apfs/apfstests
0
0
Fork 0
mirror of https://github.com/linux-apfs/apfstests.git synced 2026-05-01 15:01:44 -07:00
Code Issues Packages Projects Releases Wiki Activity

tests: make shared/051 a generic test

Browse Source 
The ACL test shared/051 was very similar to generic/099 which was not
being run and was just removed; most likely the script was copy+pasted
at some point.  Since shared/051 has been getting maintained+run and is
not really XFS and UDF-specific, move it to generic, reusing the old
number of 099.  One change was required for it to work on other
filesystems: the output of 'find' must be sorted.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Eryu Guan <eguan@redhat.com>
Signed-off-by: Eryu Guan <eguan@redhat.com>
This commit is contained in:
Eric Biggers
2017-07-20 21:22:05 -07:00
committed by Eryu Guan
parent 5b55643c45
commit 46a6604d39
4 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/shared/051
-321
View File
@@ -1,321 +0,0 @@
#! /bin/bash
# FS QA Test No. 051
#
# Test out ACLs.
#
#-----------------------------------------------------------------------
# Copyright (c) 2000-2002 Silicon Graphics, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
here=`pwd`
tmp=/tmp/$$
status=1 # FAILure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
# get standard environment, filters and checks
. ./common/rc
. ./common/filter
. ./common/attr
_cleanup()
{
cd /
rm -f $tmp.*
[ -n "$TEST_DIR" ] && rm -rf $TEST_DIR/$seq.dir1
}
# -----
# minimal access ACL has ACEs: USER_OBJ, GROUP_OBJ, OTHER_OBJ
# This is set with chacl(1) and can be changed by chmod(1).
#
# Test that this is being set for ACL and for std unix permissions
# Test that we can get back the same ACL.
# Test std permissions for rwx.
# -----
#
# Test out default ACLs and that the ACL is being PASSed
# onto the children of the dir.
#
# -----
# Test out access check for extended ACLs.
# -> 3 extra ACEs: MASK, GROUP, USER
# -> the GROUP compares with egid of process _and_ the supplementary
# groups (as found in /etc/group)
#
# Test that mask works for USER, GROUP, GROUP_OBJ
# Test that the ACE type priority is working
# -> this would be done by simultaneously matching on ACEs
# -> interesting if it allows user to specify ACEs in any order
#
# real QA test starts here
_supported_fs xfs udf
_supported_os Linux
_require_test
_require_runas
rm -f $seqres.full
_acl_setup_ids
_require_acls
# get dir
cd $TEST_DIR
rm -rf $seq.dir1
mkdir $seq.dir1
cd $seq.dir1
echo "QA output created by $seq"
echo ""
echo "=== Test minimal ACE ==="
echo "Setup file"
# Note: as this is a shell script,
# will need read and execute permission set
# in order to execute it.
touch file1
cat <<EOF >file1
#!/bin/bash
echo "Test was executed"
EOF
chmod u=rwx file1
chmod g=rw- file1
chmod o=r-- file1
chown $acl1.$acl2 file1
_acl_ls file1
echo ""
echo "--- Test get and set of ACL ---"
echo "Note: Old interface gave an empty ACL - now output an ACL"
chacl -l file1 | _acl_filter_id
echo "Try using single colon separator"
echo "Note: Old interface FAILed because of single colon - new one allows it"
chacl u::r--,g::rwx,o:rw- file1 2>&1
echo "Expect to PASS"
chacl u::r--,g::rwx,o::rw- file1 2>&1
chacl -l file1 | _acl_filter_id
echo ""
echo "--- Test sync of ACL with std permissions ---"
_acl_ls file1
chmod u+w file1
_acl_ls file1
chacl -l file1 | _acl_filter_id
echo ""
echo "--- Test owner permissions ---"
chacl u::r-x,g::---,o::--- file1 2>&1
chacl -l file1 | _acl_filter_id
# change to owner
echo "Expect to PASS"
_runas -u $acl1 -g $acl1 ./file1 2>&1
echo "Expect to FAIL"
_runas -u $acl2 -g $acl2 ./file1 2>&1
echo ""
echo "--- Test group permissions ---"
chacl u::---,g::r-x,o::--- file1 2>&1
chacl -l file1 | _acl_filter_id
echo "Expect to FAIL - acl1 is owner"
_runas -u $acl1 -g $acl1 ./file1 2>&1
echo "Expect to PASS - acl2 matches group"
_runas -u $acl2 -g $acl2 ./file1 2>&1
echo "Expect to PASS - acl2 matches sup group"
_runas -u $acl2 -g $acl3 -s $acl2 ./file1 2>&1
echo "Expect to FAIL - acl3 is not in group"
_runas -u $acl3 -g $acl3 ./file1 2>&1
echo ""
echo "--- Test other permissions ---"
chacl u::---,g::---,o::r-x file1 2>&1
chacl -l file1 | _acl_filter_id
echo "Expect to FAIL - acl1 is owner"
_runas -u $acl1 -g $acl1 ./file1 2>&1
echo "Expect to FAIL - acl2 is in group"
_runas -u $acl2 -g $acl2 ./file1 2>&1
echo "Expect to FAIL - acl2 is in sup. group"
_runas -u $acl2 -g $acl3 -s $acl2 ./file1 2>&1
echo "Expect to PASS - acl3 is not owner or in group"
_runas -u $acl3 -g $acl3 ./file1 2>&1
#-------------------------------------------------------
echo ""
echo "=== Test Extended ACLs ==="
echo ""
echo "--- Test adding a USER ACE ---"
echo "Expect to FAIL as no MASK provided"
chacl u::---,g::---,o::---,u:$acl2:r-x file1 2>&1 | _acl_filter_id
echo "Ensure that ACL has not been changed"
chacl -l file1 | _acl_filter_id
echo "Expect to PASS - USER ACE matches user"
chacl u::---,g::---,o::---,u:$acl2:r-x,m::rwx file1 2>&1
chacl -l file1 | _acl_filter_id
_runas -u $acl2 -g $acl2 ./file1 2>&1
echo "Expect to FAIL - USER ACE does not match user"
_runas -u $acl3 -g $acl3 ./file1 2>&1
echo ""
echo "--- Test adding a GROUP ACE ---"
echo "Expect to FAIL as no MASK provided"
chacl u::---,g::---,o::---,g:$acl2:r-x file1 2>&1 | _acl_filter_id
echo "Ensure that ACL has not been changed"
chacl -l file1 | _acl_filter_id
chacl u::---,g::---,o::---,g:$acl2:r-x,m::rwx file1 2>&1
chacl -l file1 | _acl_filter_id
echo "Expect to PASS - GROUP ACE matches group"
_runas -u $acl2 -g $acl2 ./file1 2>&1
echo "Expect to PASS - GROUP ACE matches sup group"
_runas -u $acl2 -g $acl1 -s $acl2 ./file1 2>&1
echo "Expect to FAIL - GROUP ACE does not match group"
_runas -u $acl3 -g $acl3 ./file1 2>&1
#-------------------------------------------------------
echo ""
echo "--- Test MASK ---"
# group
chacl u::---,g::---,o::---,g:$acl2:r-x,m::-w- file1 2>&1
chacl -l file1 | _acl_filter_id
echo "Expect to FAIL as MASK prohibits execution"
_runas -u $acl2 -g $acl2 ./file1 2>&1
# user
chacl u::---,g::---,o::---,u:$acl2:r-x,m::-w- file1 2>&1
echo "Expect to FAIL as MASK prohibits execution"
_runas -u $acl2 -g $acl2 ./file1 2>&1
# user
chacl u::---,g::---,o::---,u:$acl2:r-x,m::r-x file1 2>&1
echo "Expect to PASS as MASK allows execution"
_runas -u $acl2 -g $acl2 ./file1 2>&1
#-------------------------------------------------------
echo ""
echo "--- Test ACE priority ---"
chacl o::rwx,g::rwx,u:$acl1:rwx,u::---,m::rwx file1 2>&1
echo "Expect to FAIL as should match on owner"
_runas -u $acl1 -g $acl2 ./file1 2>&1
chacl o::---,g::---,u:$acl2:rwx,u::---,m::rwx file1 2>&1
echo "Expect to PASS as should match on user"
_runas -u $acl2 -g $acl2 ./file1 2>&1
#-------------------------------------------------------
echo ""
echo "=== Test can read ACLs without access permissions ==="
# This was a bug in kernel code where syscred wasn't being used
# to override the capabilities
chacl o::---,g::---,u::--- file1 2>&1
chacl -l file1 | _acl_filter_id
#-------------------------------------------------------
echo ""
echo "=== Test Default ACLs ==="
# make test clearer by testing with and without umask
umask 0
mkdir acldir
chacl -b "u::rwx,g::rwx,o::rwx" "u::r-x,g::r--,o::---" acldir 2>&1
chacl -l acldir | _acl_filter_id
cd acldir
touch file2
_acl_ls file2
chacl -l file2 | _acl_filter_id
#ensure that umask is not having an effect
#so set it and see
umask 722
touch file3
_acl_ls file3
chacl -l file3 | _acl_filter_id
cd ..
umask 022
#-------------------------------------------------------
echo ""
echo "=== Removing ACLs ==="
chacl -l file1 | _acl_filter_id
chacl -l acldir | _acl_filter_id
chacl -l acldir/file2 | _acl_filter_id
echo "Remove ACLs..."
chacl -R file1
chacl -B acldir
chacl -R acldir/file2
echo "Note: Old interface would mean empty ACLs - now we show mode ACLs"
chacl -l file1 | _acl_filter_id
chacl -l acldir | _acl_filter_id
chacl -l acldir/file2 | _acl_filter_id
#-------------------------------------------------------
echo ""
echo "=== Recursive change ACL ==="
rm -fr root
mkdir root
pushd root >/dev/null
# create an arbitrary little tree
for i in 1 2 3 4 5 6 7 8 9 0
do
mkdir -p a/$i
mkdir -p b/c$i/$i
touch a/$i/mumble
done
popd >/dev/null
chown -R 12345.54321 root
echo "Change #1..."
_runas -u 12345 -g 54321 -- chacl -r u::rwx,g::-w-,o::--x root
find root -print | xargs chacl -l
echo "Change #2..."
_runas -u 12345 -g 54321 -- chacl -r u::---,g::---,o::--- root
find root -print | xargs chacl -l
#-------------------------------------------------------
echo ""
echo "=== Test out error messages for ACL text parsing ==="
echo "Note: Old interface gave more informative error msgs"
touch file1
set -x
chacl u file1
chacl u: file1
chacl u:rumpledumpleunknownuser file1
chacl u:rumpledumpleunknownuser: file1
chacl g:rumpledumpleunknowngrp file1
chacl g:rumpledumpleunknowngrp: file1
chacl o:user1:rwx file1
chacl m:user1:rwx file1
chacl a::rwx file1
set +x
# success, all done
status=0
exit
tests/shared/051.out
-220
View File
@@ -1,220 +0,0 @@
QA output created by 051
=== Test minimal ACE ===
Setup file
-rwxrw-r-- id1 id2 file1
--- Test get and set of ACL ---
Note: Old interface gave an empty ACL - now output an ACL
file1 [u::rwx,g::rw-,o::r--]
Try using single colon separator
Note: Old interface FAILed because of single colon - new one allows it
Expect to PASS
file1 [u::r--,g::rwx,o::rw-]
--- Test sync of ACL with std permissions ---
-r--rwxrw- id1 id2 file1
-rw-rwxrw- id1 id2 file1
file1 [u::rw-,g::rwx,o::rw-]
--- Test owner permissions ---
file1 [u::r-x,g::---,o::---]
Expect to PASS
Test was executed
Expect to FAIL
./file1: Permission denied
--- Test group permissions ---
file1 [u::---,g::r-x,o::---]
Expect to FAIL - acl1 is owner
./file1: Permission denied
Expect to PASS - acl2 matches group
Test was executed
Expect to PASS - acl2 matches sup group
Test was executed
Expect to FAIL - acl3 is not in group
./file1: Permission denied
--- Test other permissions ---
file1 [u::---,g::---,o::r-x]
Expect to FAIL - acl1 is owner
./file1: Permission denied
Expect to FAIL - acl2 is in group
./file1: Permission denied
Expect to FAIL - acl2 is in sup. group
./file1: Permission denied
Expect to PASS - acl3 is not owner or in group
Test was executed
=== Test Extended ACLs ===
--- Test adding a USER ACE ---
Expect to FAIL as no MASK provided
chacl: access ACL 'u::---,g::---,o::---,u:id2:r-x': Missing or wrong entry at entry 3
Ensure that ACL has not been changed
file1 [u::---,g::---,o::r-x]
Expect to PASS - USER ACE matches user
file1 [u::---,u:id2:r-x,g::---,m::rwx,o::---]
Test was executed
Expect to FAIL - USER ACE does not match user
./file1: Permission denied
--- Test adding a GROUP ACE ---
Expect to FAIL as no MASK provided
chacl: access ACL 'u::---,g::---,o::---,g:id2:r-x': Missing or wrong entry at entry 3
Ensure that ACL has not been changed
file1 [u::---,u:id2:r-x,g::---,m::rwx,o::---]
file1 [u::---,g::---,g:id2:r-x,m::rwx,o::---]
Expect to PASS - GROUP ACE matches group
Test was executed
Expect to PASS - GROUP ACE matches sup group
Test was executed
Expect to FAIL - GROUP ACE does not match group
./file1: Permission denied
--- Test MASK ---
file1 [u::---,g::---,g:id2:r-x,m::-w-,o::---]
Expect to FAIL as MASK prohibits execution
./file1: Permission denied
Expect to FAIL as MASK prohibits execution
./file1: Permission denied
Expect to PASS as MASK allows execution
Test was executed
--- Test ACE priority ---
Expect to FAIL as should match on owner
./file1: Permission denied
Expect to PASS as should match on user
Test was executed
=== Test can read ACLs without access permissions ===
file1 [u::---,g::---,o::---]
=== Test Default ACLs ===
acldir [u::rwx,g::rwx,o::rwx/u::r-x,g::r--,o::---]
-r--r----- 0 0 file2
file2 [u::r--,g::r--,o::---]
-r--r----- 0 0 file3
file3 [u::r--,g::r--,o::---]
=== Removing ACLs ===
file1 [u::---,g::---,o::---]
acldir [u::rwx,g::rwx,o::rwx/u::r-x,g::r--,o::---]
acldir/file2 [u::r--,g::r--,o::---]
Remove ACLs...
Note: Old interface would mean empty ACLs - now we show mode ACLs
file1 [u::---,g::---,o::---]
acldir [u::rwx,g::rwx,o::rwx]
acldir/file2 [u::r--,g::r--,o::---]
=== Recursive change ACL ===
Change #1...
root [u::rwx,g::-w-,o::--x]
root/a [u::rwx,g::-w-,o::--x]
root/a/1 [u::rwx,g::-w-,o::--x]
root/a/1/mumble [u::rwx,g::-w-,o::--x]
root/a/2 [u::rwx,g::-w-,o::--x]
root/a/2/mumble [u::rwx,g::-w-,o::--x]
root/a/3 [u::rwx,g::-w-,o::--x]
root/a/3/mumble [u::rwx,g::-w-,o::--x]
root/a/4 [u::rwx,g::-w-,o::--x]
root/a/4/mumble [u::rwx,g::-w-,o::--x]
root/a/5 [u::rwx,g::-w-,o::--x]
root/a/5/mumble [u::rwx,g::-w-,o::--x]
root/a/6 [u::rwx,g::-w-,o::--x]
root/a/6/mumble [u::rwx,g::-w-,o::--x]
root/a/7 [u::rwx,g::-w-,o::--x]
root/a/7/mumble [u::rwx,g::-w-,o::--x]
root/a/8 [u::rwx,g::-w-,o::--x]
root/a/8/mumble [u::rwx,g::-w-,o::--x]
root/a/9 [u::rwx,g::-w-,o::--x]
root/a/9/mumble [u::rwx,g::-w-,o::--x]
root/a/0 [u::rwx,g::-w-,o::--x]
root/a/0/mumble [u::rwx,g::-w-,o::--x]
root/b [u::rwx,g::-w-,o::--x]
root/b/c1 [u::rwx,g::-w-,o::--x]
root/b/c1/1 [u::rwx,g::-w-,o::--x]
root/b/c2 [u::rwx,g::-w-,o::--x]
root/b/c2/2 [u::rwx,g::-w-,o::--x]
root/b/c3 [u::rwx,g::-w-,o::--x]
root/b/c3/3 [u::rwx,g::-w-,o::--x]
root/b/c4 [u::rwx,g::-w-,o::--x]
root/b/c4/4 [u::rwx,g::-w-,o::--x]
root/b/c5 [u::rwx,g::-w-,o::--x]
root/b/c5/5 [u::rwx,g::-w-,o::--x]
root/b/c6 [u::rwx,g::-w-,o::--x]
root/b/c6/6 [u::rwx,g::-w-,o::--x]
root/b/c7 [u::rwx,g::-w-,o::--x]
root/b/c7/7 [u::rwx,g::-w-,o::--x]
root/b/c8 [u::rwx,g::-w-,o::--x]
root/b/c8/8 [u::rwx,g::-w-,o::--x]
root/b/c9 [u::rwx,g::-w-,o::--x]
root/b/c9/9 [u::rwx,g::-w-,o::--x]
root/b/c0 [u::rwx,g::-w-,o::--x]
root/b/c0/0 [u::rwx,g::-w-,o::--x]
Change #2...
root [u::---,g::---,o::---]
root/a [u::---,g::---,o::---]
root/a/1 [u::---,g::---,o::---]
root/a/1/mumble [u::---,g::---,o::---]
root/a/2 [u::---,g::---,o::---]
root/a/2/mumble [u::---,g::---,o::---]
root/a/3 [u::---,g::---,o::---]
root/a/3/mumble [u::---,g::---,o::---]
root/a/4 [u::---,g::---,o::---]
root/a/4/mumble [u::---,g::---,o::---]
root/a/5 [u::---,g::---,o::---]
root/a/5/mumble [u::---,g::---,o::---]
root/a/6 [u::---,g::---,o::---]
root/a/6/mumble [u::---,g::---,o::---]
root/a/7 [u::---,g::---,o::---]
root/a/7/mumble [u::---,g::---,o::---]
root/a/8 [u::---,g::---,o::---]
root/a/8/mumble [u::---,g::---,o::---]
root/a/9 [u::---,g::---,o::---]
root/a/9/mumble [u::---,g::---,o::---]
root/a/0 [u::---,g::---,o::---]
root/a/0/mumble [u::---,g::---,o::---]
root/b [u::---,g::---,o::---]
root/b/c1 [u::---,g::---,o::---]
root/b/c1/1 [u::---,g::---,o::---]
root/b/c2 [u::---,g::---,o::---]
root/b/c2/2 [u::---,g::---,o::---]
root/b/c3 [u::---,g::---,o::---]
root/b/c3/3 [u::---,g::---,o::---]
root/b/c4 [u::---,g::---,o::---]
root/b/c4/4 [u::---,g::---,o::---]
root/b/c5 [u::---,g::---,o::---]
root/b/c5/5 [u::---,g::---,o::---]
root/b/c6 [u::---,g::---,o::---]
root/b/c6/6 [u::---,g::---,o::---]
root/b/c7 [u::---,g::---,o::---]
root/b/c7/7 [u::---,g::---,o::---]
root/b/c8 [u::---,g::---,o::---]
root/b/c8/8 [u::---,g::---,o::---]
root/b/c9 [u::---,g::---,o::---]
root/b/c9/9 [u::---,g::---,o::---]
root/b/c0 [u::---,g::---,o::---]
root/b/c0/0 [u::---,g::---,o::---]
=== Test out error messages for ACL text parsing ===
Note: Old interface gave more informative error msgs
+ chacl u file1
chacl: u - Invalid argument
+ chacl u: file1
chacl: u: - Invalid argument
+ chacl u:rumpledumpleunknownuser file1
chacl: u:rumpledumpleunknownuser - Invalid argument
+ chacl u:rumpledumpleunknownuser: file1
chacl: u:rumpledumpleunknownuser: - Invalid argument
+ chacl g:rumpledumpleunknowngrp file1
chacl: g:rumpledumpleunknowngrp - Invalid argument
+ chacl g:rumpledumpleunknowngrp: file1
chacl: g:rumpledumpleunknowngrp: - Invalid argument
+ chacl o:user1:rwx file1
chacl: o:user1:rwx - Invalid argument
+ chacl m:user1:rwx file1
chacl: m:user1:rwx - Invalid argument
+ chacl a::rwx file1
chacl: a::rwx - Invalid argument
+ set +x
tests/shared/group
-1
View File
@@ -11,7 +11,6 @@
006 auto enospc
007 dangerous_fuzzers
032 mkfs auto quick
051 acl udf auto quick
272 auto enospc rw
289 auto quick
298 auto trim