1d583b39bSJohn Wren Kennedy#
2d583b39bSJohn Wren Kennedy# CDDL HEADER START
3d583b39bSJohn Wren Kennedy#
4d583b39bSJohn Wren Kennedy# The contents of this file are subject to the terms of the
5d583b39bSJohn Wren Kennedy# Common Development and Distribution License (the "License").
6d583b39bSJohn Wren Kennedy# You may not use this file except in compliance with the License.
7d583b39bSJohn Wren Kennedy#
8d583b39bSJohn Wren Kennedy# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9d583b39bSJohn Wren Kennedy# or http://www.opensolaris.org/os/licensing.
10d583b39bSJohn Wren Kennedy# See the License for the specific language governing permissions
11d583b39bSJohn Wren Kennedy# and limitations under the License.
12d583b39bSJohn Wren Kennedy#
13d583b39bSJohn Wren Kennedy# When distributing Covered Code, include this CDDL HEADER in each
14d583b39bSJohn Wren Kennedy# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15d583b39bSJohn Wren Kennedy# If applicable, add the following below this CDDL HEADER, with the
16d583b39bSJohn Wren Kennedy# fields enclosed by brackets "[]" replaced with your own identifying
17d583b39bSJohn Wren Kennedy# information: Portions Copyright [yyyy] [name of copyright owner]
18d583b39bSJohn Wren Kennedy#
19d583b39bSJohn Wren Kennedy# CDDL HEADER END
20d583b39bSJohn Wren Kennedy#
21d583b39bSJohn Wren Kennedy
22d583b39bSJohn Wren Kennedy#
23d583b39bSJohn Wren Kennedy# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24d583b39bSJohn Wren Kennedy# Use is subject to license terms.
25d583b39bSJohn Wren Kennedy#
26d583b39bSJohn Wren Kennedy
271d32ba66SJohn Wren Kennedy#
28*2816c4acSJohn Wren Kennedy# Copyright (c) 2016, 2018 by Delphix. All rights reserved.
291d32ba66SJohn Wren Kennedy#
301d32ba66SJohn Wren Kennedy
31d583b39bSJohn Wren Kennedy. $STF_SUITE/tests/functional/acl/acl.cfg
32d583b39bSJohn Wren Kennedy. $STF_SUITE/include/libtest.shlib
33d583b39bSJohn Wren Kennedy
34d583b39bSJohn Wren Kennedy#
35d583b39bSJohn Wren Kennedy# Get the given file/directory access mode
36d583b39bSJohn Wren Kennedy#
37d583b39bSJohn Wren Kennedy# $1 object -- file or directroy
38d583b39bSJohn Wren Kennedy#
39d583b39bSJohn Wren Kennedyfunction get_mode #<obj>
40d583b39bSJohn Wren Kennedy{
41d583b39bSJohn Wren Kennedy	typeset obj=$1
42d583b39bSJohn Wren Kennedy	if (( ${#obj} == 0 )); then
43d583b39bSJohn Wren Kennedy		return 1
44d583b39bSJohn Wren Kennedy	fi
45d583b39bSJohn Wren Kennedy
461d32ba66SJohn Wren Kennedy	ls -ld $obj | awk '{print $1}'
47d583b39bSJohn Wren Kennedy}
48d583b39bSJohn Wren Kennedy
49d583b39bSJohn Wren Kennedy#
50d583b39bSJohn Wren Kennedy# Get the given file/directory ACL
51d583b39bSJohn Wren Kennedy#
52d583b39bSJohn Wren Kennedy# $1 object -- file or directroy
53d583b39bSJohn Wren Kennedy#
54d583b39bSJohn Wren Kennedyfunction get_acl #<obj>
55d583b39bSJohn Wren Kennedy{
56d583b39bSJohn Wren Kennedy        typeset obj=$1
57d583b39bSJohn Wren Kennedy	if (( ${#obj} == 0 )); then
58d583b39bSJohn Wren Kennedy		return 1
59d583b39bSJohn Wren Kennedy	fi
60d583b39bSJohn Wren Kennedy
611d32ba66SJohn Wren Kennedy	ls -vd $obj | nawk '(NR != 1) {print $0}'
62d583b39bSJohn Wren Kennedy}
63d583b39bSJohn Wren Kennedy
64d583b39bSJohn Wren Kennedy#
65d583b39bSJohn Wren Kennedy# Get the given file/directory ACL
66d583b39bSJohn Wren Kennedy#
67d583b39bSJohn Wren Kennedy# $1 object -- file or directroy
68d583b39bSJohn Wren Kennedy#
69d583b39bSJohn Wren Kennedyfunction get_compact_acl #<obj>
70d583b39bSJohn Wren Kennedy{
71d583b39bSJohn Wren Kennedy        typeset obj=$1
72d583b39bSJohn Wren Kennedy	if (( ${#obj} == 0 )); then
73d583b39bSJohn Wren Kennedy		return 1
74d583b39bSJohn Wren Kennedy	fi
75d583b39bSJohn Wren Kennedy
761d32ba66SJohn Wren Kennedy	ls -Vd $obj | nawk '(NR != 1) {print $0}'
77d583b39bSJohn Wren Kennedy}
78d583b39bSJohn Wren Kennedy
79d583b39bSJohn Wren Kennedy#
80d583b39bSJohn Wren Kennedy# Check the given two files/directories have the same ACLs
81d583b39bSJohn Wren Kennedy#
82d583b39bSJohn Wren Kennedy# Return 0, if source object acl is equal to target object acl.
83d583b39bSJohn Wren Kennedy#
84d583b39bSJohn Wren Kennedy# $1 source object
85d583b39bSJohn Wren Kennedy# $2 target object
86d583b39bSJohn Wren Kennedy#
87d583b39bSJohn Wren Kennedyfunction compare_acls #<src> <tgt>
88d583b39bSJohn Wren Kennedy{
89d583b39bSJohn Wren Kennedy        typeset src=$1
90d583b39bSJohn Wren Kennedy        typeset tgt=$2
91d583b39bSJohn Wren Kennedy
92d583b39bSJohn Wren Kennedy	(( ${#src} == 0 || ${#tgt} == 0 )) && return 1
93d583b39bSJohn Wren Kennedy	[[ $src == $tgt ]] && return 0
94d583b39bSJohn Wren Kennedy
95d583b39bSJohn Wren Kennedy	typeset tmpsrc=/tmp/compare_acls.src.$$
96d583b39bSJohn Wren Kennedy	typeset tmptgt=/tmp/compare_acls.tgt.$$
97d583b39bSJohn Wren Kennedy
98d583b39bSJohn Wren Kennedy	get_acl $src > $tmpsrc
99d583b39bSJohn Wren Kennedy	get_acl $tgt > $tmptgt
100d583b39bSJohn Wren Kennedy	typeset -i ret=0
1011d32ba66SJohn Wren Kennedy	diff $tmpsrc $tmptgt > /dev/null 2>&1
102d583b39bSJohn Wren Kennedy	ret=$?
1031d32ba66SJohn Wren Kennedy	rm -f $tmpsrc $tmptgt
104d583b39bSJohn Wren Kennedy
105d583b39bSJohn Wren Kennedy	if (( ret != 0 )); then
106d583b39bSJohn Wren Kennedy		return $ret
107d583b39bSJohn Wren Kennedy	fi
108d583b39bSJohn Wren Kennedy
109d583b39bSJohn Wren Kennedy	get_compact_acl $src > $tmpsrc
110d583b39bSJohn Wren Kennedy	get_compact_acl $tgt > $tmptgt
1111d32ba66SJohn Wren Kennedy	diff $tmpsrc $tmptgt > /dev/null 2>&1
112d583b39bSJohn Wren Kennedy	ret=$?
1131d32ba66SJohn Wren Kennedy	rm -f $tmpsrc $tmptgt
114d583b39bSJohn Wren Kennedy
115d583b39bSJohn Wren Kennedy	return $ret
116d583b39bSJohn Wren Kennedy}
117d583b39bSJohn Wren Kennedy
118d583b39bSJohn Wren Kennedy#
119d583b39bSJohn Wren Kennedy# Check that the given two objects have the same modes.
120d583b39bSJohn Wren Kennedy# Return 0, if their modes are equal with each other. Otherwise, return 1.
121d583b39bSJohn Wren Kennedy#
122d583b39bSJohn Wren Kennedy# $1 source object
123d583b39bSJohn Wren Kennedy# $2 target object
124d583b39bSJohn Wren Kennedy#
125d583b39bSJohn Wren Kennedyfunction compare_modes #<src> <tgt>
126d583b39bSJohn Wren Kennedy{
127d583b39bSJohn Wren Kennedy        typeset src=$1
128d583b39bSJohn Wren Kennedy        typeset tgt=$2
129d583b39bSJohn Wren Kennedy        typeset -i i=0
130d583b39bSJohn Wren Kennedy        set -A mode
131d583b39bSJohn Wren Kennedy
132d583b39bSJohn Wren Kennedy	(( ${#src} == 0 || ${#tgt} == 0 )) && return 1
133d583b39bSJohn Wren Kennedy	[[ $src == $tgt ]] && return 0
134d583b39bSJohn Wren Kennedy
135d583b39bSJohn Wren Kennedy	typeset obj
136d583b39bSJohn Wren Kennedy        for obj in $src $tgt
137d583b39bSJohn Wren Kennedy        do
138d583b39bSJohn Wren Kennedy                mode[i]=$(get_mode $obj)
139d583b39bSJohn Wren Kennedy
140d583b39bSJohn Wren Kennedy                (( i = i + 1 ))
141d583b39bSJohn Wren Kennedy        done
142d583b39bSJohn Wren Kennedy
143d583b39bSJohn Wren Kennedy        [[ ${mode[0]} != ${mode[1]} ]] && return 1
144d583b39bSJohn Wren Kennedy
145d583b39bSJohn Wren Kennedy        return 0
146d583b39bSJohn Wren Kennedy}
147d583b39bSJohn Wren Kennedy
148d583b39bSJohn Wren Kennedy#
149d583b39bSJohn Wren Kennedy# Check that the given two objects have the same xattrs.
150d583b39bSJohn Wren Kennedy# Return 0, if their xattrs are equal with each other. Otherwise, return 1.
151d583b39bSJohn Wren Kennedy#
152d583b39bSJohn Wren Kennedy# $1 source object
153d583b39bSJohn Wren Kennedy# $2 target object
154d583b39bSJohn Wren Kennedy#
155d583b39bSJohn Wren Kennedyfunction compare_xattrs #<src> <tgt>
156d583b39bSJohn Wren Kennedy{
157d583b39bSJohn Wren Kennedy        typeset src=$1
158d583b39bSJohn Wren Kennedy        typeset tgt=$2
159d583b39bSJohn Wren Kennedy
160d583b39bSJohn Wren Kennedy	(( ${#src} == 0 || ${#tgt} == 0 )) && return 1
161d583b39bSJohn Wren Kennedy	[[ $src == $tgt ]] && return 0
162d583b39bSJohn Wren Kennedy
163d583b39bSJohn Wren Kennedy	typeset tmpsrc=/tmp/compare_xattrs.src.$$
164d583b39bSJohn Wren Kennedy	typeset tmptgt=/tmp/compare_xattrs.tgt.$$
165d583b39bSJohn Wren Kennedy
166d583b39bSJohn Wren Kennedy	get_xattr $src > $tmpsrc
167d583b39bSJohn Wren Kennedy	get_xattr $tgt > $tmptgt
168d583b39bSJohn Wren Kennedy	typeset -i ret=0
1691d32ba66SJohn Wren Kennedy	diff $tmpsrc $tmptgt > /dev/null 2>&1
170d583b39bSJohn Wren Kennedy	ret=$?
1711d32ba66SJohn Wren Kennedy	rm -f $tmpsrc $tmptgt
172d583b39bSJohn Wren Kennedy
173d583b39bSJohn Wren Kennedy        return $ret
174d583b39bSJohn Wren Kennedy}
175d583b39bSJohn Wren Kennedy
176d583b39bSJohn Wren Kennedy#
177d583b39bSJohn Wren Kennedy# Check '+' is set for a given file/directory with 'ls [-l]' command
178d583b39bSJohn Wren Kennedy#
179d583b39bSJohn Wren Kennedy# $1 object -- file or directory.
180d583b39bSJohn Wren Kennedy#
181d583b39bSJohn Wren Kennedyfunction plus_sign_check_l #<obj>
182d583b39bSJohn Wren Kennedy{
183d583b39bSJohn Wren Kennedy	typeset obj=$1
184d583b39bSJohn Wren Kennedy	if (( ${#obj} == 0 )); then
185d583b39bSJohn Wren Kennedy		return 1
186d583b39bSJohn Wren Kennedy	fi
187d583b39bSJohn Wren Kennedy
188*2816c4acSJohn Wren Kennedy	ls -ld $obj | awk '{print $1}' | grep "+$" > /dev/null
189d583b39bSJohn Wren Kennedy
190d583b39bSJohn Wren Kennedy        return $?
191d583b39bSJohn Wren Kennedy}
192d583b39bSJohn Wren Kennedy
193d583b39bSJohn Wren Kennedy#
194d583b39bSJohn Wren Kennedy# Check '+' is set for a given file/directory with 'ls [-v]' command
195d583b39bSJohn Wren Kennedy#
196d583b39bSJohn Wren Kennedy# $1 object -- file or directory.
197d583b39bSJohn Wren Kennedy#
198d583b39bSJohn Wren Kennedyfunction plus_sign_check_v #<obj>
199d583b39bSJohn Wren Kennedy{
200d583b39bSJohn Wren Kennedy	typeset obj=$1
201d583b39bSJohn Wren Kennedy	if (( ${#obj} == 0 )); then
202d583b39bSJohn Wren Kennedy		return 1
203d583b39bSJohn Wren Kennedy	fi
204d583b39bSJohn Wren Kennedy
205*2816c4acSJohn Wren Kennedy	ls -vd $obj | awk '(NR == 1) {print $1}' | grep "+$" > /dev/null
206d583b39bSJohn Wren Kennedy
207d583b39bSJohn Wren Kennedy        return $?
208d583b39bSJohn Wren Kennedy}
209d583b39bSJohn Wren Kennedy
210d583b39bSJohn Wren Kennedy#
211d583b39bSJohn Wren Kennedy# A wrapper function of c program
212d583b39bSJohn Wren Kennedy#
213d583b39bSJohn Wren Kennedy# $1 legal login name
214d583b39bSJohn Wren Kennedy# $2-n commands and options
215d583b39bSJohn Wren Kennedy#
216d583b39bSJohn Wren Kennedyfunction chgusr_exec #<login_name> <commands> [...]
217d583b39bSJohn Wren Kennedy{
2181d32ba66SJohn Wren Kennedy	chg_usr_exec $@
219d583b39bSJohn Wren Kennedy	return $?
220d583b39bSJohn Wren Kennedy}
221d583b39bSJohn Wren Kennedy
222d583b39bSJohn Wren Kennedy#
223d583b39bSJohn Wren Kennedy# Export the current user for the following usr_exec operating.
224d583b39bSJohn Wren Kennedy#
225d583b39bSJohn Wren Kennedy# $1 legal login name
226d583b39bSJohn Wren Kennedy#
227d583b39bSJohn Wren Kennedyfunction set_cur_usr #<login_name>
228d583b39bSJohn Wren Kennedy{
229d583b39bSJohn Wren Kennedy	export ZFS_ACL_CUR_USER=$1
230d583b39bSJohn Wren Kennedy}
231d583b39bSJohn Wren Kennedy
232d583b39bSJohn Wren Kennedy#
233d583b39bSJohn Wren Kennedy# Run commands by $ZFS_ACL_CUR_USER
234d583b39bSJohn Wren Kennedy#
235d583b39bSJohn Wren Kennedy# $1-n commands and options
236d583b39bSJohn Wren Kennedy#
237d583b39bSJohn Wren Kennedyfunction usr_exec #<commands> [...]
238d583b39bSJohn Wren Kennedy{
2391d32ba66SJohn Wren Kennedy	chg_usr_exec "$ZFS_ACL_CUR_USER" $@
240d583b39bSJohn Wren Kennedy	return $?
241d583b39bSJohn Wren Kennedy}
242d583b39bSJohn Wren Kennedy
243d583b39bSJohn Wren Kennedy#
244d583b39bSJohn Wren Kennedy# Count how many ACEs for the speficied file or directory.
245d583b39bSJohn Wren Kennedy#
246d583b39bSJohn Wren Kennedy# $1 file or directroy name
247d583b39bSJohn Wren Kennedy#
248d583b39bSJohn Wren Kennedyfunction count_ACE #<file or dir name>
249d583b39bSJohn Wren Kennedy{
250d583b39bSJohn Wren Kennedy	if [[ ! -e $1 ]]; then
251d583b39bSJohn Wren Kennedy		log_note "Need input file or directroy name."
252d583b39bSJohn Wren Kennedy		return 1
253d583b39bSJohn Wren Kennedy	fi
254d583b39bSJohn Wren Kennedy
2551d32ba66SJohn Wren Kennedy	ls -vd $1 | nawk 'BEGIN {count=0}
256d583b39bSJohn Wren Kennedy			(NR != 1)&&(/[0-9]:/) {count++}
257d583b39bSJohn Wren Kennedy			END {print count}'
258d583b39bSJohn Wren Kennedy
259d583b39bSJohn Wren Kennedy	return 0
260d583b39bSJohn Wren Kennedy}
261d583b39bSJohn Wren Kennedy
262d583b39bSJohn Wren Kennedy#
263d583b39bSJohn Wren Kennedy# Get specified number ACE content of specified file or directory.
264d583b39bSJohn Wren Kennedy#
265d583b39bSJohn Wren Kennedy# $1 file or directory name
266d583b39bSJohn Wren Kennedy# $2 specified number
267d583b39bSJohn Wren Kennedy#
268d583b39bSJohn Wren Kennedyfunction get_ACE #<file or dir name> <specified number> <verbose|compact>
269d583b39bSJohn Wren Kennedy{
270d583b39bSJohn Wren Kennedy	if [[ ! -e $1 || $2 -ge $(count_ACE $1) ]]; then
271d583b39bSJohn Wren Kennedy		return 1
272d583b39bSJohn Wren Kennedy	fi
273d583b39bSJohn Wren Kennedy
274d583b39bSJohn Wren Kennedy	typeset file=$1
275d583b39bSJohn Wren Kennedy	typeset -i num=$2
276d583b39bSJohn Wren Kennedy	typeset format=${3:-verbose}
277d583b39bSJohn Wren Kennedy	typeset -i next_num=-1
278d583b39bSJohn Wren Kennedy
279d583b39bSJohn Wren Kennedy        typeset tmpfile=/tmp/tmp_get_ACE.$$
280d583b39bSJohn Wren Kennedy        typeset line=""
281d583b39bSJohn Wren Kennedy	typeset args
282d583b39bSJohn Wren Kennedy
283d583b39bSJohn Wren Kennedy	case $format in
284d583b39bSJohn Wren Kennedy		verbose) args="-vd"
285d583b39bSJohn Wren Kennedy			;;
286d583b39bSJohn Wren Kennedy		compact) args="-Vd"
287d583b39bSJohn Wren Kennedy			;;
288d583b39bSJohn Wren Kennedy		*) log_fail "Invalid parameter as ($format), " \
289d583b39bSJohn Wren Kennedy			"only verbose|compact is supported."
290d583b39bSJohn Wren Kennedy			;;
291d583b39bSJohn Wren Kennedy	esac
292d583b39bSJohn Wren Kennedy
2931d32ba66SJohn Wren Kennedy	ls $args $file > $tmpfile
2941d32ba66SJohn Wren Kennedy	(( $? != 0 )) && log_fail "FAIL: ls $args $file > $tmpfile"
295d583b39bSJohn Wren Kennedy	while read line; do
296d583b39bSJohn Wren Kennedy		[[ -z $line ]] && continue
297d583b39bSJohn Wren Kennedy		if [[ $args == -vd ]]; then
298d583b39bSJohn Wren Kennedy			if [[ $line == "$num":* ]]; then
299d583b39bSJohn Wren Kennedy				(( next_num = num + 1 ))
300d583b39bSJohn Wren Kennedy			fi
301d583b39bSJohn Wren Kennedy			if [[ $line == "$next_num":* ]]; then
302d583b39bSJohn Wren Kennedy				break
303d583b39bSJohn Wren Kennedy			fi
304d583b39bSJohn Wren Kennedy			if (( next_num != -1 )); then
305d583b39bSJohn Wren Kennedy				print -n $line
306d583b39bSJohn Wren Kennedy			fi
307d583b39bSJohn Wren Kennedy		else
308d583b39bSJohn Wren Kennedy			if (( next_num == num )); then
309d583b39bSJohn Wren Kennedy				print -n $line
310d583b39bSJohn Wren Kennedy			fi
311d583b39bSJohn Wren Kennedy			(( next_num += 1 ))
312d583b39bSJohn Wren Kennedy		fi
313d583b39bSJohn Wren Kennedy	done < $tmpfile
314d583b39bSJohn Wren Kennedy
3151d32ba66SJohn Wren Kennedy	rm -f $tmpfile
3161d32ba66SJohn Wren Kennedy	(( $? != 0 )) && log_fail "FAIL: rm -f $tmpfile"
317d583b39bSJohn Wren Kennedy}
318d583b39bSJohn Wren Kennedy
319d583b39bSJohn Wren Kennedy#
320d583b39bSJohn Wren Kennedy# Cleanup exist user/group.
321d583b39bSJohn Wren Kennedy#
322d583b39bSJohn Wren Kennedyfunction cleanup_user_group
323d583b39bSJohn Wren Kennedy{
324d583b39bSJohn Wren Kennedy	del_user $ZFS_ACL_ADMIN
325d583b39bSJohn Wren Kennedy
326d583b39bSJohn Wren Kennedy	del_user $ZFS_ACL_STAFF1
327d583b39bSJohn Wren Kennedy	del_user $ZFS_ACL_STAFF2
328d583b39bSJohn Wren Kennedy	del_group $ZFS_ACL_STAFF_GROUP
329d583b39bSJohn Wren Kennedy
330d583b39bSJohn Wren Kennedy	del_user $ZFS_ACL_OTHER1
331d583b39bSJohn Wren Kennedy	del_user $ZFS_ACL_OTHER2
332d583b39bSJohn Wren Kennedy	del_group $ZFS_ACL_OTHER_GROUP
333d583b39bSJohn Wren Kennedy
334d583b39bSJohn Wren Kennedy	return 0
335d583b39bSJohn Wren Kennedy}
336d583b39bSJohn Wren Kennedy
337d583b39bSJohn Wren Kennedy#
338d583b39bSJohn Wren Kennedy# Clean up testfile and test directory
339d583b39bSJohn Wren Kennedy#
340d583b39bSJohn Wren Kennedyfunction cleanup
341d583b39bSJohn Wren Kennedy{
342d583b39bSJohn Wren Kennedy	if [[ -d $TESTDIR ]]; then
343d583b39bSJohn Wren Kennedy		cd $TESTDIR
3441d32ba66SJohn Wren Kennedy		rm -rf $TESTDIR/*
345d583b39bSJohn Wren Kennedy	fi
346d583b39bSJohn Wren Kennedy}
347d583b39bSJohn Wren Kennedy
348d583b39bSJohn Wren Kennedy#
349d583b39bSJohn Wren Kennedy# According to specified access or acl_spec, do relevant operating by using the
350d583b39bSJohn Wren Kennedy# specified user.
351d583b39bSJohn Wren Kennedy#
352d583b39bSJohn Wren Kennedy# $1 specified user
353d583b39bSJohn Wren Kennedy# $2 node
354d583b39bSJohn Wren Kennedy# $3 acl_spec or access
355d583b39bSJohn Wren Kennedy#
356d583b39bSJohn Wren Kennedyfunction rwx_node #user node acl_spec|access
357d583b39bSJohn Wren Kennedy{
358d583b39bSJohn Wren Kennedy	typeset user=$1
359d583b39bSJohn Wren Kennedy	typeset node=$2
360d583b39bSJohn Wren Kennedy	typeset acl_spec=$3
361d583b39bSJohn Wren Kennedy
362d583b39bSJohn Wren Kennedy	if [[ $user == "" || $node == "" || $acl_spec == "" ]]; then
363d583b39bSJohn Wren Kennedy		log_note "node or acl_spec are not defined."
364d583b39bSJohn Wren Kennedy		return 1
365d583b39bSJohn Wren Kennedy	fi
366d583b39bSJohn Wren Kennedy
367d583b39bSJohn Wren Kennedy	if [[ -d $node ]]; then
368d583b39bSJohn Wren Kennedy		case $acl_spec in
369d583b39bSJohn Wren Kennedy		*:read_data:*|read_data)
3701d32ba66SJohn Wren Kennedy			chgusr_exec $user ls -l $node > /dev/null 2>&1
371d583b39bSJohn Wren Kennedy			return $? ;;
372d583b39bSJohn Wren Kennedy		*:write_data:*|write_data)
373d583b39bSJohn Wren Kennedy			if [[ -f ${node}/tmpfile ]]; then
3741d32ba66SJohn Wren Kennedy				log_must rm -f ${node}/tmpfile
375d583b39bSJohn Wren Kennedy			fi
3761d32ba66SJohn Wren Kennedy			chgusr_exec $user touch ${node}/tmpfile > \
377d583b39bSJohn Wren Kennedy				/dev/null 2>&1
378d583b39bSJohn Wren Kennedy			return $? ;;
379d583b39bSJohn Wren Kennedy		*"execute:"*|execute)
3801d32ba66SJohn Wren Kennedy			chgusr_exec $user find $node > /dev/null 2>&1
381d583b39bSJohn Wren Kennedy			return $? ;;
382d583b39bSJohn Wren Kennedy		esac
383d583b39bSJohn Wren Kennedy	else
384d583b39bSJohn Wren Kennedy		case $acl_spec in
385d583b39bSJohn Wren Kennedy		*:read_data:*|read_data)
3861d32ba66SJohn Wren Kennedy			chgusr_exec $user cat $node > /dev/null 2>&1
387d583b39bSJohn Wren Kennedy			return $? ;;
388d583b39bSJohn Wren Kennedy		*:write_data:*|write_data)
3891d32ba66SJohn Wren Kennedy			chgusr_exec $user dd if=/usr/bin/ls of=$node > \
390d583b39bSJohn Wren Kennedy				/dev/null 2>&1
391d583b39bSJohn Wren Kennedy			return $? ;;
392d583b39bSJohn Wren Kennedy		*"execute:"*|execute)
393d583b39bSJohn Wren Kennedy			ZFS_ACL_ERR_STR=$(chgusr_exec $user $node 2>&1)
394d583b39bSJohn Wren Kennedy			return $? ;;
395d583b39bSJohn Wren Kennedy		esac
396d583b39bSJohn Wren Kennedy	fi
397d583b39bSJohn Wren Kennedy}
398d583b39bSJohn Wren Kennedy
399d583b39bSJohn Wren Kennedy#
400d583b39bSJohn Wren Kennedy# Get the given file/directory xattr
401d583b39bSJohn Wren Kennedy#
402d583b39bSJohn Wren Kennedy# $1 object -- file or directroy
403d583b39bSJohn Wren Kennedy#
404d583b39bSJohn Wren Kennedyfunction get_xattr #<obj>
405d583b39bSJohn Wren Kennedy{
406d583b39bSJohn Wren Kennedy        typeset obj=$1
407d583b39bSJohn Wren Kennedy	typeset xattr
408d583b39bSJohn Wren Kennedy	if (( ${#obj} == 0 )); then
409d583b39bSJohn Wren Kennedy		return 1
410d583b39bSJohn Wren Kennedy	fi
411d583b39bSJohn Wren Kennedy
4121d32ba66SJohn Wren Kennedy	for xattr in `runat $obj ls | \
413d2d52addSAlexander Pyhalov		/usr/bin/egrep -v -e SUNWattr_ro -e SUNWattr_rw` ; do
4141d32ba66SJohn Wren Kennedy		runat $obj sum $xattr
415d583b39bSJohn Wren Kennedy	done
416d583b39bSJohn Wren Kennedy}
417d583b39bSJohn Wren Kennedy
418d583b39bSJohn Wren Kennedy#
419d583b39bSJohn Wren Kennedy# Get the owner of a file/directory
420d583b39bSJohn Wren Kennedy#
421d583b39bSJohn Wren Kennedyfunction get_owner #node
422d583b39bSJohn Wren Kennedy{
423d583b39bSJohn Wren Kennedy	typeset node=$1
424d583b39bSJohn Wren Kennedy	typeset value
425d583b39bSJohn Wren Kennedy
426d583b39bSJohn Wren Kennedy	if [[ -z $node ]]; then
427d583b39bSJohn Wren Kennedy		log_fail "node are not defined."
428d583b39bSJohn Wren Kennedy	fi
429d583b39bSJohn Wren Kennedy
430d583b39bSJohn Wren Kennedy	if [[ -d $node ]]; then
4311d32ba66SJohn Wren Kennedy		value=$(ls -dl $node | awk '{print $3}')
432d583b39bSJohn Wren Kennedy	elif [[ -e $node ]]; then
4331d32ba66SJohn Wren Kennedy		value=$(ls -l $node | awk '{print $3}')
434d583b39bSJohn Wren Kennedy	fi
435d583b39bSJohn Wren Kennedy
4361d32ba66SJohn Wren Kennedy	echo $value
437d583b39bSJohn Wren Kennedy}
438d583b39bSJohn Wren Kennedy
439d583b39bSJohn Wren Kennedy#
440d583b39bSJohn Wren Kennedy# Get the group of a file/directory
441d583b39bSJohn Wren Kennedy#
442d583b39bSJohn Wren Kennedyfunction get_group #node
443d583b39bSJohn Wren Kennedy{
444d583b39bSJohn Wren Kennedy	typeset node=$1
445d583b39bSJohn Wren Kennedy	typeset value
446d583b39bSJohn Wren Kennedy
447d583b39bSJohn Wren Kennedy	if [[ -z $node ]]; then
448d583b39bSJohn Wren Kennedy		log_fail "node are not defined."
449d583b39bSJohn Wren Kennedy	fi
450d583b39bSJohn Wren Kennedy
451d583b39bSJohn Wren Kennedy	if [[ -d $node ]]; then
4521d32ba66SJohn Wren Kennedy		value=$(ls -dl $node | awk '{print $4}')
453d583b39bSJohn Wren Kennedy	elif [[ -e $node ]]; then
4541d32ba66SJohn Wren Kennedy		value=$(ls -l $node | awk '{print $4}')
455d583b39bSJohn Wren Kennedy	fi
456d583b39bSJohn Wren Kennedy
4571d32ba66SJohn Wren Kennedy	echo $value
458d583b39bSJohn Wren Kennedy}
459d583b39bSJohn Wren Kennedy
460d583b39bSJohn Wren Kennedy
461d583b39bSJohn Wren Kennedy#
462d583b39bSJohn Wren Kennedy# Get the group name that a UID belongs to
463d583b39bSJohn Wren Kennedy#
464d583b39bSJohn Wren Kennedyfunction get_user_group #uid
465d583b39bSJohn Wren Kennedy{
466d583b39bSJohn Wren Kennedy	typeset uid=$1
467d583b39bSJohn Wren Kennedy	typeset value
468d583b39bSJohn Wren Kennedy
469d583b39bSJohn Wren Kennedy	if [[ -z $uid ]]; then
470d583b39bSJohn Wren Kennedy		log_fail "UID not defined."
471d583b39bSJohn Wren Kennedy	fi
472d583b39bSJohn Wren Kennedy
473d583b39bSJohn Wren Kennedy	value=$(id $uid)