05.t revision 210984
1196948Strasz#!/bin/sh 2196948Strasz# $FreeBSD: head/tools/regression/fstest/tests/granular/05.t 210984 2010-08-06 23:58:54Z pjd $ 3196948Strasz 4196948Straszdesc="NFSv4 granular permissions checking - DELETE and DELETE_CHILD with directories" 5196948Strasz 6196948Straszdir=`dirname $0` 7196948Strasz. ${dir}/../misc.sh 8196948Strasz 9210984Spjd[ "${os}:${fs}" = "FreeBSD:ZFS" ] || quick_exit 10210984Spjd 11196948Straszecho "1..68" 12196948Strasz 13196948Straszn0=`namegen` 14196948Straszn1=`namegen` 15196948Straszn2=`namegen` 16196948Straszn3=`namegen` 17196948Strasz 18196948Straszexpect 0 mkdir ${n2} 0755 19196948Straszexpect 0 mkdir ${n3} 0777 20196948Straszcdir=`pwd` 21196948Straszcd ${n2} 22196948Strasz 23196948Strasz# Unlink allowed on writable directory. 24196948Straszexpect 0 mkdir ${n0} 0755 25196948Straszexpect EACCES -u 65534 -g 65534 rmdir ${n0} 26196948Straszexpect 0 prependacl . user:65534:write_data::allow 27196948Straszexpect 0 -u 65534 -g 65534 rmdir ${n0} 28196948Strasz 29196948Strasz# Moving directory elsewhere allowed on writable directory. 30196948Straszexpect 0 mkdir ${n0} 0777 31196948Straszexpect 0 prependacl . user:65534:write_data::deny 32196948Straszexpect EACCES -u 65534 -g 65534 rename ${n0} ../${n3}/${n0} 33196948Straszexpect 0 prependacl . user:65534:write_data::allow 34196948Straszexpect 0 -u 65534 -g 65534 rename ${n0} ../${n3}/${n0} 35196948Strasz 36196948Strasz# 12 37196948Strasz# Moving directory from elsewhere allowed on writable directory. 38196948Straszexpect EACCES -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 39196948Straszexpect 0 prependacl . user:65534:append_data::allow 40196948Straszexpect 0 -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 41196948Straszexpect 0 -u 65534 -g 65534 rmdir ${n0} 42196948Strasz 43196948Strasz# Moving directory from elsewhere overwriting local directory allowed 44196948Strasz# on writable directory. 45196948Straszexpect 0 mkdir ${n0} 0755 46196948Straszexpect 0 mkdir ../${n3}/${n0} 0777 47196948Straszexpect 0 prependacl . user:65534:write_data::deny 48196948Straszexpect EACCES -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 49196948Straszexpect 0 prependacl . user:65534:write_data::allow 50196948Straszexpect 0 -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 51196948Straszexpect 0 -u 65534 -g 65534 rmdir ${n0} 52196948Strasz 53196948Strasz# 23 54196948Strasz# Denied DELETE changes nothing wrt removing. 55196948Straszexpect 0 mkdir ${n0} 0755 56196948Straszexpect 0 prependacl ${n0} user:65534:delete::deny 57196948Straszexpect 0 -u 65534 -g 65534 rmdir ${n0} 58196948Strasz 59196948Strasz# Denied DELETE changes nothing wrt moving elsewhere or from elsewhere. 60196948Straszexpect 0 mkdir ${n0} 0777 61196948Straszexpect 0 -u 65534 -g 65534 rename ${n0} ../${n3}/${n0} 62196948Straszexpect 0 -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 63196948Straszexpect 0 -u 65534 -g 65534 rmdir ${n0} 64196948Strasz 65196948Strasz# DELETE_CHILD denies unlink on writable directory. 66196948Straszexpect 0 mkdir ${n0} 0755 67196948Straszexpect 0 prependacl . user:65534:delete_child::deny 68196948Straszexpect EPERM -u 65534 -g 65534 rmdir ${n0} 69196948Straszexpect 0 rmdir ${n0} 70196948Strasz 71196948Strasz# 35 72196948Strasz# DELETE_CHILD denies moving directory elsewhere. 73196948Straszexpect 0 mkdir ${n0} 0777 74196948Straszexpect EPERM -u 65534 -g 65534 rename ${n0} ../${n3}/${n0} 75196948Straszexpect 0 rename ${n0} ../${n3}/${n0} 76196948Strasz 77196948Strasz# DELETE_CHILD does not deny moving directory from elsewhere 78196948Strasz# to a writable directory. 79196948Straszexpect 0 -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 80196948Strasz 81196948Strasz# DELETE_CHILD denies moving directory from elsewhere 82196948Strasz# to a writable directory overwriting local directory. 83196948Straszexpect 0 mkdir ../${n3}/${n0} 0755 84196948Straszexpect EACCES -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 85196948Strasz 86196948Strasz# DELETE allowed on directory allows for unlinking, no matter 87196948Strasz# what permissions on containing directory are. 88196948Straszexpect 0 prependacl ${n0} user:65534:delete::allow 89196948Straszexpect 0 -u 65534 -g 65534 rmdir ${n0} 90196948Strasz 91196948Strasz# Same for moving the directory elsewhere. 92196948Straszexpect 0 mkdir ${n0} 0777 93196948Straszexpect 0 prependacl ${n0} user:65534:delete::allow 94196948Straszexpect 0 -u 65534 -g 65534 rename ${n0} ../${n3}/${n0} 95196948Strasz 96196948Strasz# 46 97196948Strasz# Same for moving the directory from elsewhere into a writable 98196948Strasz# directory with DELETE_CHILD denied. 99196948Straszexpect 0 -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 100196948Straszexpect 0 rmdir ${n0} 101196948Strasz 102196948Strasz# DELETE does not allow for overwriting a directory in a unwritable 103196948Strasz# directory with DELETE_CHILD denied. 104196948Straszexpect 0 mkdir ${n0} 0755 105196948Straszexpect 0 mkdir ../${n3}/${n0} 0777 106196948Straszexpect 0 prependacl . user:65534:write_data::deny 107196948Straszexpect 0 prependacl . user:65534:delete_child::deny 108196948Straszexpect EPERM -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 109196948Straszexpect 0 prependacl ${n0} user:65534:delete::allow 110196948Strasz# XXX: expect EACCES -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 111196948Straszexpect 0 -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 112196948Strasz 113196948Strasz# 54 114196948Strasz# But it allows for plain deletion. 115196948Strasz# XXX: expect 0 -u 65534 -g 65534 rmdir ${n0} 116196948Straszexpect 0 rmdir ${n0} 117196948Strasz 118196948Strasz# DELETE_CHILD allowed on unwritable directory. 119196948Straszexpect 0 mkdir ${n0} 0755 120196948Straszexpect 0 prependacl . user:65534:delete_child::allow 121196948Straszexpect 0 -u 65534 -g 65534 rmdir ${n0} 122196948Strasz 123196948Strasz# Moving things elsewhere is allowed. 124196948Straszexpect 0 mkdir ${n0} 0777 125196948Straszexpect 0 -u 65534 -g 65534 rename ${n0} ../${n3}/${n0} 126196948Strasz 127196948Strasz# 60 128196948Strasz# Moving things back is not. 129196948Strasz# XXX: expect EACCES -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 130196948Straszexpect 0 -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 131196948Strasz 132196948Strasz# Even if we're overwriting. 133196948Strasz# XXX: expect 0 mkdir ${n0} 0755 134196948Straszexpect 0 mkdir ../${n3}/${n0} 0777 135196948Strasz# XXX: expect EACCES -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 136196948Straszexpect 0 -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 137196948Straszexpect 0 mkdir ../${n3}/${n0} 0777 138196948Strasz 139196948Strasz# Even if we have DELETE on the existing directory. 140196948Straszexpect 0 prependacl ${n0} user:65534:delete::allow 141196948Strasz# XXX: expect EACCES -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 142196948Straszexpect 0 -u 65534 -g 65534 rename ../${n3}/${n0} ${n0} 143196948Strasz 144196948Strasz# Denied DELETE changes nothing wrt removing. 145196948Straszexpect 0 prependacl ${n0} user:65534:delete::deny 146196948Straszexpect 0 -u 65534 -g 65534 rmdir ${n0} 147196948Strasz 148196948Straszcd ${cdir} 149196948Straszexpect 0 rmdir ${n2} 150