Date: Thu, 8 Feb 2018 22:34:37 +0000 (UTC) From: Alan Somers <asomers@FreeBSD.org> To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r329047 - in projects/zfsd/head: etc/mtree tests/sys/cddl/zfs/tests/delegate tests/sys/cddl/zfs/tests/delegate/zfs_allow tests/sys/cddl/zfs/tests/delegate/zfs_unallow Message-ID: <201802082234.w18MYbCB004738@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: asomers Date: Thu Feb 8 22:34:37 2018 New Revision: 329047 URL: https://svnweb.freebsd.org/changeset/base/329047 Log: Collapse the ZFS delegate tests into a single directory Sponsored by: Spectra Logic Corp Added: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_001_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_001_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_002_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_002_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_003_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_003_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_004_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_004_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_005_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_005_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_006_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_006_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_007_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_007_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_008_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_008_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_009_neg.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_009_neg.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_010_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_010_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_011_neg.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_011_neg.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_012_neg.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_012_neg.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_test.sh - copied, changed from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_test.sh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_001_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow/zfs_unallow_001_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_002_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow/zfs_unallow_002_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_003_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow/zfs_unallow_003_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_004_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow/zfs_unallow_004_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_005_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow/zfs_unallow_005_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_006_pos.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow/zfs_unallow_006_pos.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_007_neg.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow/zfs_unallow_007_neg.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_008_neg.ksh - copied unchanged from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow/zfs_unallow_008_neg.ksh projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_test.sh - copied, changed from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow/zfs_unallow_test.sh Deleted: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_unallow/ Modified: projects/zfsd/head/etc/mtree/BSD.tests.dist projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/Makefile Modified: projects/zfsd/head/etc/mtree/BSD.tests.dist ============================================================================== --- projects/zfsd/head/etc/mtree/BSD.tests.dist Thu Feb 8 22:09:46 2018 (r329046) +++ projects/zfsd/head/etc/mtree/BSD.tests.dist Thu Feb 8 22:34:37 2018 (r329047) @@ -558,10 +558,6 @@ ctime .. delegate - zfs_allow - .. - zfs_unallow - .. .. devices .. Modified: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/Makefile ============================================================================== --- projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/Makefile Thu Feb 8 22:09:46 2018 (r329046) +++ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/Makefile Thu Feb 8 22:34:37 2018 (r329047) @@ -6,12 +6,33 @@ PACKAGE=tests TESTSDIR=${TESTSBASE}/sys/cddl/zfs/tests/delegate FILESDIR=${TESTSDIR} +ATF_TESTS_KSH93+= zfs_allow_test +ATF_TESTS_KSH93+= zfs_unallow_test + +${PACKAGE}FILES+= cleanup.ksh +${PACKAGE}FILES+= cleanup.ksh ${PACKAGE}FILES+= delegate.cfg ${PACKAGE}FILES+= delegate_common.kshlib -${PACKAGE}FILES+= cleanup.ksh ${PACKAGE}FILES+= setup.ksh - -TESTS_SUBDIRS+= zfs_allow -TESTS_SUBDIRS+= zfs_unallow +${PACKAGE}FILES+= zfs_allow_001_pos.ksh +${PACKAGE}FILES+= zfs_allow_002_pos.ksh +${PACKAGE}FILES+= zfs_allow_003_pos.ksh +${PACKAGE}FILES+= zfs_allow_004_pos.ksh +${PACKAGE}FILES+= zfs_allow_005_pos.ksh +${PACKAGE}FILES+= zfs_allow_006_pos.ksh +${PACKAGE}FILES+= zfs_allow_007_pos.ksh +${PACKAGE}FILES+= zfs_allow_008_pos.ksh +${PACKAGE}FILES+= zfs_allow_009_neg.ksh +${PACKAGE}FILES+= zfs_allow_010_pos.ksh +${PACKAGE}FILES+= zfs_allow_011_neg.ksh +${PACKAGE}FILES+= zfs_allow_012_neg.ksh +${PACKAGE}FILES+= zfs_unallow_001_pos.ksh +${PACKAGE}FILES+= zfs_unallow_002_pos.ksh +${PACKAGE}FILES+= zfs_unallow_003_pos.ksh +${PACKAGE}FILES+= zfs_unallow_004_pos.ksh +${PACKAGE}FILES+= zfs_unallow_005_pos.ksh +${PACKAGE}FILES+= zfs_unallow_006_pos.ksh +${PACKAGE}FILES+= zfs_unallow_007_neg.ksh +${PACKAGE}FILES+= zfs_unallow_008_neg.ksh .include <bsd.test.mk> Copied: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_001_pos.ksh (from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_001_pos.ksh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_001_pos.ksh Thu Feb 8 22:34:37 2018 (r329047, copy of r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_001_pos.ksh) @@ -0,0 +1,117 @@ +#!/usr/local/bin/ksh93 -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2008 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "@(#)zfs_allow_001_pos.ksh 1.3 08/11/03 SMI" +# + +. $STF_SUITE/tests/delegate/delegate_common.kshlib + +################################################################################# +# +# __stc_assertion_start +# +# ID: zfs_allow_001_pos +# +# DESCRIPTION: +# "everyone" is interpreted as the keyword "everyone" whatever the same +# name user or group is existing. +# +# STRATEGY: +# 1. Create user 'everyone'. +# 2. Verify 'everyone' is interpreted as keywords. +# 3. Create group 'everyone'. +# 4. Verify 'everyone' is interpreted as keywords. +# +# TESTABILITY: explicit +# +# TEST_AUTOMATION_LEVEL: automated +# +# CODING_STATUS: COMPLETED (2006-09-14) +# +# __stc_assertion_end +# +################################################################################ + +verify_runnable "both" + +function cleanup +{ + if [[ $user_added == "TRUE" ]] ; then + del_user everyone + fi + if [[ $group_added == "TRUE" ]] ; then + del_group everyone + fi + + restore_root_datasets +} + +log_assert "everyone' is interpreted as a keyword even if a user " \ + "or group named 'everyone' exists." +log_onexit cleanup + +eval set -A dataset $DATASETS +enc=$(get_prop encryption $dataset) +if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then + typeset perms="snapshot,reservation,compression,send,allow,\ +userprop" +else + typeset perms="snapshot,reservation,compression,checksum,\ +send,allow,userprop" +fi + +log_note "Create a user called 'everyone'." +if ! $ID everyone > /dev/null 2>&1; then + user_added="TRUE" + log_must $USERADD everyone +fi +for dtst in $DATASETS ; do + log_must $ZFS allow everyone $perms $dtst + log_must verify_perm $dtst $perms $EVERYONE "everyone" +done +log_must restore_root_datasets +if [[ $user_added == "TRUE" ]]; then + log_must $USERDEL everyone +fi + +log_note "Created a group called 'everyone'." +if ! $CAT /etc/group | $AWK -F: '{print $1}' | \ + $GREP -w 'everyone' > /dev/null 2>&1 +then + group_added="TRUE" + log_must $GROUPADD everyone +fi + +for dtst in $DATASETS ; do + log_must $ZFS allow everyone $perms $dtst + log_must verify_perm $dtst $perms $EVERYONE +done +log_must restore_root_datasets +if [[ $group_added == "TRUE" ]]; then + log_must $GROUPDEL everyone +fi + +log_pass "everyone is always interpreted as keyword passed." Copied: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_002_pos.ksh (from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_002_pos.ksh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_002_pos.ksh Thu Feb 8 22:34:37 2018 (r329047, copy of r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_002_pos.ksh) @@ -0,0 +1,98 @@ +#!/usr/local/bin/ksh93 -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2008 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "@(#)zfs_allow_002_pos.ksh 1.3 08/11/03 SMI" +# + +. $STF_SUITE/tests/delegate/delegate_common.kshlib + +################################################################################# +# +# __stc_assertion_start +# +# ID: zfs_allow_002_pos +# +# DESCRIPTION: +# <user|group> argument is interpreted as a user if possible, then as a group as +# possible. +# +# STRATEGY: +# 1. Create user $STAFF_GROUP +# 2. Delegate permissions to $STAFF_GROUP +# 3. Verify user $STAFF_GROUP has the permissions. +# 4. Delete user $STAFF_GROUP and allow the permission to $STAFF_GROUP +# 5. Verify $STAFF_GROUP is interpreted as group. +# +# TESTABILITY: explicit +# +# TEST_AUTOMATION_LEVEL: automated +# +# CODING_STATUS: COMPLETED (2006-09-14) +# +# __stc_assertion_end +# +################################################################################ + +verify_runnable "both" + +function cleanup +{ + if $ID $STAFF_GROUP > /dev/null 2>&1; then + log_must del_user $STAFF_GROUP + fi + + restore_root_datasets +} + +log_assert "<user|group> is interpreted as user if possible, then as group." +log_onexit cleanup + +eval set -A dataset $DATASETS +enc=$(get_prop encryption $dataset) +if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then + typeset perms="snapshot,reservation,compression,send,allow,\ +userprop" +else + typeset perms="snapshot,reservation,compression,checksum,\ +send,allow,userprop" +fi + +log_must $USERADD $STAFF_GROUP +for dtst in $DATASETS ; do + log_must $ZFS allow $STAFF_GROUP $perms $dtst + log_must verify_perm $dtst $perms $STAFF_GROUP + log_must verify_noperm $dtst $perms $STAFF1 $STAFF2 +done + +log_must restore_root_datasets + +log_must del_user $STAFF_GROUP +for dtst in $datasets ; do + log_must $ZFS allow $STAFF_GROUP $perms $dtst + log_must verify_perm $dtst $perms $STAFF1 $STAFF2 +done + +log_pass "<user|group> is interpreted as user if possible, then as group passed." Copied: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_003_pos.ksh (from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_003_pos.ksh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_003_pos.ksh Thu Feb 8 22:34:37 2018 (r329047, copy of r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_003_pos.ksh) @@ -0,0 +1,116 @@ +#!/usr/local/bin/ksh93 -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2009 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "@(#)zfs_allow_003_pos.ksh 1.4 09/08/06 SMI" +# + +. $STF_SUITE/tests/delegate/delegate_common.kshlib + +################################################################################# +# +# __stc_assertion_start +# +# ID: zfs_allow_003_pos +# +# DESCRIPTION: +# Verify option '-l' only allow permission to the dataset itself. +# +# STRATEGY: +# 1. Create descendent datasets of $ROOT_TESTFS +# 2. Select user, group and everyone and set local permission separately. +# 3. Set locally permissions to $ROOT_TESTFS or $ROOT_TESTVOL. +# 4. Verify the permissions are only allow on $ROOT_TESTFS or +# $ROOT_TESTVOL. +# +# TESTABILITY: explicit +# +# TEST_AUTOMATION_LEVEL: automated +# +# CODING_STATUS: COMPLETED (2006-09-19) +# +# __stc_assertion_end +# +################################################################################ + +verify_runnable "both" + +log_assert "Verify option '-l' only allow permission to the dataset itself." +log_onexit restore_root_datasets + +childfs=$ROOT_TESTFS/childfs + +eval set -A dataset $DATASETS +enc=$(get_prop encryption $dataset) +if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then + typeset perms="snapshot,reservation,compression,allow,\ +userprop" +else + typeset perms="snapshot,reservation,compression,checksum,\ +allow,userprop" +fi + +if check_version "5.10" ; then + perms="${perms},send" +fi + +log_must $ZFS create $childfs + +for dtst in $DATASETS ; do + log_must $ZFS allow -l $STAFF1 $perms $dtst + log_must verify_perm $dtst $perms $STAFF1 + if [[ $dtst == $ROOT_TESTFS ]] ; then + log_must verify_noperm $childfs $perms \ + $STAFF1 $STAFF2 $OTHER1 $OTHER2 + fi +done + +log_must restore_root_datasets + +log_must $ZFS create $childfs +for dtst in $DATASETS ; do + log_must $ZFS allow -l -g $STAFF_GROUP $perms $dtst + log_must verify_perm $dtst $perms $STAFF1 $STAFF2 + if [[ $dtst == $ROOT_TESTFS ]] ; then + log_must verify_noperm $childfs $perms \ + $STAFF1 $STAFF2 $OTHER1 $OTHER2 + fi +done + +log_must restore_root_datasets + +log_must $ZFS create $childfs +for dtst in $DATASETS ; do + log_must $ZFS allow -l -e $perms $dtst + log_must verify_perm $dtst $perms $STAFF1 $STAFF2 $OTHER1 $OTHER2 + if [[ $dtst == $ROOT_TESTFS ]] ; then + log_must verify_noperm $childfs $perms \ + $STAFF1 $STAFF2 $OTHER1 $OTHER2 + fi +done + +log_must restore_root_datasets + +log_pass "Verify option '-l' only allow permission to the dataset itself pass." Copied: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_004_pos.ksh (from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_004_pos.ksh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_004_pos.ksh Thu Feb 8 22:34:37 2018 (r329047, copy of r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_004_pos.ksh) @@ -0,0 +1,119 @@ +#!/usr/local/bin/ksh93 -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2009 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "@(#)zfs_allow_004_pos.ksh 1.4 09/08/06 SMI" +# + +. $STF_SUITE/tests/delegate/delegate_common.kshlib + +################################################################################# +# +# __stc_assertion_start +# +# ID: zfs_allow_004_pos +# +# DESCRIPTION: +# Verify option '-d' allow permission to the descendent datasets, and not +# for this dataset itself. +# +# STRATEGY: +# 1. Create descendent datasets of $ROOT_TESTFS +# 2. Select user, group and everyone and set descendent permission +# separately. +# 3. Set descendent permissions to $ROOT_TESTFS or $ROOT_TESTVOL. +# 4. Verify those permissions are allowed to $ROOT_TESTFS's +# descendent dataset. +# 5. Verify the permissions are not allowed to $ROOT_TESTFS or +# $ROOT_TESTVOL. +# +# TESTABILITY: explicit +# +# TEST_AUTOMATION_LEVEL: automated +# +# CODING_STATUS: COMPLETED (2006-09-18) +# +# __stc_assertion_end +# +################################################################################ + +verify_runnable "both" + +log_assert "Verify option '-d' allow permission to the descendent datasets." +log_onexit restore_root_datasets + +childfs=$ROOT_TESTFS/childfs + +eval set -A dataset $DATASETS +enc=$(get_prop encryption $dataset) +if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then + typeset perms="snapshot,reservation,compression,allow,\ +userprop" +else + typeset perms="snapshot,reservation,compression,checksum,\ +allow,userprop" +fi + +if check_version "5.10" ; then + perms="${perms},send" +fi + +# Verify option '-d' only affect sub-datasets +log_must $ZFS create $childfs +for dtst in $DATASETS ; do + log_must $ZFS allow -d $STAFF1 $perms $dtst + log_must verify_noperm $dtst $perms $STAFF1 + if [[ $dtst == $ROOT_TESTFS ]]; then + log_must verify_perm $childfs $perms $STAFF1 + fi +done + +log_must restore_root_datasets + +# Verify option '-d + -g' affect group in sub-datasets. +log_must $ZFS create $childfs +for dtst in $DATASETS ; do + log_must $ZFS allow -d -g $STAFF_GROUP $perms $dtst + log_must verify_noperm $dtst $perms $STAFF2 + if [[ $dtst == $ROOT_TESTFS ]]; then + log_must verify_perm $childfs $perms $STAFF2 + fi +done + +log_must restore_root_datasets + +# Verify option '-d + -e' affect everyone in sub-datasets. +log_must $ZFS create $childfs +for dtst in $DATASETS ; do + log_must $ZFS allow -d -e $perms $dtst + log_must verify_noperm $dtst $perms $OTHER1 $OTHER2 + if [[ $dtst == $ROOT_TESTFS ]]; then + log_must verify_perm $childfs $perms $OTHER1 $OTHER2 + fi +done + +log_must restore_root_datasets + +log_pass "Verify option '-d' allow permission to the descendent datasets pass." Copied: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_005_pos.ksh (from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_005_pos.ksh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_005_pos.ksh Thu Feb 8 22:34:37 2018 (r329047, copy of r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_005_pos.ksh) @@ -0,0 +1,101 @@ +#!/usr/local/bin/ksh93 -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2009 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "@(#)zfs_allow_005_pos.ksh 1.4 09/08/06 SMI" +# + +. $STF_SUITE/tests/delegate/delegate_common.kshlib + +################################################################################# +# +# __stc_assertion_start +# +# ID: zfs_allow_005_pos +# +# DESCRIPTION: +# Verify option '-c' will be granted locally to the creator on any +# newly-created descendent file systems. +# +# STRATEGY: +# 1. Allow create permissions to everyone on $ROOT_TESTFS locally. +# 2. Allow '-c' create to $ROOT_TESTFS. +# 3. chmod 777 the mountpoint of $ROOT_TESTFS +# 4. Verify only creator can create descendent dataset on +# $ROOT_TESTFS/$user. +# +# TESTABILITY: explicit +# +# TEST_AUTOMATION_LEVEL: automated +# +# CODING_STATUS: COMPLETED (2006-09-19) +# +# __stc_assertion_end +# +################################################################################ + +verify_runnable "both" + +log_assert "Verify option '-c' will be granted locally to the creator." +log_onexit restore_root_datasets + +eval set -A dataset $DATASETS +enc=$(get_prop encryption $dataset) +if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then + typeset perms="snapshot,reservation,compression,allow,\ +userprop" +else + typeset perms="snapshot,reservation,compression,checksum,\ +allow,userprop" +fi + +if check_version "5.10" ; then + perms="${perms},send" +fi + +log_must $ZFS allow -l everyone create,mount $ROOT_TESTFS +log_must $ZFS allow -c $perms $ROOT_TESTFS + +mntpnt=$(get_prop mountpoint $ROOT_TESTFS) +log_must $CHMOD 777 $mntpnt + +for user in $EVERYONE; do + childfs=$ROOT_TESTFS/$user + + user_run $user $ZFS create $childfs + + for other in $EVERYONE; do + # + # Verify only the creator has the $perm time permissions. + # + if [[ $other == $user ]]; then + log_must verify_perm $childfs $perms $user + else + log_must verify_noperm $childfs $perms $other + fi + done +done + +log_pass "Verify option '-c' will be granted locally to the creator passed." Copied: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_006_pos.ksh (from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_006_pos.ksh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_006_pos.ksh Thu Feb 8 22:34:37 2018 (r329047, copy of r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_006_pos.ksh) @@ -0,0 +1,89 @@ +#!/usr/local/bin/ksh93 -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2008 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "@(#)zfs_allow_006_pos.ksh 1.2 08/11/03 SMI" +# + +. $STF_SUITE/tests/delegate/delegate_common.kshlib + +################################################################################# +# +# __stc_assertion_start +# +# ID: zfs_allow_006_pos +# +# DESCRIPTION: +# Changing permissions in a set will change what is allowed wherever the +# set is used. +# +# STRATEGY: +# 1. Set create as set @basic. +# 2. Allow set @basic to $STAFF1 on $ROOT_TESTFS or $ROOT_TESTVOL +# 3. Verify $STAFF1 has create permissions. +# 4. Reset snapshot,allow to $basic +# 5. Verify now $STAFF1 have create,allow,destroy permissions. +# +# TESTABILITY: explicit +# +# TEST_AUTOMATION_LEVEL: automated +# +# CODING_STATUS: COMPLETED (2006-09-19) +# +# __stc_assertion_end +# +################################################################################ + +verify_runnable "both" + +log_assert "Changing permissions in a set will change what is allowed " \ + "wherever the set is used." +log_onexit restore_root_datasets + +fs1=$ROOT_TESTFS/fs1; fs2=$ROOT_TESTFS/fs2 +log_must $ZFS create $fs1 +log_must $ZFS create $fs2 + +eval set -A dataset $DATASETS +enc=$(get_prop encryption $dataset) +if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then + perms1="snapshot,checksum,reservation" +else + perms1="snapshot,reservation" +fi + +for dtst in $DATASETS $fs1 $fs2; do + log_must $ZFS allow -s @basic $perms1 $dtst + log_must $ZFS allow $STAFF1 @basic $dtst + log_must verify_perm $dtst $perms1 $STAFF1 +done + +perms2="allow,send,compression,userprop" +for dtst in $DATASETS $fs1 $fs2; do + log_must $ZFS allow -s @basic $perms2 $dtst + log_must verify_perm $dtst ${perms1},${perms2} $STAFF1 +done + +log_pass "Changing permissions in a set will change what is allowed passed." Copied: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_007_pos.ksh (from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_007_pos.ksh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_007_pos.ksh Thu Feb 8 22:34:37 2018 (r329047, copy of r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_007_pos.ksh) @@ -0,0 +1,120 @@ +#!/usr/local/bin/ksh93 -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2008 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "@(#)zfs_allow_007_pos.ksh 1.3 08/11/03 SMI" +# + +. $STF_SUITE/tests/delegate/delegate_common.kshlib + +################################################################################# +# +# __stc_assertion_start +# +# ID: zfs_allow_007_pos +# +# DESCRIPTION: +# Verify the permissions set will be masked on its descendent +# datasets by same name set. +# +# STRATEGY: +# 1. Create $ROOT_TESTFS/childfs +# 2. Set permission $perms1 to @set on $ROOT_TESTFS +# 3. Reset permission $perms2 to @set on $ROOT_TESTFS/childfs +# 4. Allow @set to $STAFF1 on $ROOT_TESTFS/childfs +# 5. Verify $perms2 is delegated on $ROOT_TESTFS/childfs and its +# descendent. +# 6. Allow @set to $STAFF1 on $ROOT_TESTFS +# 7. Verify $perms1 is not appended to $STAFF1 on $ROOT_TESTFS/childfs and +# its descendent since it is masked +# +# TESTABILITY: explicit +# +# TEST_AUTOMATION_LEVEL: automated +# +# CODING_STATUS: COMPLETED (2006-09-19) +# +# __stc_assertion_end +# +################################################################################ + +verify_runnable "both" + +log_assert "Verify permission set can be masked on descendent dataset." +log_onexit restore_root_datasets + +typeset perms1="snapshot,reservation,compression" +eval set -A dataset $DATASETS +enc=$(get_prop encryption $dataset) +if [[ $? -eq 0 ]] && [[ -n "$enc" ]] && [[ "$enc" != "off" ]]; then + typeset perms2="send,allow,userprop" +else + typeset perms2="checksum,send,allow,userprop" +fi + +# +# Define three level filesystems +# +childfs=$ROOT_TESTFS/childfs +grandchild=$childfs/grandchild +log_must $ZFS create $childfs +log_must $ZFS create $grandchild + +# +# Setting different permissions to the same set on two level. +# But only assign the user at one level. +# +log_must $ZFS allow -s @set $perms1 $ROOT_TESTFS +log_must $ZFS allow -s @set $perms2 $childfs +log_must $ZFS allow $STAFF1 @set $childfs + +# +# Verify only perms2 is valid to user on the level which he was assigned. +# +log_must verify_noperm $ROOT_TESTFS $perms1 $STAFF1 +for fs in $childfs $grandchild ; do + log_must verify_noperm $childfs $perms1 $STAFF1 + log_must verify_perm $childfs $perms2 $STAFF1 +done + +# +# Delegate @set to STAFF1 on ROOT_TESTFS, verify $perms1 will not be appended +# to its descendent datasets since it is masked +# +log_must $ZFS allow $STAFF1 @set $ROOT_TESTFS +log_must verify_perm $ROOT_TESTFS $perms1 $STAFF1 +for fs in $childfs $grandchild ; do + log_must verify_noperm $childfs $perms1 $STAFF1 + log_must verify_perm $childfs $perms2 $STAFF1 +done + +# Remove the mask, $perms1 will be allowed to its descendent datasets +log_must $ZFS unallow -s @set $childfs +for fs in $childfs $grandchild ; do + log_must verify_noperm $childfs $perms2 $STAFF1 + log_must verify_perm $childfs $perms1 $STAFF1 +done + +log_pass "Verify permission set can be masked on descendetn dataset pass." Copied: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_008_pos.ksh (from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_008_pos.ksh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_008_pos.ksh Thu Feb 8 22:34:37 2018 (r329047, copy of r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_008_pos.ksh) @@ -0,0 +1,90 @@ +#!/usr/local/bin/ksh93 -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2007 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "@(#)zfs_allow_008_pos.ksh 1.2 07/07/31 SMI" +# + +. $STF_SUITE/tests/delegate/delegate_common.kshlib + +################################################################################# +# +# __stc_assertion_start +# +# ID: zfs_allow_008_pos +# +# DESCRIPTION: +# non-root user can allow any permissions which he is holding to +# other else user when it get 'allow' permission. +# +# STRATEGY: +# 1. Set two set permissions to two datasets locally. +# 2. Verify the non-root user can allow permission if he has allow +# permission. +# +# TESTABILITY: explicit +# +# TEST_AUTOMATION_LEVEL: automated +# +# CODING_STATUS: COMPLETED (2006-09-20) +# +# __stc_assertion_end +# +################################################################################ + +verify_runnable "both" + +log_assert "Verify non-root user can allow permissions." +log_onexit restore_root_datasets + +perms1="snapshot,reservation" +perms2="send,compression,checksum,userprop" +childfs=$ROOT_TESTFS/childfs + +log_must $ZFS create $childfs + +for dtst in $DATASETS ; do + # Delegate local permission to $STAFF1 + log_must $ZFS allow -l $STAFF1 $perms1 $dtst + log_must $ZFS allow -l $STAFF1 allow $dtst + + if [[ $dtst == $ROOT_TESTFS ]]; then + log_must $ZFS allow -l $STAFF1 $perms2 $childfs + # $perms1 is local permission in $ROOT_TESTFS + log_mustnot user_run $STAFF1 $ZFS allow $OTHER1 $perms1 $childfs + log_must verify_noperm $childfs $perms1 $OTHER1 + fi + + # Verify 'allow' give non-privilege user delegated permission. + log_must user_run $STAFF1 $ZFS allow -l $OTHER1 $perms1 $dtst + log_must verify_perm $dtst $perms1 $OTHER1 + + # $perms2 was not allow to $STAFF1, so he have no permission to + # delegate permission to other else. + log_mustnot user_run $STAFF1 $ZFS allow $OTHER1 $perms2 $dtst + log_must verify_noperm $dtst $perms2 $OTHER1 +done + +log_pass "Verify non-root user can allow permissions passed." Copied: projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_009_neg.ksh (from r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_009_neg.ksh) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow_009_neg.ksh Thu Feb 8 22:34:37 2018 (r329047, copy of r329046, projects/zfsd/head/tests/sys/cddl/zfs/tests/delegate/zfs_allow/zfs_allow_009_neg.ksh) @@ -0,0 +1,76 @@ +#!/usr/local/bin/ksh93 -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2007 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# +# ident "@(#)zfs_allow_009_neg.ksh 1.1 07/01/09 SMI" +# + +. $STF_SUITE/tests/delegate/delegate_common.kshlib + +################################################################################# +# +# __stc_assertion_start +# +# ID: zfs_allow_009_neg +# +# DESCRIPTION: +# zfs allow can deal with invalid arguments.(Invalid options or combination) +# +# STRATEGY: +# 1. Verify invalid argumets will cause error. +# 2. Verify non-optional argument was missing will cause error. +# 3. Verify invalid options cause error. +# +# TESTABILITY: explicit +# +# TEST_AUTOMATION_LEVEL: automated +# +# CODING_STATUS: COMPLETED (2006-09-20) +# +# __stc_assertion_end +# +################################################################################ + +verify_runnable "both" + +log_assert "Verify invalid arguments are handled correctly." +log_onexit restore_root_datasets + +# Permission sets are limited to 64 characters in length. +longset="set123456789012345678901234567890123456789012345678901234567890123" +for dtst in $DATASETS ; do + log_mustnot eval "$ZFS allow -s @$longset $dtst" + # Create non-existent permission set + typeset timestamp=$($DATE +'%F-%R:%S') + log_mustnot $ZFS allow -s @non-existent $dtst + log_mustnot $ZFS allow $STAFF "atime,created,mounted" $dtst + log_mustnot $ZFS allow $dtst $TESTPOOL + log_mustnot $ZFS allow -c $dtst *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201802082234.w18MYbCB004738>