1#!/bin/sh 2# $FreeBSD$ 3 4dir=`dirname $0` 5. ${dir}/misc.sh 6 7echo "1..48" 8 9# Verify if security.mac.portacl.suser_exempt=1 really exempts super-user. 10 11trap restore_settings EXIT INT TERM 12 13sysctl security.mac.portacl.suser_exempt=1 >/dev/null 14 15bind_test ok ok uid root tcp 77 16bind_test ok ok uid root tcp 7777 17bind_test ok ok uid root udp 77 18bind_test ok ok uid root udp 7777 19 20bind_test ok ok gid root tcp 77 21bind_test ok ok gid root tcp 7777 22bind_test ok ok gid root udp 77 23bind_test ok ok gid root udp 7777 24 25# Verify if security.mac.portacl.suser_exempt=0 really doesn't exempt super-user. 26 27sysctl security.mac.portacl.suser_exempt=0 >/dev/null 28 29bind_test fl ok uid root tcp 77 30bind_test ok ok uid root tcp 7777 31bind_test fl ok uid root udp 77 32bind_test ok ok uid root udp 7777 33 34bind_test fl ok gid root tcp 77 35bind_test ok ok gid root tcp 7777 36bind_test fl ok gid root udp 77 37bind_test ok ok gid root udp 7777 38 39# Verify if security.mac.portacl.port_high works for super-user. 40 41sysctl security.mac.portacl.port_high=7778 >/dev/null 42 43bind_test fl ok uid root tcp 77 44bind_test fl ok uid root tcp 7777 45bind_test fl ok uid root udp 77 46bind_test fl ok uid root udp 7777 47 48bind_test fl ok gid root tcp 77 49bind_test fl ok gid root tcp 7777 50bind_test fl ok gid root udp 77 51bind_test fl ok gid root udp 7777 52