1*96c8483aSYuri Pankov#!/bin/ksh -p 2*96c8483aSYuri Pankov# 3*96c8483aSYuri Pankov# CDDL HEADER START 4*96c8483aSYuri Pankov# 5*96c8483aSYuri Pankov# The contents of this file are subject to the terms of the 6*96c8483aSYuri Pankov# Common Development and Distribution License (the "License"). 7*96c8483aSYuri Pankov# You may not use this file except in compliance with the License. 8*96c8483aSYuri Pankov# 9*96c8483aSYuri Pankov# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*96c8483aSYuri Pankov# or http://www.opensolaris.org/os/licensing. 11*96c8483aSYuri Pankov# See the License for the specific language governing permissions 12*96c8483aSYuri Pankov# and limitations under the License. 13*96c8483aSYuri Pankov# 14*96c8483aSYuri Pankov# When distributing Covered Code, include this CDDL HEADER in each 15*96c8483aSYuri Pankov# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*96c8483aSYuri Pankov# If applicable, add the following below this CDDL HEADER, with the 17*96c8483aSYuri Pankov# fields enclosed by brackets "[]" replaced with your own identifying 18*96c8483aSYuri Pankov# information: Portions Copyright [yyyy] [name of copyright owner] 19*96c8483aSYuri Pankov# 20*96c8483aSYuri Pankov# CDDL HEADER END 21*96c8483aSYuri Pankov# 22*96c8483aSYuri Pankov 23*96c8483aSYuri Pankov# 24*96c8483aSYuri Pankov# Copyright 2010 Sun Microsystems, Inc. All rights reserved. 25*96c8483aSYuri Pankov# 26*96c8483aSYuri Pankov 27*96c8483aSYuri Pankov# 28*96c8483aSYuri Pankov# ID: acl_004 29*96c8483aSYuri Pankov# 30*96c8483aSYuri Pankov# DESCRIPTION: 31*96c8483aSYuri Pankov# Verify we can modify an ACL (add $TUSER1) 32*96c8483aSYuri Pankov# 33*96c8483aSYuri Pankov# STRATEGY: 34*96c8483aSYuri Pankov# 1. run "mount -F smbfs //$TUSER@..." $TMNT 35*96c8483aSYuri Pankov# 2. run "mount -F smbfs //$TUSER1@..." $TMNT2 36*96c8483aSYuri Pankov# 3. create a file, as $TUSER 37*96c8483aSYuri Pankov# 4. create file2, as $TUSER1 and get owner UID 38*96c8483aSYuri Pankov# 5. chmod A+user:$TUSER1@:rxaRcs::allow file 39*96c8483aSYuri Pankov# 6. verify $TUSER1 ACE is there 40*96c8483aSYuri Pankov# 41*96c8483aSYuri Pankov 42*96c8483aSYuri Pankov. $STF_SUITE/include/libtest.ksh 43*96c8483aSYuri Pankov 44*96c8483aSYuri Pankovtc_id="acl004" 45*96c8483aSYuri Pankovtc_desc="Verify we can modify an ACL (add user ACE)" 46*96c8483aSYuri Pankovprint_test_case $tc_id - $tc_desc 47*96c8483aSYuri Pankov 48*96c8483aSYuri Pankovif [[ $STC_CIFS_CLIENT_DEBUG == 1 ]] || \ 49*96c8483aSYuri Pankov [[ *:${STC_CIFS_CLIENT_DEBUG}:* == *:$tc_id:* ]]; then 50*96c8483aSYuri Pankov set -x 51*96c8483aSYuri Pankovfi 52*96c8483aSYuri Pankov 53*96c8483aSYuri Pankovserver=$(server_name) || return 54*96c8483aSYuri Pankov 55*96c8483aSYuri Pankovsmbmount_clean $TMNT 56*96c8483aSYuri Pankovsmbmount_clean $TMNT2 57*96c8483aSYuri Pankov 58*96c8483aSYuri Pankovsmbmount_init $TMNT 59*96c8483aSYuri Pankovsmbmount_init $TMNT2 60*96c8483aSYuri Pankov 61*96c8483aSYuri Pankov# 1. run "mount -F smbfs //$TUSER@..." $TMNT 62*96c8483aSYuri Pankov 63*96c8483aSYuri Pankovcmd="mount -F smbfs -oacl //$TUSER:$TPASS@$server/public $TMNT" 64*96c8483aSYuri Pankovcti_execute -i '' FAIL $cmd 65*96c8483aSYuri Pankovif [[ $? != 0 ]]; then 66*96c8483aSYuri Pankov cti_fail "FAIL: $cmd" 67*96c8483aSYuri Pankov return 68*96c8483aSYuri Pankovelse 69*96c8483aSYuri Pankov cti_report "PASS: $cmd" 70*96c8483aSYuri Pankovfi 71*96c8483aSYuri Pankov 72*96c8483aSYuri Pankov# Require that the mount supports ACLs 73*96c8483aSYuri Pankovsmbmount_getmntopts $TMNT |grep /acl/ >/dev/null 74*96c8483aSYuri Pankovif [[ $? != 0 ]]; then 75*96c8483aSYuri Pankov smbmount_clean $TMNT 76*96c8483aSYuri Pankov cti_unsupported "UNSUPPORTED (no ACLs in this mount)" 77*96c8483aSYuri Pankov return 78*96c8483aSYuri Pankovfi 79*96c8483aSYuri Pankov 80*96c8483aSYuri Pankov# 2. run "mount -F smbfs //$TUSER1@..." $TMNT2 81*96c8483aSYuri Pankov 82*96c8483aSYuri Pankovcmd="mount -F smbfs -oacl //$TUSER1:$TPASS@$server/public $TMNT2" 83*96c8483aSYuri Pankovcti_execute -i '' FAIL $cmd 84*96c8483aSYuri Pankovif [[ $? != 0 ]]; then 85*96c8483aSYuri Pankov cti_fail "FAIL: $cmd" 86*96c8483aSYuri Pankov smbmount_clean $TMNT 87*96c8483aSYuri Pankov return 88*96c8483aSYuri Pankovelse 89*96c8483aSYuri Pankov cti_report "PASS: $cmd" 90*96c8483aSYuri Pankovfi 91*96c8483aSYuri Pankov 92*96c8483aSYuri Pankov# 3. create a file, as $TUSER 93*96c8483aSYuri Pankov 94*96c8483aSYuri Pankovcmd="cp /etc/passwd $TMNT/$tc_id" 95*96c8483aSYuri Pankovcti_execute_cmd $cmd 96*96c8483aSYuri Pankovif [[ $? != 0 ]]; then 97*96c8483aSYuri Pankov cti_fail "FAIL: $cmd" 98*96c8483aSYuri Pankov smbmount_clean $TMNT 99*96c8483aSYuri Pankov smbmount_clean $TMNT2 100*96c8483aSYuri Pankov return 101*96c8483aSYuri Pankovfi 102*96c8483aSYuri Pankovcmd="ls -V $TMNT/$tc_id" 103*96c8483aSYuri Pankovcti_execute_cmd $cmd 104*96c8483aSYuri Pankovif [[ $? != 0 ]]; then 105*96c8483aSYuri Pankov cti_fail "FAIL: $cmd" 106*96c8483aSYuri Pankov smbmount_clean $TMNT 107*96c8483aSYuri Pankov smbmount_clean $TMNT2 108*96c8483aSYuri Pankov return 109*96c8483aSYuri Pankovfi 110*96c8483aSYuri Pankovtail +2 cti_stdout > acl_save 111*96c8483aSYuri Pankov 112*96c8483aSYuri Pankov# 4. create a file, as $TUSER1 and get owner UID 113*96c8483aSYuri Pankov 114*96c8483aSYuri Pankovcmd="touch $TMNT2/${tc_id}B" 115*96c8483aSYuri Pankovcti_execute_cmd $cmd 116*96c8483aSYuri Pankovif [[ $? != 0 ]]; then 117*96c8483aSYuri Pankov cti_fail "FAIL: $cmd" 118*96c8483aSYuri Pankov smbmount_clean $TMNT 119*96c8483aSYuri Pankov smbmount_clean $TMNT2 120*96c8483aSYuri Pankov return 121*96c8483aSYuri Pankovfi 122*96c8483aSYuri Pankovcmd="ls -V $TMNT/${tc_id}B" 123*96c8483aSYuri Pankovcti_execute_cmd $cmd 124*96c8483aSYuri Pankovif [[ $? != 0 ]]; then 125*96c8483aSYuri Pankov cti_fail "FAIL: $cmd" 126*96c8483aSYuri Pankov smbmount_clean $TMNT 127*96c8483aSYuri Pankov smbmount_clean $TMNT2 128*96c8483aSYuri Pankov return 129*96c8483aSYuri Pankovfi 130*96c8483aSYuri Pankov# Get the ephemereal UID and GID for $TUSER1 131*96c8483aSYuri Pankovread mode cnt uid gid junk < cti_stdout 132*96c8483aSYuri Pankovcti_execute_cmd "rm $TMNT2/${tc_id}B" 133*96c8483aSYuri Pankov 134*96c8483aSYuri Pankov# 5. chmod A+user:$TUSER1@:rxaRcs::allow file 135*96c8483aSYuri Pankov 136*96c8483aSYuri Pankovcmd="chmod A+user:${uid}:rxaRcs::allow $TMNT/$tc_id" 137*96c8483aSYuri Pankovcti_execute_cmd $cmd 138*96c8483aSYuri Pankovif [[ $? != 0 ]]; then 139*96c8483aSYuri Pankov cti_fail "FAIL: $cmd" 140*96c8483aSYuri Pankov smbmount_clean $TMNT 141*96c8483aSYuri Pankov smbmount_clean $TMNT2 142*96c8483aSYuri Pankov return 143*96c8483aSYuri Pankovfi 144*96c8483aSYuri Pankov 145*96c8483aSYuri Pankov# 6. verify $TUSER1 ACE is there 146*96c8483aSYuri Pankov 147*96c8483aSYuri Pankovcmd="ls -V $TMNT/$tc_id" 148*96c8483aSYuri Pankovcti_execute_cmd $cmd 149*96c8483aSYuri Pankovif [[ $? != 0 ]]; then 150*96c8483aSYuri Pankov cti_fail "FAIL: $cmd" 151*96c8483aSYuri Pankov smbmount_clean $TMNT 152*96c8483aSYuri Pankov smbmount_clean $TMNT2 153*96c8483aSYuri Pankov return 154*96c8483aSYuri Pankovfi 155*96c8483aSYuri Pankovtail +2 cti_stdout > acl_test 156*96c8483aSYuri Pankov 157*96c8483aSYuri Pankov# The new ACL should be different... 158*96c8483aSYuri Pankovcmd="diff acl_save acl_test" 159*96c8483aSYuri Pankovcti_execute_cmd $cmd 160*96c8483aSYuri Pankovif [[ $? == 0 ]]; then 161*96c8483aSYuri Pankov cti_fail "FAIL: ACL should have changed" 162*96c8483aSYuri Pankov smbmount_clean $TMNT 163*96c8483aSYuri Pankov smbmount_clean $TMNT2 164*96c8483aSYuri Pankov return 165*96c8483aSYuri Pankovfi 166*96c8483aSYuri Pankov 167*96c8483aSYuri Pankov# The new ACL should contain $uid 168*96c8483aSYuri Pankovgrep " user:${uid}:" acl_test >/dev/null 169*96c8483aSYuri Pankovif [[ $? != 0 ]]; then 170*96c8483aSYuri Pankov cti_fail "FAIL: did not find new ACE" 171*96c8483aSYuri Pankov smbmount_clean $TMNT 172*96c8483aSYuri Pankov smbmount_clean $TMNT2 173*96c8483aSYuri Pankov return 174*96c8483aSYuri Pankovfi 175*96c8483aSYuri Pankov 176*96c8483aSYuri Pankovcti_execute_cmd "rm $TMNT/$tc_id" 177*96c8483aSYuri Pankovsmbmount_clean $TMNT 178*96c8483aSYuri Pankovsmbmount_clean $TMNT2 179*96c8483aSYuri Pankov 180*96c8483aSYuri Pankovcti_pass "${tc_id}: PASS" 181