1#!/bin/sh 2 3dir=`dirname $0` 4. ${dir}/misc.sh 5 6echo "1..48" 7 8# Verify if security.mac.portacl.suser_exempt=1 really exempts super-user. 9 10trap restore_settings EXIT INT TERM 11 12sysctl security.mac.portacl.suser_exempt=1 >/dev/null 13 14bind_test ok ok uid root tcp 77 15bind_test ok ok uid root tcp 7777 16bind_test ok ok uid root udp 77 17bind_test ok ok uid root udp 7777 18 19bind_test ok ok gid root tcp 77 20bind_test ok ok gid root tcp 7777 21bind_test ok ok gid root udp 77 22bind_test ok ok gid root udp 7777 23 24# Verify if security.mac.portacl.suser_exempt=0 really doesn't exempt super-user. 25 26sysctl security.mac.portacl.suser_exempt=0 >/dev/null 27 28bind_test fl ok uid root tcp 77 29bind_test ok ok uid root tcp 7777 30bind_test fl ok uid root udp 77 31bind_test ok ok uid root udp 7777 32 33bind_test fl ok gid root tcp 77 34bind_test ok ok gid root tcp 7777 35bind_test fl ok gid root udp 77 36bind_test ok ok gid root udp 7777 37 38# Verify if security.mac.portacl.port_high works for super-user. 39 40sysctl security.mac.portacl.port_high=7778 >/dev/null 41 42bind_test fl ok uid root tcp 77 43bind_test fl ok uid root tcp 7777 44bind_test fl ok uid root udp 77 45bind_test fl ok uid root udp 7777 46 47bind_test fl ok gid root tcp 77 48bind_test fl ok gid root tcp 7777 49bind_test fl ok gid root udp 77 50bind_test fl ok gid root udp 7777 51