1#!/usr/bin/ksh -p
2#
3# CDDL HEADER START
4#
5# The contents of this file are subject to the terms of the
6# Common Development and Distribution License (the "License").
7# You may not use this file except in compliance with the License.
8#
9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10# or http://www.opensolaris.org/os/licensing.
11# See the License for the specific language governing permissions
12# and limitations under the License.
13#
14# When distributing Covered Code, include this CDDL HEADER in each
15# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16# If applicable, add the following below this CDDL HEADER, with the
17# fields enclosed by brackets "[]" replaced with your own identifying
18# information: Portions Copyright [yyyy] [name of copyright owner]
19#
20# CDDL HEADER END
21#
22
23#
24# Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
25# Use is subject to license terms.
26#
27
28#
29# Copyright (c) 2013, 2016 by Delphix. All rights reserved.
30# Copyright (c) 2013 by Paul B. Henson <henson@acm.org>.
31#                    All rights reserved.
32#
33
34
35. $STF_SUITE/tests/functional/acl/acl.cfg
36. $STF_SUITE/tests/functional/acl/acl_common.kshlib
37
38#
39# DESCRIPTION:
40#	Verify mode bits based chmod fails on files/directories with
41#       non-trivial ACLs when aclmode=restricted
42#
43# STRATEGY:
44#	1. Loop super user and non-super user to run the test case
45#	2. Create test file and directory
46#	3. Set non-trivial ACL on test file and directory
47#	4. Verify mode bits based chmod fails
48#
49
50verify_runnable "both"
51
52function cleanup
53{
54	# reset aclmode=discard
55	log_must zfs set aclmode=discard $TESTPOOL/$TESTFS
56}
57
58log_assert "Verify mode bits based chmod fails on files/directories "\
59    "with non-trivial ACLs when aclmode=restricted"
60log_onexit cleanup
61
62log_must zfs set aclmode=restricted $TESTPOOL/$TESTFS
63
64for user in root $ZFS_ACL_STAFF1; do
65	log_must set_cur_usr $user
66
67	log_must usr_exec mkdir $TESTDIR/testdir
68	log_must usr_exec touch $TESTDIR/testfile
69
70	# Make sure ACL is non-trival
71	log_must usr_exec chmod A+user:${ZFS_ACL_STAFF1}:r::allow \
72	    $TESTDIR/testdir $TESTDIR/testfile
73
74	log_mustnot usr_exec chmod u-w $TESTDIR/testdir
75	log_mustnot usr_exec chmod u-w $TESTDIR/testfile
76
77	log_must usr_exec rmdir $TESTDIR/testdir
78	log_must usr_exec rm $TESTDIR/testfile
79done
80
81log_pass "Verify mode bits based chmod fails on files/directories "\
82    "with non-trivial ACLs when aclmode=restricted passed."
83