09.t revision 185173 
1#!/bin/sh
2# $FreeBSD: head/tools/regression/fstest/tests/chflags/09.t 185173 2008-11-22 13:27:15Z pjd $
3
4desc="chflags returns EPERM when one of SF_IMMUTABLE, SF_APPEND, or SF_NOUNLINK is set and securelevel is greater than 0"
5
6dir=`dirname $0`
7. ${dir}/../misc.sh
8
9require chflags
10
11echo "1..102"
12
13n0=`namegen`
14n1=`namegen`
15n2=`namegen`
16
17old=`sysctl -n security.jail.chflags_allowed`
18sysctl security.jail.chflags_allowed=1 >/dev/null
19
20expect 0 mkdir ${n0} 0755
21cdir=`pwd`
22cd ${n0}
23
24expect 0 create ${n1} 0644
25expect 0 chown ${n1} 65534 65534
26for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do
27	expect 0 chflags ${n1} ${flag}
28	jexpect 1 `pwd` EPERM chflags ${n1} UF_NODUMP
29	expect ${flag} stat ${n1} flags
30	jexpect 1 `pwd` EPERM -u 65533 -g 65533 chflags ${n1} UF_NODUMP
31	expect ${flag} stat ${n1} flags
32	jexpect 1 `pwd` EPERM -u 65534 -g 65534 chflags ${n1} UF_NODUMP
33	expect ${flag} stat ${n1} flags
34done
35expect 0 chflags ${n1} none
36expect 0 unlink ${n1}
37
38expect 0 mkdir ${n1} 0755
39expect 0 chown ${n1} 65534 65534
40for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do
41	expect 0 chflags ${n1} ${flag}
42	jexpect 1 `pwd` EPERM chflags ${n1} UF_NODUMP
43	expect ${flag} stat ${n1} flags
44	jexpect 1 `pwd` EPERM -u 65533 -g 65533 chflags ${n1} UF_NODUMP
45	expect ${flag} stat ${n1} flags
46	jexpect 1 `pwd` EPERM -u 65534 -g 65534 chflags ${n1} UF_NODUMP
47	expect ${flag} stat ${n1} flags
48done
49expect 0 chflags ${n1} none
50expect 0 rmdir ${n1}
51
52expect 0 mkfifo ${n1} 0644
53expect 0 chown ${n1} 65534 65534
54for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do
55	expect 0 chflags ${n1} ${flag}
56	jexpect 1 `pwd` EPERM chflags ${n1} UF_NODUMP
57	expect ${flag} stat ${n1} flags
58	jexpect 1 `pwd` EPERM -u 65533 -g 65533 chflags ${n1} UF_NODUMP
59	expect ${flag} stat ${n1} flags
60	jexpect 1 `pwd` EPERM -u 65534 -g 65534 chflags ${n1} UF_NODUMP
61	expect ${flag} stat ${n1} flags
62done
63expect 0 chflags ${n1} none
64expect 0 unlink ${n1}
65
66expect 0 symlink ${n2} ${n1}
67expect 0 lchown ${n1} 65534 65534
68for flag in SF_IMMUTABLE SF_APPEND SF_NOUNLINK; do
69	expect 0 lchflags ${n1} ${flag}
70	jexpect 1 `pwd` EPERM lchflags ${n1} UF_NODUMP
71	expect ${flag} lstat ${n1} flags
72	jexpect 1 `pwd` EPERM -u 65533 -g 65533 lchflags ${n1} UF_NODUMP
73	expect ${flag} lstat ${n1} flags
74	jexpect 1 `pwd` EPERM -u 65534 -g 65534 lchflags ${n1} UF_NODUMP
75	expect ${flag} lstat ${n1} flags
76done
77expect 0 lchflags ${n1} none
78expect 0 unlink ${n1}
79
80sysctl security.jail.chflags_allowed=${old} >/dev/null
81cd ${cdir}
82expect 0 rmdir ${n0}
83