1196948Strasz#!/bin/sh 2196948Strasz# $FreeBSD$ 3196948Strasz 4196948Straszdesc="NFSv4 granular permissions checking - ACL_READ_ACL and ACL_WRITE_ACL" 5196948Strasz 6196948Straszdir=`dirname $0` 7196948Strasz. ${dir}/../misc.sh 8196948Strasz 9210984Spjd[ "${os}:${fs}" = "FreeBSD:ZFS" ] || quick_exit 10210984Spjd 11196948Straszecho "1..83" 12196948Strasz 13196948Straszn0=`namegen` 14196948Straszn1=`namegen` 15196948Straszn2=`namegen` 16196948Strasz 17196948Straszexpect 0 mkdir ${n2} 0755 18196948Straszcdir=`pwd` 19196948Straszcd ${n2} 20196948Strasz 21196948Strasz# Check whether user 65534 is permitted to read ACL. 22196948Straszexpect 0 create ${n0} 0644 23196948Straszexpect 0 readacl ${n0} 24196948Straszexpect 0 -u 65534 -g 65534 readacl ${n0} 25196948Straszexpect 0 prependacl ${n0} user:65534:read_acl::deny 26196948Straszexpect 0 readacl ${n0} 27196948Straszexpect EACCES -u 65534 -g 65534 readacl ${n0} 28196948Straszexpect 0 prependacl ${n0} user:65534:read_acl::allow 29196948Straszexpect 0 -u 65534 -g 65534 readacl ${n0} 30196948Straszexpect 0 readacl ${n0} 31196948Straszexpect 0 unlink ${n0} 32196948Strasz 33196948Strasz# Check whether user 65534 is permitted to write ACL. 34196948Straszexpect 0 create ${n0} 0644 35196948Straszexpect EPERM -u 65534 -g 65534 prependacl ${n0} user:65534:read_data::allow 36196948Straszexpect 0 prependacl ${n0} user:65534:write_acl::allow 37196948Straszexpect 0 -u 65534 -g 65534 prependacl ${n0} user:65534:read_data::allow 38196948Straszexpect 0 unlink ${n0} 39196948Strasz 40196948Strasz# Check whether user 65534 is permitted to write mode. 41196948Straszexpect 0 create ${n0} 0755 42196948Straszexpect EPERM -u 65534 -g 65534 chmod ${n0} 0777 43196948Straszexpect 0 prependacl ${n0} user:65534:write_acl::allow 44196948Straszexpect 0 -u 65534 -g 65534 chmod ${n0} 0777 45196948Straszexpect 0 unlink ${n0} 46196948Strasz 47196948Strasz# There is an interesting problem with interaction between ACL_WRITE_ACL 48196948Strasz# and SUID/SGID bits. In case user does have ACL_WRITE_ACL, but is not 49196948Strasz# a file owner, Solaris does the following: 50196948Strasz# 1. Setting SUID fails with EPERM. 51196948Strasz# 2. Setting SGID succeeds, but mode is not changed. 52196948Strasz# 3. Modifying ACL does not clear SUID nor SGID bits. 53196948Strasz# 4. Writing the file does clear both SUID and SGID bits. 54196948Strasz# 55196948Strasz# What we are doing is the following: 56196948Strasz# 1. Setting SUID or SGID fails with EPERM. 57196948Strasz# 2. Modifying ACL does not clear SUID nor SGID bits. 58196948Strasz# 3. Writing the file does clear both SUID and SGID bits. 59196948Strasz# 60196948Strasz# Check whether user 65534 is denied to write mode with SUID bit. 61196948Straszexpect 0 create ${n0} 0755 62196948Straszexpect EPERM -u 65534 -g 65534 chmod ${n0} 04777 63196948Straszexpect 0 prependacl ${n0} user:65534:write_acl::allow 64196948Straszexpect EPERM -u 65534 -g 65534 chmod ${n0} 04777 65196948Straszexpect 0 unlink ${n0} 66196948Strasz 67196948Strasz# Check whether user 65534 is denied to write mode with SGID bit. 68196948Straszexpect 0 create ${n0} 0755 69196948Straszexpect EPERM -u 65534 -g 65534 chmod ${n0} 02777 70196948Straszexpect 0 prependacl ${n0} user:65534:write_acl::allow 71196948Straszexpect EPERM -u 65534 -g 65534 chmod ${n0} 02777 72196948Straszexpect 0 unlink ${n0} 73196948Strasz 74196948Strasz# Check whether user 65534 is allowed to write mode with sticky bit. 75196948Straszexpect 0 mkdir ${n0} 0755 76196948Straszexpect EPERM -u 65534 -g 65534 chmod ${n0} 01777 77196948Straszexpect 0 prependacl ${n0} user:65534:write_acl::allow 78196948Straszexpect 0 -u 65534 -g 65534 chmod ${n0} 01777 79196948Straszexpect 0 rmdir ${n0} 80196948Strasz 81196948Strasz# Check whether modifying the ACL by not-owner preserves the SUID. 82196948Straszexpect 0 create ${n0} 04755 83196948Straszexpect 0 prependacl ${n0} user:65534:write_acl::allow 84196948Straszexpect 0 -u 65534 -g 65534 prependacl ${n0} user:65534:write_data::allow 85196948Straszexpect 04755 stat ${n0} mode 86196948Straszexpect 0 unlink ${n0} 87196948Strasz 88196948Strasz# Check whether modifying the ACL by not-owner preserves the SGID. 89196948Straszexpect 0 create ${n0} 02755 90196948Straszexpect 0 prependacl ${n0} user:65534:write_acl::allow 91196948Straszexpect 0 -u 65534 -g 65534 prependacl ${n0} user:65534:write_data::allow 92196948Straszexpect 02755 stat ${n0} mode 93196948Straszexpect 0 unlink ${n0} 94196948Strasz 95196948Strasz# Check whether modifying the ACL by not-owner preserves the sticky bit. 96196948Straszexpect 0 mkdir ${n0} 0755 97196948Straszexpect 0 chmod ${n0} 01755 98196948Straszexpect 0 prependacl ${n0} user:65534:write_acl::allow 99196948Straszexpect 0 -u 65534 -g 65534 prependacl ${n0} user:65534:write_data::allow 100196948Straszexpect 01755 stat ${n0} mode 101196948Straszexpect 0 rmdir ${n0} 102196948Strasz 103196948Strasz# Clearing the SUID and SGID bits when being written to by non-owner 104196948Strasz# is checked in chmod/12.t. 105196948Strasz 106196948Strasz# Check whether the file owner is always permitted to get and set 107196948Strasz# ACL and file mode, even if ACL_{READ,WRITE}_ACL would deny it. 108196948Straszexpect 0 chmod . 0777 109196948Straszexpect 0 -u 65534 -g 65534 create ${n0} 0600 110196948Straszexpect 0 -u 65534 -g 65534 prependacl ${n0} user:65534:write_acl::deny 111196948Straszexpect 0 -u 65534 -g 65534 prependacl ${n0} user:65534:read_acl::deny 112196948Straszexpect 0 -u 65534 -g 65534 readacl ${n0} 113196948Straszexpect 0600 -u 65534 -g 65534 stat ${n0} mode 114196948Straszexpect 0 -u 65534 -g 65534 chmod ${n0} 0777 115196948Straszexpect 0 unlink ${n0} 116196948Strasz 117196948Straszexpect 0 -u 65534 -g 65534 mkdir ${n0} 0600 118196948Straszexpect 0 -u 65534 -g 65534 prependacl ${n0} user:65534:write_acl::deny 119196948Straszexpect 0 -u 65534 -g 65534 prependacl ${n0} user:65534:read_acl::deny 120196948Straszexpect 0 -u 65534 -g 65534 readacl ${n0} 121196948Straszexpect 0600 -u 65534 -g 65534 stat ${n0} mode 122196948Straszexpect 0 -u 65534 -g 65534 chmod ${n0} 0777 123196948Straszexpect 0 rmdir ${n0} 124196948Strasz 125196948Strasz# Check whether the root is allowed for these as well. 126196948Straszexpect 0 -u 65534 -g 65534 create ${n0} 0600 127196948Straszexpect 0 prependacl ${n0} everyone@:write_acl::deny 128196948Straszexpect 0 prependacl ${n0} everyone@:read_acl::deny 129196948Straszexpect 0 readacl ${n0} 130196948Straszexpect 0600 stat ${n0} mode 131196948Straszexpect 0 chmod ${n0} 0777 132196948Straszexpect 0 unlink ${n0} 133196948Strasz 134196948Straszexpect 0 -u 65534 -g 65534 mkdir ${n0} 0600 135196948Straszexpect 0 prependacl ${n0} everyone@:write_acl::deny 136196948Straszexpect 0 prependacl ${n0} everyone@:read_acl::deny 137196948Straszexpect 0600 stat ${n0} mode 138196948Straszexpect 0 readacl ${n0} 139196948Straszexpect 0600 stat ${n0} mode 140196948Straszexpect 0 chmod ${n0} 0777 141196948Straszexpect 0 rmdir ${n0} 142196948Strasz 143196948Straszcd ${cdir} 144196948Straszexpect 0 rmdir ${n2} 145