1#!/bin/sh 2# vim: filetype=sh noexpandtab ts=8 sw=8 3# $FreeBSD: head/tools/regression/pjdfstest/tests/chflags/09.t 211352 2010-08-15 21:24:17Z pjd $ 4 5desc="chflags returns EPERM when one of SF_IMMUTABLE, SF_APPEND, or SF_NOUNLINK is set and securelevel is greater than 0" 6 7dir=`dirname $0` 8. ${dir}/../misc.sh 9 10require chflags 11 12echo "1..327" 13 14n0=`namegen` 15n1=`namegen` 16n2=`namegen` 17 18old=`sysctl -n security.jail.chflags_allowed` 19sysctl security.jail.chflags_allowed=1 >/dev/null 20 21expect 0 mkdir ${n0} 0755 22cdir=`pwd` 23cd ${n0} 24 25for type in regular dir fifo block char socket symlink; do 26 if [ "${type}" != "symlink" ]; then 27 create_file ${type} ${n1} 28 expect 0 chown ${n1} 65534 65534 29 for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do 30 expect 0 chflags ${n1} ${flag} 31 jexpect 1 `pwd` EPERM chflags ${n1} UF_NODUMP 32 expect ${flag} stat ${n1} flags 33 jexpect 1 `pwd` EPERM -u 65533 -g 65533 chflags ${n1} UF_NODUMP 34 expect ${flag} stat ${n1} flags 35 jexpect 1 `pwd` EPERM -u 65534 -g 65534 chflags ${n1} UF_NODUMP 36 expect ${flag} stat ${n1} flags 37 done 38 expect 0 chflags ${n1} none 39 if [ "${type}" = "dir" ]; then 40 expect 0 rmdir ${n1} 41 else 42 expect 0 unlink ${n1} 43 fi 44 fi 45 46 create_file ${type} ${n1} 47 expect 0 lchown ${n1} 65534 65534 48 for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do 49 expect 0 lchflags ${n1} ${flag} 50 jexpect 1 `pwd` EPERM lchflags ${n1} UF_NODUMP 51 expect ${flag} lstat ${n1} flags 52 jexpect 1 `pwd` EPERM -u 65533 -g 65533 lchflags ${n1} UF_NODUMP 53 expect ${flag} lstat ${n1} flags 54 jexpect 1 `pwd` EPERM -u 65534 -g 65534 lchflags ${n1} UF_NODUMP 55 expect ${flag} lstat ${n1} flags 56 done 57 expect 0 lchflags ${n1} none 58 if [ "${type}" = "dir" ]; then 59 expect 0 rmdir ${n1} 60 else 61 expect 0 unlink ${n1} 62 fi 63done 64 65sysctl security.jail.chflags_allowed=${old} >/dev/null 66cd ${cdir} 67expect 0 rmdir ${n0} 68