1#!/bin/sh 2# $FreeBSD: head/tools/regression/pjdfstest/tests/chflags/09.t 211352 2010-08-15 21:24:17Z pjd $ 3 4desc="chflags returns EPERM when one of SF_IMMUTABLE, SF_APPEND, or SF_NOUNLINK is set and securelevel is greater than 0" 5 6dir=`dirname $0` 7. ${dir}/../misc.sh 8 9require chflags 10 11echo "1..327" 12 13n0=`namegen` 14n1=`namegen` 15n2=`namegen` 16 17old=`sysctl -n security.jail.chflags_allowed` 18sysctl security.jail.chflags_allowed=1 >/dev/null 19 20expect 0 mkdir ${n0} 0755 21cdir=`pwd` 22cd ${n0} 23 24for type in regular dir fifo block char socket symlink; do 25 if [ "${type}" != "symlink" ]; then 26 create_file ${type} ${n1} 27 expect 0 chown ${n1} 65534 65534 28 for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do 29 expect 0 chflags ${n1} ${flag} 30 jexpect 1 `pwd` EPERM chflags ${n1} UF_NODUMP 31 expect ${flag} stat ${n1} flags 32 jexpect 1 `pwd` EPERM -u 65533 -g 65533 chflags ${n1} UF_NODUMP 33 expect ${flag} stat ${n1} flags 34 jexpect 1 `pwd` EPERM -u 65534 -g 65534 chflags ${n1} UF_NODUMP 35 expect ${flag} stat ${n1} flags 36 done 37 expect 0 chflags ${n1} none 38 if [ "${type}" = "dir" ]; then 39 expect 0 rmdir ${n1} 40 else 41 expect 0 unlink ${n1} 42 fi 43 fi 44 45 create_file ${type} ${n1} 46 expect 0 lchown ${n1} 65534 65534 47 for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do 48 expect 0 lchflags ${n1} ${flag} 49 jexpect 1 `pwd` EPERM lchflags ${n1} UF_NODUMP 50 expect ${flag} lstat ${n1} flags 51 jexpect 1 `pwd` EPERM -u 65533 -g 65533 lchflags ${n1} UF_NODUMP 52 expect ${flag} lstat ${n1} flags 53 jexpect 1 `pwd` EPERM -u 65534 -g 65534 lchflags ${n1} UF_NODUMP 54 expect ${flag} lstat ${n1} flags 55 done 56 expect 0 lchflags ${n1} none 57 if [ "${type}" = "dir" ]; then 58 expect 0 rmdir ${n1} 59 else 60 expect 0 unlink ${n1} 61 fi 62done 63 64sysctl security.jail.chflags_allowed=${old} >/dev/null 65cd ${cdir} 66expect 0 rmdir ${n0} 67