clean $TMNT 76 cti_unsupported "UNSUPPORTED (no ACLs in this mount)" 77 return 78fi 79 80# 2. run "mount -F smbfs //$TUSER1@..." $TMNT2 81 82cmd="mount -F smbfs -oacl //$TUSER1:$TPASS@$server/public $TMNT2" 83cti_execute -i '' FAIL $cmd 84if [[ $? != 0 ]]; then 85 cti_fail "FAIL: $cmd" 86 smbmount_clean $TMNT 87 return 88else 89 cti_report "PASS: $cmd" 90fi 91 92# 3. create a file, as $TUSER 93 94cmd="cp /etc/passwd $TMNT/$tc_id" 95cti_execute_cmd $cmd 96if [[ $? != 0 ]]; then 97 cti_fail "FAIL: $cmd" 98 smbmount_clean $TMNT 99 smbmount_clean $TMNT2 100 return 101fi 102cmd="ls -V $TMNT/$tc_id" 103cti_execute_cmd $cmd 104if [[ $? != 0 ]]; then 105 cti_fail "FAIL: $cmd" 106 smbmount_clean $TMNT 107 smbmount_clean $TMNT2 108 return 109fi 110tail +2 cti_stdout > acl_save 111 112# 4. create a file, as $TUSER1 and get owner UID 113 114cmd="touch $TMNT2/${tc_id}B" 115cti_execute_cmd $cmd 116if [[ $? != 0 ]]; then 117 cti_fail "FAIL: $cmd" 118 smbmount_clean $TMNT 119 smbmount_clean $TMNT2 120 return 121fi 122cmd="ls -V $TMNT/${tc_id}B" 123cti_execute_cmd $cmd 124if [[ $? != 0 ]]; then 125 cti_fail "FAIL: $cmd" 126 smbmount_clean $TMNT 127 smbmount_clean $TMNT2 128 return 129fi 130# Get the ephemereal UID and GID for $TUSER1 131read mode cnt uid gid junk < cti_stdout 132cti_execute_cmd "rm $TMNT2/${tc_id}B" 133 134# 5. chmod A+user:$TUSER1@:rxaRcs::allow file 135 136cmd="chmod A+user:${uid}:rxaRcs::allow $TMNT/$tc_id" 137cti_execute_cmd $cmd 138if [[ $? != 0 ]]; then 139 cti_fail "FAIL: $cmd" 140 smbmount_clean $TMNT 141 smbmount_clean $TMNT2 142 return 143fi 144 145# 6. verify $TUSER1 ACE is there 146 147cmd="ls -V $TMNT/$tc_id" 148cti_execute_cmd $cmd 149if [[ $? != 0 ]]; then 150 cti_fail "FAIL: $cmd" 151 smbmount_clean $TMNT 152 smbmount_clean $TMNT2 153 return 154fi 155tail +2 cti_stdout > acl_test 156 157# The new ACL should be different... 158cmd="diff acl_save acl_test" 159cti_execute_cmd $cmd 160if [[ $? == 0 ]]; then 161 cti_fail "FAIL: ACL should have changed" 162 smbmount_clean $TMNT 163 smbmount_clean $TMNT2 164 return 165fi 166 167# The new ACL should contain $uid 168grep " user:${uid}:" acl_test >/dev/null 169if [[ $? != 0 ]]; then 170 cti_fail "FAIL: did not find new ACE" 171 smbmount_clean $TMNT 172 smbmount_clean $TMNT2 173 return 174fi 175 176cti_execute_cmd "rm $TMNT/$tc_id" 177smbmount_clean $TMNT 178smbmount_clean $TMNT2 179 180cti_pass "${tc_id}: PASS" 181