xref: /freebsd/contrib/pjdfstest/tests/chflags/09.t (revision 7e00348e7605b9906601438008341ffc37c00e2c)
1#!/bin/sh
2# $FreeBSD: head/tools/regression/pjdfstest/tests/chflags/09.t 211352 2010-08-15 21:24:17Z pjd $
3
4desc="chflags returns EPERM when one of SF_IMMUTABLE, SF_APPEND, or SF_NOUNLINK is set and securelevel is greater than 0"
5
6dir=`dirname $0`
7. ${dir}/../misc.sh
8
9require chflags
10
11echo "1..327"
12
13n0=`namegen`
14n1=`namegen`
15n2=`namegen`
16
17old=`sysctl -n security.jail.chflags_allowed`
18sysctl security.jail.chflags_allowed=1 >/dev/null
19
20expect 0 mkdir ${n0} 0755
21cdir=`pwd`
22cd ${n0}
23
24for type in regular dir fifo block char socket symlink; do
25	if [ "${type}" != "symlink" ]; then
26		create_file ${type} ${n1}
27		expect 0 chown ${n1} 65534 65534
28		for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do
29			expect 0 chflags ${n1} ${flag}
30			jexpect 1 `pwd` EPERM chflags ${n1} UF_NODUMP
31			expect ${flag} stat ${n1} flags
32			jexpect 1 `pwd` EPERM -u 65533 -g 65533 chflags ${n1} UF_NODUMP
33			expect ${flag} stat ${n1} flags
34			jexpect 1 `pwd` EPERM -u 65534 -g 65534 chflags ${n1} UF_NODUMP
35			expect ${flag} stat ${n1} flags
36		done
37		expect 0 chflags ${n1} none
38		if [ "${type}" = "dir" ]; then
39			expect 0 rmdir ${n1}
40		else
41			expect 0 unlink ${n1}
42		fi
43	fi
44
45	create_file ${type} ${n1}
46	expect 0 lchown ${n1} 65534 65534
47	for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do
48		expect 0 lchflags ${n1} ${flag}
49		jexpect 1 `pwd` EPERM lchflags ${n1} UF_NODUMP
50		expect ${flag} lstat ${n1} flags
51		jexpect 1 `pwd` EPERM -u 65533 -g 65533 lchflags ${n1} UF_NODUMP
52		expect ${flag} lstat ${n1} flags
53		jexpect 1 `pwd` EPERM -u 65534 -g 65534 lchflags ${n1} UF_NODUMP
54		expect ${flag} lstat ${n1} flags
55	done
56	expect 0 lchflags ${n1} none
57	if [ "${type}" = "dir" ]; then
58		expect 0 rmdir ${n1}
59	else
60		expect 0 unlink ${n1}
61	fi
62done
63
64sysctl security.jail.chflags_allowed=${old} >/dev/null
65cd ${cdir}
66expect 0 rmdir ${n0}
67