1d583b39bSJohn Wren Kennedy#!/bin/ksh -p 2d583b39bSJohn Wren Kennedy# 3d583b39bSJohn Wren Kennedy# CDDL HEADER START 4d583b39bSJohn Wren Kennedy# 5d583b39bSJohn Wren Kennedy# The contents of this file are subject to the terms of the 6d583b39bSJohn Wren Kennedy# Common Development and Distribution License (the "License"). 7d583b39bSJohn Wren Kennedy# You may not use this file except in compliance with the License. 8d583b39bSJohn Wren Kennedy# 9d583b39bSJohn Wren Kennedy# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10d583b39bSJohn Wren Kennedy# or http://www.opensolaris.org/os/licensing. 11d583b39bSJohn Wren Kennedy# See the License for the specific language governing permissions 12d583b39bSJohn Wren Kennedy# and limitations under the License. 13d583b39bSJohn Wren Kennedy# 14d583b39bSJohn Wren Kennedy# When distributing Covered Code, include this CDDL HEADER in each 15d583b39bSJohn Wren Kennedy# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16d583b39bSJohn Wren Kennedy# If applicable, add the following below this CDDL HEADER, with the 17d583b39bSJohn Wren Kennedy# fields enclosed by brackets "[]" replaced with your own identifying 18d583b39bSJohn Wren Kennedy# information: Portions Copyright [yyyy] [name of copyright owner] 19d583b39bSJohn Wren Kennedy# 20d583b39bSJohn Wren Kennedy# CDDL HEADER END 21d583b39bSJohn Wren Kennedy# 22d583b39bSJohn Wren Kennedy 23d583b39bSJohn Wren Kennedy# 24d583b39bSJohn Wren Kennedy# Copyright 2008 Sun Microsystems, Inc. All rights reserved. 25d583b39bSJohn Wren Kennedy# Use is subject to license terms. 26d583b39bSJohn Wren Kennedy# 27d583b39bSJohn Wren Kennedy 28d583b39bSJohn Wren Kennedy# 29d583b39bSJohn Wren Kennedy# Copyright (c) 2012 by Delphix. All rights reserved. 30*327848f9SYuri Pankov# Copyright 2016 Nexenta Systems, Inc. 31d583b39bSJohn Wren Kennedy# 32d583b39bSJohn Wren Kennedy 33d583b39bSJohn Wren Kennedy. $STF_SUITE/tests/functional/acl/acl_common.kshlib 34d583b39bSJohn Wren Kennedy. $STF_SUITE/tests/functional/acl/cifs/cifs.kshlib 35d583b39bSJohn Wren Kennedy 36d583b39bSJohn Wren Kennedy# 37d583b39bSJohn Wren Kennedy# DESCRIPTION: 38d583b39bSJohn Wren Kennedy# Verify the user with PRIV_FILE_FLAG_SET/PRIV_FILE_FLAG_CLEAR 39d583b39bSJohn Wren Kennedy# could set/clear BSD'ish attributes. 40d583b39bSJohn Wren Kennedy# (Immutable, nounlink, and appendonly) 41d583b39bSJohn Wren Kennedy# 42d583b39bSJohn Wren Kennedy# STRATEGY: 43d583b39bSJohn Wren Kennedy# 1. Loop super user and non-super user to run the test case. 44d583b39bSJohn Wren Kennedy# 2. Create basedir and a set of subdirectores and files within it. 45d583b39bSJohn Wren Kennedy# 3. Grant user has PRIV_FILE_FLAG_SET/PRIV_FILE_FLAG_CLEAR separately. 46d583b39bSJohn Wren Kennedy# 4. Verify set/clear BSD'ish attributes should succeed. 47d583b39bSJohn Wren Kennedy# 48d583b39bSJohn Wren Kennedy 49d583b39bSJohn Wren Kennedyverify_runnable "global" 50d583b39bSJohn Wren Kennedy 51d583b39bSJohn Wren Kennedyfunction cleanup 52d583b39bSJohn Wren Kennedy{ 53*327848f9SYuri Pankov $RM -rf $mntpt/file $mntpt/dir >/dev/null 2>&1 54d583b39bSJohn Wren Kennedy 55d583b39bSJohn Wren Kennedy log_must $CP $orig_user_attr /etc/user_attr 56d583b39bSJohn Wren Kennedy log_must $RM -f $orig_user_attr 57d583b39bSJohn Wren Kennedy} 58d583b39bSJohn Wren Kennedy 59d583b39bSJohn Wren Kennedyfunction try 60d583b39bSJohn Wren Kennedy{ 61d583b39bSJohn Wren Kennedy typeset obj=$1 # The file or dir to operate on 62d583b39bSJohn Wren Kennedy typeset attr=$2 # The attribute to set or clear 63d583b39bSJohn Wren Kennedy typeset user=$3 # The user to run the command as 64d583b39bSJohn Wren Kennedy typeset priv=$4 # What privilege to run with if non-root 65d583b39bSJohn Wren Kennedy typeset op=$5 # Whether to set or clear the attribute 66d583b39bSJohn Wren Kennedy 67d583b39bSJohn Wren Kennedy typeset cmd="$CHMOD $op$attr $obj" 68d583b39bSJohn Wren Kennedy 69d583b39bSJohn Wren Kennedy # 70d583b39bSJohn Wren Kennedy # No one can add 'q' (av_quarantine) to a directory. root can do 71d583b39bSJohn Wren Kennedy # anything else. A regular user can remove no attributes without the 72d583b39bSJohn Wren Kennedy # 'all' privilege, and can add attributes (other than 'q' on a 73d583b39bSJohn Wren Kennedy # directory) with the 'file_flag_set' or 'all' privileges. 74d583b39bSJohn Wren Kennedy # 75d583b39bSJohn Wren Kennedy if [[ $user == 'root' ]]; then 76d583b39bSJohn Wren Kennedy if [[ $attr =~ 'q' && -d $obj && $op == $add ]]; then 77d583b39bSJohn Wren Kennedy log_mustnot $cmd 78d583b39bSJohn Wren Kennedy else 79d583b39bSJohn Wren Kennedy log_must $cmd 80d583b39bSJohn Wren Kennedy fi 81d583b39bSJohn Wren Kennedy else 82d583b39bSJohn Wren Kennedy if [[ $attr =~ 'q' && -d $obj && $op == $add ]]; then 83d583b39bSJohn Wren Kennedy log_mustnot $SU $user -c "$cmd" 84d583b39bSJohn Wren Kennedy else 85d583b39bSJohn Wren Kennedy if [[ $op == $add ]]; then 86d583b39bSJohn Wren Kennedy if [[ -n $priv ]]; then 87d583b39bSJohn Wren Kennedy log_must $SU $user -c "$cmd" 88d583b39bSJohn Wren Kennedy else 89d583b39bSJohn Wren Kennedy log_mustnot $SU $user -c "$cmd" 90d583b39bSJohn Wren Kennedy fi 91d583b39bSJohn Wren Kennedy else 92d583b39bSJohn Wren Kennedy if [[ $attr = 'q' && -d $obj ]]; then 93d583b39bSJohn Wren Kennedy log_must $SU $user -c "$cmd" 94d583b39bSJohn Wren Kennedy elif [[ $priv =~ 'all' ]]; then 95d583b39bSJohn Wren Kennedy log_must $SU $user -c "$cmd" 96d583b39bSJohn Wren Kennedy else 97d583b39bSJohn Wren Kennedy log_mustnot $SU $user -c "$cmd" 98d583b39bSJohn Wren Kennedy # 99d583b39bSJohn Wren Kennedy # Remove the attribute, so the next 100d583b39bSJohn Wren Kennedy # iteration starts with a known state. 101d583b39bSJohn Wren Kennedy # 102d583b39bSJohn Wren Kennedy log_must $cmd 103d583b39bSJohn Wren Kennedy fi 104d583b39bSJohn Wren Kennedy fi 105d583b39bSJohn Wren Kennedy fi 106d583b39bSJohn Wren Kennedy fi 107d583b39bSJohn Wren Kennedy 108d583b39bSJohn Wren Kennedy 109d583b39bSJohn Wren Kennedy # Can't add av_quarantine to a directory, so don't check for that 110d583b39bSJohn Wren Kennedy [[ $attr == 'q' && $op == $add && -d $obj ]] && return 111d583b39bSJohn Wren Kennedy chk_attr $op $obj $attr 112d583b39bSJohn Wren Kennedy} 113d583b39bSJohn Wren Kennedy 114d583b39bSJohn Wren Kennedyfunction chk_attr 115d583b39bSJohn Wren Kennedy{ 116d583b39bSJohn Wren Kennedy typeset op=$1 117d583b39bSJohn Wren Kennedy typeset obj=$2 118d583b39bSJohn Wren Kennedy typeset attr=$3 119d583b39bSJohn Wren Kennedy 120d583b39bSJohn Wren Kennedy # Extract the attribute string - just the text inside the braces 121d583b39bSJohn Wren Kennedy typeset attrstr="$($LS -d/ c $obj | $SED '1d; s/.*{\(.*\)}.*/\1/g')" 122d583b39bSJohn Wren Kennedy 123d583b39bSJohn Wren Kennedy if [[ $op == $add ]]; then 124d583b39bSJohn Wren Kennedy [[ $attrstr =~ $attr ]] || log_fail "$op $attr -> $attrstr" 125d583b39bSJohn Wren Kennedy else 126d583b39bSJohn Wren Kennedy [[ $attrstr =~ $attr ]] && log_fail "$op $attr -> $attrstr" 127d583b39bSJohn Wren Kennedy fi 128d583b39bSJohn Wren Kennedy} 129d583b39bSJohn Wren Kennedy 130d583b39bSJohn Wren Kennedy# 131d583b39bSJohn Wren Kennedy# Grant the privset to the given user 132d583b39bSJohn Wren Kennedy# 133d583b39bSJohn Wren Kennedy# $1: The given user 134d583b39bSJohn Wren Kennedy# $2: The given privset 135d583b39bSJohn Wren Kennedy# 136d583b39bSJohn Wren Kennedyfunction grant_priv 137d583b39bSJohn Wren Kennedy{ 138d583b39bSJohn Wren Kennedy typeset user=$1 139d583b39bSJohn Wren Kennedy typeset priv=$2 140d583b39bSJohn Wren Kennedy 141d583b39bSJohn Wren Kennedy if [[ -z $user || -z $priv ]]; then 142d583b39bSJohn Wren Kennedy log_fail "User($user), Priv($priv) not defined." 143d583b39bSJohn Wren Kennedy fi 144d583b39bSJohn Wren Kennedy 145d583b39bSJohn Wren Kennedy priv_mod=",$priv" 146d583b39bSJohn Wren Kennedy 147d583b39bSJohn Wren Kennedy # If we're root, don't modify /etc/user_attr 148d583b39bSJohn Wren Kennedy [[ $user == 'root' ]] && return 0 149d583b39bSJohn Wren Kennedy 150d583b39bSJohn Wren Kennedy $ECHO "$user::::type=normal;defaultpriv=basic$priv_mod" >> \ 151d583b39bSJohn Wren Kennedy /etc/user_attr 152d583b39bSJohn Wren Kennedy return $? 153d583b39bSJohn Wren Kennedy} 154d583b39bSJohn Wren Kennedy 155d583b39bSJohn Wren Kennedy# 156d583b39bSJohn Wren Kennedy# Revoke the all additional privset from the given user 157d583b39bSJohn Wren Kennedy# 158d583b39bSJohn Wren Kennedy# $1: The given user 159d583b39bSJohn Wren Kennedy# 160d583b39bSJohn Wren Kennedyfunction reset_privs 161d583b39bSJohn Wren Kennedy{ 162d583b39bSJohn Wren Kennedy typeset user=$1 163d583b39bSJohn Wren Kennedy 164d583b39bSJohn Wren Kennedy if [[ -z $user ]]; then 165d583b39bSJohn Wren Kennedy log_fail "User not defined." 166d583b39bSJohn Wren Kennedy fi 167d583b39bSJohn Wren Kennedy 168d583b39bSJohn Wren Kennedy priv_mod= 169d583b39bSJohn Wren Kennedy 170d583b39bSJohn Wren Kennedy $CP $orig_user_attr /etc/user_attr || log_fail "Couldn't modify user_attr" 171d583b39bSJohn Wren Kennedy return 0 172d583b39bSJohn Wren Kennedy} 173d583b39bSJohn Wren Kennedy 174d583b39bSJohn Wren Kennedylog_assert "Verify set/clear BSD'ish attributes will succeed while user has " \ 175d583b39bSJohn Wren Kennedy "file_flag_set or all privilege" 176d583b39bSJohn Wren Kennedylog_onexit cleanup 177d583b39bSJohn Wren Kennedy 178d583b39bSJohn Wren Kennedyadd='S+c' 179d583b39bSJohn Wren Kennedydel='S-c' 180d583b39bSJohn Wren Kennedymntpt=$(get_prop mountpoint $TESTPOOL/$TESTFS) 181d583b39bSJohn Wren Kennedyorig_user_attr="/tmp/user_attr.$$" 182d583b39bSJohn Wren Kennedyattributes="u i a d q m" 183d583b39bSJohn Wren Kennedy 184d583b39bSJohn Wren Kennedylog_must $CP /etc/user_attr $orig_user_attr 185d583b39bSJohn Wren Kennedy 186d583b39bSJohn Wren Kennedyfor owner in root $ZFS_ACL_STAFF1 $ZFS_ACL_STAFF2; do 187d583b39bSJohn Wren Kennedy $TOUCH $mntpt/file || log_fail "Failed to create $mntpt/file" 188d583b39bSJohn Wren Kennedy $MKDIR $mntpt/dir || log_fail "Failed to mkdir $mntpt/dir" 189d583b39bSJohn Wren Kennedy $CHOWN $owner $mntpt/file $mntpt/dir || log_fail "Failed to chown file" 190d583b39bSJohn Wren Kennedy for user in 'root' $ZFS_ACL_STAFF2; do 191d583b39bSJohn Wren Kennedy for attr in $attributes; do 192d583b39bSJohn Wren Kennedy for priv in 'file_flag_set' 'all'; do 193d583b39bSJohn Wren Kennedy log_note "Trying $owner $user $attr $priv" 194d583b39bSJohn Wren Kennedy grant_priv $user $priv 195d583b39bSJohn Wren Kennedy try $mntpt/file $attr $user $priv $add 196d583b39bSJohn Wren Kennedy try $mntpt/file $attr $user $priv $del 197d583b39bSJohn Wren Kennedy try $mntpt/dir $attr $user $priv $add 198d583b39bSJohn Wren Kennedy try $mntpt/dir $attr $user $priv $del 199d583b39bSJohn Wren Kennedy reset_privs $user 200d583b39bSJohn Wren Kennedy done 201d583b39bSJohn Wren Kennedy done 202d583b39bSJohn Wren Kennedy done 203d583b39bSJohn Wren Kennedy $RM -rf $mntpt/file $mntpt/dir || log_fail \ 204d583b39bSJohn Wren Kennedy "$($LS -d/ c $mntpt/file $mntpt/dir)" 205d583b39bSJohn Wren Kennedydone 206d583b39bSJohn Wren Kennedy 207d583b39bSJohn Wren Kennedylog_pass "Set/Clear BSD'ish attributes succeed while user has " \ 208d583b39bSJohn Wren Kennedy "PRIV_FILE_FLAG_SET/PRIV_FILE_FLAG_CLEAR privilege" 209