17b1753e6SJohn Wren Kennedy#!/bin/ksh -p
27b1753e6SJohn Wren Kennedy#
37b1753e6SJohn Wren Kennedy# CDDL HEADER START
47b1753e6SJohn Wren Kennedy#
57b1753e6SJohn Wren Kennedy# The contents of this file are subject to the terms of the
67b1753e6SJohn Wren Kennedy# Common Development and Distribution License (the "License").
77b1753e6SJohn Wren Kennedy# You may not use this file except in compliance with the License.
87b1753e6SJohn Wren Kennedy#
97b1753e6SJohn Wren Kennedy# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
107b1753e6SJohn Wren Kennedy# or http://www.opensolaris.org/os/licensing.
117b1753e6SJohn Wren Kennedy# See the License for the specific language governing permissions
127b1753e6SJohn Wren Kennedy# and limitations under the License.
137b1753e6SJohn Wren Kennedy#
147b1753e6SJohn Wren Kennedy# When distributing Covered Code, include this CDDL HEADER in each
157b1753e6SJohn Wren Kennedy# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
167b1753e6SJohn Wren Kennedy# If applicable, add the following below this CDDL HEADER, with the
177b1753e6SJohn Wren Kennedy# fields enclosed by brackets "[]" replaced with your own identifying
187b1753e6SJohn Wren Kennedy# information: Portions Copyright [yyyy] [name of copyright owner]
197b1753e6SJohn Wren Kennedy#
207b1753e6SJohn Wren Kennedy# CDDL HEADER END
217b1753e6SJohn Wren Kennedy#
227b1753e6SJohn Wren Kennedy
237b1753e6SJohn Wren Kennedy#
247b1753e6SJohn Wren Kennedy# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
257b1753e6SJohn Wren Kennedy# Use is subject to license terms.
267b1753e6SJohn Wren Kennedy#
277b1753e6SJohn Wren Kennedy
287b1753e6SJohn Wren Kennedy#
29*1d32ba66SJohn Wren Kennedy# Copyright (c) 2013, 2016 by Delphix. All rights reserved.
307b1753e6SJohn Wren Kennedy# Copyright (c) 2013 by Paul B. Henson <henson@acm.org>. All rights reserved.
317b1753e6SJohn Wren Kennedy#
327b1753e6SJohn Wren Kennedy
337b1753e6SJohn Wren Kennedy. $STF_SUITE/tests/functional/acl/acl.cfg
347b1753e6SJohn Wren Kennedy. $STF_SUITE/tests/functional/acl/acl_common.kshlib
357b1753e6SJohn Wren Kennedy
367b1753e6SJohn Wren Kennedy#
377b1753e6SJohn Wren Kennedy# DESCRIPTION:
387b1753e6SJohn Wren Kennedy#	Verify chmod permission settings on files and directories, as both root
397b1753e6SJohn Wren Kennedy#	and non-root users, with aclmode set to restricted.
407b1753e6SJohn Wren Kennedy#
417b1753e6SJohn Wren Kennedy# STRATEGY:
427b1753e6SJohn Wren Kennedy#	1. Loop root and $ZFS_ACL_STAFF1 as root and non-root users.
437b1753e6SJohn Wren Kennedy#	2. Create test file and directory in zfs filesystem.
447b1753e6SJohn Wren Kennedy#	3. Execute 'chmod' with specified options.
457b1753e6SJohn Wren Kennedy#	4. Check 'ls -l' output and compare with expect results.
467b1753e6SJohn Wren Kennedy
477b1753e6SJohn Wren Kennedyverify_runnable "both"
487b1753e6SJohn Wren Kennedy
497b1753e6SJohn Wren Kennedyfunction cleanup
507b1753e6SJohn Wren Kennedy{
517b1753e6SJohn Wren Kennedy	# reset aclmode=discard
52*1d32ba66SJohn Wren Kennedy	log_must zfs set aclmode=discard $TESTPOOL/$TESTFS
537b1753e6SJohn Wren Kennedy}
547b1753e6SJohn Wren Kennedy
557b1753e6SJohn Wren Kennedy#	"init_map" "options" "expect_map"
567b1753e6SJohn Wren Kennedyset -A argv \
577b1753e6SJohn Wren Kennedy	"000" "a+rw"	"rw-rw-rw-"	"000" "a+rwx"	"rwxrwxrwx" \
587b1753e6SJohn Wren Kennedy	"000" "u+xr"	"r-x------"	"000" "gu-xw"	"---------" \
597b1753e6SJohn Wren Kennedy	"644" "a-r"	"-w-------"	"644" "augo-x"	"rw-r--r--" \
607b1753e6SJohn Wren Kennedy	"644" "=x"	"--x--x--x"	"644" "u-rw"	"---r--r--" \
617b1753e6SJohn Wren Kennedy	"644" "uo+x"	"rwxr--r-x"	"644" "ga-wr"	"---------" \
627b1753e6SJohn Wren Kennedy	"777" "augo+x"	"rwxrwxrwx"	"777" "go-xr"	"rwx-w--w-" \
637b1753e6SJohn Wren Kennedy	"777" "o-wx"	"rwxrwxr--"	"777" "ou-rx"	"-w-rwx-w-" \
647b1753e6SJohn Wren Kennedy	"777" "a+rwx"	"rwxrwxrwx"	"777" "u=rw"	"rw-rwxrwx" \
657b1753e6SJohn Wren Kennedy	"000" "123"	"--x-w--wx"	"000" "412"	"r----x-w-" \
667b1753e6SJohn Wren Kennedy	"231" "562"	"r-xrw--w-"	"712" "000"	"---------" \
677b1753e6SJohn Wren Kennedy	"777" "121"	"--x-w---x"	"123" "775"	"rwxrwxr-x"
687b1753e6SJohn Wren Kennedy
697b1753e6SJohn Wren Kennedylog_assert " Verify chmod permission settings on files and directories for " \
707b1753e6SJohn Wren Kennedy    "aclmode=restricted"
717b1753e6SJohn Wren Kennedylog_onexit cleanup
727b1753e6SJohn Wren Kennedy
737b1753e6SJohn Wren Kennedy#
747b1753e6SJohn Wren Kennedy# Verify file or directory have correct map after chmod
757b1753e6SJohn Wren Kennedy#
767b1753e6SJohn Wren Kennedy# $1 file or directory
777b1753e6SJohn Wren Kennedy#
787b1753e6SJohn Wren Kennedyfunction test_chmod_mapping #<file-dir>
797b1753e6SJohn Wren Kennedy{
807b1753e6SJohn Wren Kennedy	typeset node=$1
817b1753e6SJohn Wren Kennedy	typeset -i i=0
827b1753e6SJohn Wren Kennedy
837b1753e6SJohn Wren Kennedy	while ((i < ${#argv[@]})); do
84*1d32ba66SJohn Wren Kennedy		usr_exec chmod ${argv[i]} $node
857b1753e6SJohn Wren Kennedy		if (($? != 0)); then
86*1d32ba66SJohn Wren Kennedy			log_note "usr_exec chmod ${argv[i]} $node"
877b1753e6SJohn Wren Kennedy			return 1
887b1753e6SJohn Wren Kennedy		fi
89*1d32ba66SJohn Wren Kennedy		usr_exec chmod ${argv[((i + 1))]} $node
907b1753e6SJohn Wren Kennedy		if (($? != 0)); then
91*1d32ba66SJohn Wren Kennedy			log_note "usr_exec chmod ${argv[((i + 1))]} $node"
927b1753e6SJohn Wren Kennedy			return 1
937b1753e6SJohn Wren Kennedy		fi
947b1753e6SJohn Wren Kennedy
957b1753e6SJohn Wren Kennedy		typeset mode
967b1753e6SJohn Wren Kennedy		mode=$(get_mode ${node})
977b1753e6SJohn Wren Kennedy
987b1753e6SJohn Wren Kennedy		if [[ $mode != "-${argv[((i + 2))]}"* && \
997b1753e6SJohn Wren Kennedy		    $mode != "d${argv[((i + 2))]}"* ]]
1007b1753e6SJohn Wren Kennedy		then
1017b1753e6SJohn Wren Kennedy			log_fail "FAIL: '${argv[i]}' '${argv[((i + 1))]}' \
1027b1753e6SJohn Wren Kennedy			    '${argv[((i + 2))]}'"
1037b1753e6SJohn Wren Kennedy		fi
1047b1753e6SJohn Wren Kennedy
1057b1753e6SJohn Wren Kennedy		((i += 3))
1067b1753e6SJohn Wren Kennedy	done
1077b1753e6SJohn Wren Kennedy
1087b1753e6SJohn Wren Kennedy	return 0
1097b1753e6SJohn Wren Kennedy}
1107b1753e6SJohn Wren Kennedy
1117b1753e6SJohn Wren Kennedy# set aclmode=restricted
112*1d32ba66SJohn Wren Kennedylog_must zfs set aclmode=restricted $TESTPOOL/$TESTFS
1137b1753e6SJohn Wren Kennedy
1147b1753e6SJohn Wren Kennedyfor user in root $ZFS_ACL_STAFF1; do
1157b1753e6SJohn Wren Kennedy	log_must set_cur_usr $user
1167b1753e6SJohn Wren Kennedy
1177b1753e6SJohn Wren Kennedy	# Test file
118*1d32ba66SJohn Wren Kennedy	log_must usr_exec touch $testfile
1197b1753e6SJohn Wren Kennedy	log_must test_chmod_mapping $testfile
1207b1753e6SJohn Wren Kennedy
1217b1753e6SJohn Wren Kennedy	# Test directory
122*1d32ba66SJohn Wren Kennedy	log_must usr_exec mkdir $testdir
1237b1753e6SJohn Wren Kennedy	log_must test_chmod_mapping $testdir
1247b1753e6SJohn Wren Kennedy
125*1d32ba66SJohn Wren Kennedy	log_must usr_exec rm $testfile
126*1d32ba66SJohn Wren Kennedy	log_must usr_exec rm -rf $testdir
1277b1753e6SJohn Wren Kennedydone
1287b1753e6SJohn Wren Kennedy
1297b1753e6SJohn Wren Kennedylog_pass "Setting permissions using 'chmod' for aclmode=restricted completed " \
1307b1753e6SJohn Wren Kennedy    "successfully."