apfs/apfstests
0
0
Fork 0
mirror of https://github.com/linux-apfs/apfstests.git synced 2026-05-01 15:01:44 -07:00
Code Issues Packages Projects Releases Wiki Activity

generic: Add richacl tests

Browse Source 
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Reviewed-by: Eryu Guan <eguan@redhat.com>
Signed-off-by: Eryu Guan <eguan@redhat.com>
This commit is contained in:
Andreas Gruenbacher
2016-06-28 14:47:26 +02:00
committed by Eryu Guan
parent 9d93ce7ddd
commit 73f9e47abd
21 changed files with 1331 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
tests/generic/362
Executable
+125
View File
@@ -0,0 +1,125 @@
#! /bin/bash
# FS QA Test 362
#
# RichACL apply-masks test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
_supported_fs generic
_supported_os Linux
_require_scratch
_require_scratch_richacl
_require_richacl_prog
_scratch_mkfs_richacl >> $seqres.full
_scratch_mount
cd $SCRATCH_MNT
touch x
$SETRICHACL_PROG --set 'owner@:rwp::allow group@:rwp::allow everyone@:r::allow' x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'everyone@:wp::allow owner@:r::allow group@:r::allow' x
chmod 664 x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'everyone@:wp::deny owner@:rwp::allow group@:rwp::allow' x
chmod 664 x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'owner@:rwCo::allow' x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'owner@:rwpCo::allow' x
$GETRICHACL_PROG x
chmod 644 x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'u:77:rwp::allow' x
chmod 664 x
$GETRICHACL_PROG x
chmod 644 x
$GETRICHACL_PROG --numeric-ids x
chmod 664 x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'u:77:rwp::allow everyone@:r::allow' x
chmod 664 x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'u:77:r::allow everyone@:rwp::allow' x
chmod 664 x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'u:77:wp::deny everyone@:rwp::allow' x
chmod 664 x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'u:77:rwp::allow u:77:wp::deny everyone@:rwp::allow' x
chmod 664 x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'everyone@:rwp::allow' x
chmod 066 x
$GETRICHACL_PROG x
chmod 006 x
$GETRICHACL_PROG x
chmod 606 x
$GETRICHACL_PROG x
$SETRICHACL_PROG --set 'u:77:rwp::allow everyone@:rwp::allow' x
chmod 606 x
$GETRICHACL_PROG x
chmod 646 x
$GETRICHACL_PROG x
# success, all done
status=0
exit
tests/generic/362.out
+94
View File
@@ -0,0 +1,94 @@
QA output created by 362
x:
owner@:rwp----------::allow
group@:rwp----------::allow
everyone@:r------------::allow
x:
owner@:rwp----------::allow
group@:rwp----------::allow
everyone@:r------------::allow
x:
owner@:rwp----------::allow
group@:rwp----------::allow
everyone@:r------------::allow
x:
owner@:rw-------Co--::allow
x:
owner@:rwp----------::allow
x:
owner@:rwp----------::allow
everyone@:r------------::allow
x:
owner@:rwp----------::allow
user:77:rwp----------::allow
group@:r------------::deny
everyone@:r------------::allow
x:
owner@:rwp----------::allow
user:77:r------------::allow
group@:r------------::deny
everyone@:r------------::allow
x:
owner@:rwp----------::allow
user:77:rwp----------::allow
group@:r------------::deny
everyone@:r------------::allow
x:
owner@:rwp----------::allow
user:77:rwp----------::allow
everyone@:r------------::allow
x:
user:77:rwp----------::allow
owner@:rwp----------::allow
group@:rwp----------::allow
everyone@:r------------::allow
x:
owner@:rwp----------::allow
user:77:-wp----------::deny
group@:rwp----------::allow
everyone@:r------------::allow
x:
owner@:rwp----------::allow
user:77:rwp----------::allow
user:77:-wp----------::deny
group@:rwp----------::allow
everyone@:r------------::allow
x:
owner@:rwp----------::deny
everyone@:rwp----------::allow
x:
owner@:rwp----------::deny
group@:rwp----------::deny
everyone@:rwp----------::allow
x:
owner@:rwp----------::allow
group@:rwp----------::deny
everyone@:rwp----------::allow
x:
owner@:rwp----------::allow
group@:rwp----------::deny
everyone@:rwp----------::allow
x:
user:77:r------------::allow
owner@:rwp----------::allow
group@:-wp----------::deny
user:77:-wp----------::deny
everyone@:rwp----------::allow
tests/generic/363
Executable
+118
View File
@@ -0,0 +1,118 @@
#! /bin/bash
# FS QA Test 363
#
# RichACL auto-inheritance test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
_supported_fs generic
_supported_os Linux
_require_scratch
_require_scratch_richacl
_require_richacl_prog
_scratch_mkfs_richacl >> $seqres.full
_scratch_mount
cd $SCRATCH_MNT
umask 022
mkdir d1
$SETRICHACL_PROG --modify owner@:rwpxd:fd:allow,u:101:rw:fd:deny d1
$SETRICHACL_PROG --modify u:102:rw:f:deny d1
$SETRICHACL_PROG --modify u:103:rw:d:deny d1
$SETRICHACL_PROG --modify g:101:rw:fdi:deny d1
$SETRICHACL_PROG --modify flags:a d1
$GETRICHACL_PROG --numeric --raw d1
mkdir d1/d2
touch d1/d3
# Mode bits derived from inherited ACEs
$GETRICHACL_PROG --numeric --raw d1/d2
$GETRICHACL_PROG --numeric --raw d1/d3
mkdir d1/d2/d4
touch d1/d2/d4/d5
# Protected files
mkdir d1/d6
touch d1/d7
$GETRICHACL_PROG --numeric --raw d1/d2/d4
$GETRICHACL_PROG --numeric --raw d1/d2/d4/d5
# Clear protected flag from all the ACLs
$SETRICHACL_PROG --modify flags:a d1/d2
$SETRICHACL_PROG --modify flags:a d1/d3
$SETRICHACL_PROG --modify flags:a d1/d2/d4
$SETRICHACL_PROG --modify flags:a d1/d2/d4/d5
$GETRICHACL_PROG --numeric d1 | sed -e 's/:fd:deny/:fd:allow/' > acl.txt
cat acl.txt
$SETRICHACL_PROG --set-file acl.txt d1
$GETRICHACL_PROG --numeric --raw d1
$GETRICHACL_PROG --numeric --raw d1/d2
$GETRICHACL_PROG --numeric --raw d1/d3
$GETRICHACL_PROG --numeric --raw d1/d2/d4
$GETRICHACL_PROG --numeric --raw d1/d2/d4/d5
# No automatic inheritance for protected files
$GETRICHACL_PROG --numeric --raw d1/d6
$GETRICHACL_PROG --numeric --raw d1/d7
# success, all done
status=0
exit
tests/generic/363.out
+139
View File
@@ -0,0 +1,139 @@
QA output created by 363
d1:
flags:a
owner:rwpxd-----------::mask
group:r--x------------::mask
other:r--x------------::mask
user:101:rw--------------:fd:deny
user:102:rw--------------:f:deny
user:103:rw--------------:d:deny
group:101:rw--------------:fdi:deny
owner@:rwpxd-----------:fd:allow
everyone@:r--x------------::allow
d1/d2:
flags:map
owner:rwpxd-----------::mask
group:----------------::mask
other:----------------::mask
user:101:rw--------------:fda:deny
user:102:rw--------------:fia:deny
user:103:rw--------------:da:deny
group:101:rw--------------:fda:deny
owner@:rwpxd-----------:fda:allow
d1/d3:
flags:map
owner:rwp-------------::mask
group:----------------::mask
other:----------------::mask
user:101:rw--------------:a:deny
user:102:rw--------------:a:deny
group:101:rw--------------:a:deny
owner@:rwpx------------:a:allow
d1/d2/d4:
flags:map
owner:rwpxd-----------::mask
group:----------------::mask
other:----------------::mask
user:101:rw--------------:fda:deny
user:102:rw--------------:fia:deny
user:103:rw--------------:da:deny
group:101:rw--------------:fda:deny
owner@:rwpxd-----------:fda:allow
d1/d2/d4/d5:
flags:map
owner:rwp-------------::mask
group:----------------::mask
other:----------------::mask
user:101:rw--------------:a:deny
user:102:rw--------------:a:deny
group:101:rw--------------:a:deny
owner@:rwpx------------:a:allow
d1:
flags:a
user:101:rw-----------:fd:allow
user:102:rw-----------:f:deny
user:103:rw-----------:d:deny
group:101:rw-----------:fdi:deny
owner@:rwpxd--------:fd:allow
everyone@:r--x---------::allow
d1:
flags:a
owner:rwpxd-----------::mask
group:rw-x------------::mask
other:r--x------------::mask
user:101:rw--------------:fd:allow
user:102:rw--------------:f:deny
user:103:rw--------------:d:deny
group:101:rw--------------:fdi:deny
owner@:rwpxd-----------:fd:allow
everyone@:r--x------------::allow
d1/d2:
flags:a
owner:rwpxd-----------::mask
group:rw--------------::mask
other:----------------::mask
user:101:rw--------------:fda:allow
user:102:rw--------------:fia:deny
user:103:rw--------------:da:deny
group:101:rw--------------:fda:deny
owner@:rwpxd-----------:fda:allow
d1/d3:
flags:a
owner:rwpx------------::mask
group:rw--------------::mask
other:----------------::mask
user:101:rw--------------:a:allow
user:102:rw--------------:a:deny
group:101:rw--------------:a:deny
owner@:rwpx------------:a:allow
d1/d2/d4:
flags:a
owner:rwpxd-----------::mask
group:rw--------------::mask
other:----------------::mask
user:101:rw--------------:fda:allow
user:102:rw--------------:fia:deny
user:103:rw--------------:da:deny
group:101:rw--------------:fda:deny
owner@:rwpxd-----------:fda:allow
d1/d2/d4/d5:
flags:a
owner:rwpx------------::mask
group:rw--------------::mask
other:----------------::mask
user:101:rw--------------:a:allow
user:102:rw--------------:a:deny
group:101:rw--------------:a:deny
owner@:rwpx------------:a:allow
d1/d6:
flags:map
owner:rwpxd-----------::mask
group:----------------::mask
other:----------------::mask
user:101:rw--------------:fda:deny
user:102:rw--------------:fia:deny
user:103:rw--------------:da:deny
group:101:rw--------------:fda:deny
owner@:rwpxd-----------:fda:allow
d1/d7:
flags:map
owner:rwp-------------::mask
group:----------------::mask
other:----------------::mask
user:101:rw--------------:a:deny
user:102:rw--------------:a:deny
group:101:rw--------------:a:deny
owner@:rwpx------------:a:allow
tests/generic/364
Executable
+98
View File
@@ -0,0 +1,98 @@
#! /bin/bash
# FS QA Test 364
#
# RichACL basic test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
_supported_fs generic
_supported_os Linux
_require_scratch
_require_scratch_richacl
_require_richacl_prog
_scratch_mkfs_richacl >> $seqres.full
_scratch_mount
cd $SCRATCH_MNT
umask 022
touch x
$SETRICHACL_PROG --set 'everyone@:rwp::allow' x
stat -c %A x
$GETRICHACL_PROG x
chmod 664 x
stat -c %A x
$GETRICHACL_PROG x
# Note that unlike how the test cases look at first sight, we do *not* require
# a richacl-enabled version of ls here ...
mkdir sub
$SETRICHACL_PROG --set 'everyone@:rwpxd:fd:allow' sub
stat -c %A+ sub
$GETFATTR_PROG -m system\.richacl sub
chmod 775 sub
stat -c %A+ sub
$GETFATTR_PROG -m system\.richacl sub
$GETRICHACL_PROG sub
touch sub/f
stat -c %A sub/f
$GETRICHACL_PROG sub/f
mkdir sub/sub2
stat -c %A+ sub/sub2
$GETRICHACL_PROG sub/sub2
mkdir -m 750 sub/sub3
stat -c %A+ sub/sub3
$GETRICHACL_PROG sub/sub3
# success, all done
status=0
exit
tests/generic/364.out
+39
View File
@@ -0,0 +1,39 @@
QA output created by 364
-rw-rw-rw-
x:
everyone@:rwp----------::allow
-rw-rw-r--
x:
owner@:rwp----------::allow
group@:rwp----------::allow
everyone@:r------------::allow
drwxrwxrwx+
# file: sub
system.richacl
drwxrwxr-x+
# file: sub
system.richacl
sub:
owner@:rwpxd--------::allow
group@:rwpxd--------::allow
everyone@:rwpxd--------:fdi:allow
everyone@:r--x---------::allow
-rw-rw-rw-
sub/f:
everyone@:rwp----------::allow
drwxrwxrwx+
sub/sub2:
everyone@:rwpxd--------:fd:allow
drwxr-x---+
sub/sub3:
owner@:rwpxd--------::allow
group@:r--x---------::allow
everyone@:rwpxd--------:fdi:allow
tests/generic/365
Executable
+93
View File
@@ -0,0 +1,93 @@
#! /bin/bash
# FS QA Test 365
#
# RichACL chmod test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
_supported_fs generic
_supported_os Linux
_require_scratch
_require_scratch_richacl
_require_richacl_prog
_require_runas
_scratch_mkfs_richacl >> $seqres.full
_scratch_mount
cd $SCRATCH_MNT
r()
{
echo "--- runas -u 99 -g 99 $*"
_runas -u 99 -g 99 -- "$@"
}
s()
{
echo "--- runas -u 99 -g 99 setrichacl $*"
_runas -u 99 -g 99 -- $SETRICHACL_PROG "$@"
}
# Create file as root
touch a
# We cannot set the acl as another user
s --set 'u:99:rwc::allow' a
# We cannot chmod as another user
r chmod 666 a
# Give user 99 the write_acl permission
$SETRICHACL_PROG --set 'u:99:rwpC::allow' a
# Now user 99 can setrichacl and chmod ...
s --set 'u:99:rwpC::allow' a
r chmod 666 a
# ... but chmod disables the write_acl permission
s --set 'u:99:rwpC::allow' a
# success, all done
status=0
exit
tests/generic/365.out
+9
View File
@@ -0,0 +1,9 @@
QA output created by 365
--- runas -u 99 -g 99 setrichacl --set u:99:rwc::allow a
a: Operation not permitted
--- runas -u 99 -g 99 chmod 666 a
chmod: changing permissions of 'a': Operation not permitted
--- runas -u 99 -g 99 setrichacl --set u:99:rwpC::allow a
--- runas -u 99 -g 99 chmod 666 a
--- runas -u 99 -g 99 setrichacl --set u:99:rwpC::allow a
a: Operation not permitted
tests/generic/366
Executable
+86
View File
@@ -0,0 +1,86 @@
#! /bin/bash
# FS QA Test 366
#
# RichACL chown test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
_supported_fs generic
_supported_os Linux
_require_scratch
_require_scratch_richacl
_require_richacl_prog
_require_runas
_scratch_mkfs_richacl >> $seqres.full
_scratch_mount
cd $SCRATCH_MNT
r()
{
echo "--- runas -u 99 -g 99 $*"
_runas -u 99 -g 99 -- "$@"
}
# Create file as root
touch a
# Chown and chgrp with no take ownership permission fails
r chown 99 a
r chgrp 99 a
# Add the take_ownership permission
$SETRICHACL_PROG --set 'u:99:rwpo::allow' a
# Chown and chgrp to a user or group the process is not in fails
r chown 100 a
r chgrp 100 a
# Chown and chgrp to a user and group the process is in succeeds
r chown 99 a
r chgrp 99 a
# success, all done
status=0
exit
tests/generic/366.out
+11
View File
@@ -0,0 +1,11 @@
QA output created by 366
--- runas -u 99 -g 99 chown 99 a
chown: changing ownership of 'a': Operation not permitted
--- runas -u 99 -g 99 chgrp 99 a
chgrp: changing group of 'a': Operation not permitted
--- runas -u 99 -g 99 chown 100 a
chown: changing ownership of 'a': Operation not permitted
--- runas -u 99 -g 99 chgrp 100 a
chgrp: changing group of 'a': Operation not permitted
--- runas -u 99 -g 99 chown 99 a
--- runas -u 99 -g 99 chgrp 99 a
tests/generic/367
Executable
+85
View File
@@ -0,0 +1,85 @@
#! /bin/bash
# FS QA Test 367
#
# RichACL create test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
_supported_fs generic
_supported_os Linux
_require_scratch
_require_scratch_richacl
_require_richacl_prog
_require_runas
_scratch_mkfs_richacl >> $seqres.full
_scratch_mount
cd $SCRATCH_MNT
r()
{
echo "--- runas -u 99 -g 99 $*"
_runas -u 99 -g 99 -- "$@"
}
# Create directories as root with different permissions
mkdir d1 d2 d3
$SETRICHACL_PROG --set 'u:99:wx::allow' d2
$SETRICHACL_PROG --set 'u:99:px::allow' d3
# Cannot create files or directories without permissions
r touch d1/f
r mkdir d1/d
# Can create files with add_file (w) permission
r touch d2/f
r mkdir d2/d
# Can create directories with add_subdirectory (p) permission
r touch d3/f
r mkdir d3/d
# success, all done
status=0
exit
tests/generic/367.out
+11
View File
@@ -0,0 +1,11 @@
QA output created by 367
--- runas -u 99 -g 99 touch d1/f
touch: cannot touch 'd1/f': Permission denied
--- runas -u 99 -g 99 mkdir d1/d
mkdir: cannot create directory 'd1/d': Permission denied
--- runas -u 99 -g 99 touch d2/f
--- runas -u 99 -g 99 mkdir d2/d
mkdir: cannot create directory 'd2/d': Permission denied
--- runas -u 99 -g 99 touch d3/f
touch: cannot touch 'd3/f': Permission denied
--- runas -u 99 -g 99 mkdir d3/d
tests/generic/368
Executable
+85
View File
@@ -0,0 +1,85 @@
#! /bin/bash
# FS QA Test 368
#
# RichACL ctime test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
_supported_fs generic
_supported_os Linux
_require_scratch
_require_scratch_richacl
_require_richacl_prog
_require_runas
_scratch_mkfs_richacl >> $seqres.full
_scratch_mount
cd $SCRATCH_MNT
r()
{
echo "--- runas -u 99 -g 99 $*"
_runas -u 99 -g 99 -- "$@"
}
touch a
# Without write access, the ctime cannot be changed
r touch a
$SETRICHACL_PROG --set 'u:99:rw::allow' a
# With write access, the ctime can be set to the current time, but not to
# any other time
r touch a
r touch -d '1 hour ago' a
$SETRICHACL_PROG --set 'u:99:rwA::allow' a
# With set_attributes access, the ctime can be set to an arbitrary time
r touch -d '1 hour ago' a
# success, all done
status=0
exit
tests/generic/368.out
+7
View File
@@ -0,0 +1,7 @@
QA output created by 368
--- runas -u 99 -g 99 touch a
touch: cannot touch 'a': Permission denied
--- runas -u 99 -g 99 touch a
--- runas -u 99 -g 99 touch -d 1 hour ago a
touch: setting times of 'a': Operation not permitted
--- runas -u 99 -g 99 touch -d 1 hour ago a
tests/generic/369
Executable
+126
View File
@@ -0,0 +1,126 @@
#! /bin/bash
# FS QA Test 369
#
# RichACL delete test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
_supported_fs generic
_supported_os Linux
_require_scratch
_require_scratch_richacl
_require_richacl_prog
_require_runas
_scratch_mkfs_richacl >> $seqres.full
_scratch_mount
cd $SCRATCH_MNT
r()
{
echo "--- runas -u 99 -g 99 $*"
_runas -u 99 -g 99 -- "$@"
}
umask 022
chmod go+w .
mkdir d1 d2 d3 d4 d5 d6 d7
touch d1/f d1/g d2/f d3/f d4/f d5/f d6/f d7/f d7/g d7/h
chmod o+w d1/g
chown 99 d2
chgrp 99 d3
chmod g+w d3
$SETRICHACL_PROG --set 'u:99:wx::allow' d4
$SETRICHACL_PROG --set 'u:99:d::allow' d5
$SETRICHACL_PROG --set 'u:99:xd::allow' d6
$SETRICHACL_PROG --set 'u:99:D::allow' d7/f d7/g d7/h
chmod 664 d7/g
mkdir s2 s3 s4 s5 s6 s7
chmod +t s2 s3 s4 s5 s6 s7
touch s2/f s3/f s4/f s5/f s6/f s7/f s7/g s7/h
chown 99 s2
chgrp 99 s3
chmod g+w s3
$SETRICHACL_PROG --set 'u:99:wx::allow' s4
$SETRICHACL_PROG --set 'u:99:d::allow' s5
$SETRICHACL_PROG --set 'u:99:xd::allow' s6
$SETRICHACL_PROG --set 'u:99:D::allow' s7/f s7/g s7/h
chmod 664 s7/g
# Cannot delete files with no or only with write permissions on the directory
r rm -f d1/f d1/g
# Can delete files in directories we own
r rm -f d2/f s2/f
# Can delete files in non-sticky directories we have write access to
r rm -f d3/f s3/f
# "Write_data/execute" access does not include delete_child access, so deleting
# is not allowed:
r rm -f d4/f s4/f
# "Delete_child" access alone also is not sufficient
r rm -f d5/f s5/f
# "Execute/delete_child" access is sufficient for non-sticky directories
r rm -f d6/f s6/f
# "Delete" access on the child is sufficient, even in sticky directories.
r rm -f d7/f s7/f
# Regression: Delete access must not override add_file / add_subdirectory
# access.
r touch h
r mv -f h d7/
r mv -f h s7/
# A chmod turns off the "delete" permission
r rm -f d7/g s7/g
# success, all done
status=0
exit
tests/generic/369.out
+24
View File
@@ -0,0 +1,24 @@
QA output created by 369
--- runas -u 99 -g 99 rm -f d1/f d1/g
rm: cannot remove 'd1/f': Permission denied
rm: cannot remove 'd1/g': Permission denied
--- runas -u 99 -g 99 rm -f d2/f s2/f
--- runas -u 99 -g 99 rm -f d3/f s3/f
rm: cannot remove 's3/f': Operation not permitted
--- runas -u 99 -g 99 rm -f d4/f s4/f
rm: cannot remove 'd4/f': Permission denied
rm: cannot remove 's4/f': Permission denied
--- runas -u 99 -g 99 rm -f d5/f s5/f
rm: cannot remove 'd5/f': Permission denied
rm: cannot remove 's5/f': Permission denied
--- runas -u 99 -g 99 rm -f d6/f s6/f
rm: cannot remove 's6/f': Operation not permitted
--- runas -u 99 -g 99 rm -f d7/f s7/f
--- runas -u 99 -g 99 touch h
--- runas -u 99 -g 99 mv -f h d7/
mv: cannot move 'h' to 'd7/h': Permission denied
--- runas -u 99 -g 99 mv -f h s7/
mv: cannot move 'h' to 's7/h': Permission denied
--- runas -u 99 -g 99 rm -f d7/g s7/g
rm: cannot remove 'd7/g': Permission denied
rm: cannot remove 's7/g': Permission denied
tests/generic/370
Executable
+90
View File
@@ -0,0 +1,90 @@
#! /bin/bash
# FS QA Test 370
#
# RichACL write-vs-append test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
_supported_fs generic
_supported_os Linux
_require_scratch
_require_scratch_richacl
_require_richacl_prog
_require_runas
_scratch_mkfs_richacl >> $seqres.full
_scratch_mount
cd $SCRATCH_MNT
r()
{
echo "--- runas -u 99 -g 99 $*"
_runas -u 99 -g 99 -- "$@"
}
touch a b c d e f
$SETRICHACL_PROG --set 'owner@:rwp::allow' a
$SETRICHACL_PROG --set 'owner@:rwp::allow u:99:w::allow' b
$SETRICHACL_PROG --set 'owner@:rwp::allow u:99:p::allow' c
$SETRICHACL_PROG --set 'owner@:rwp::allow u:99:wp::allow' d
$SETRICHACL_PROG --set 'u:99:a::deny owner@:rwp::allow u:99:w::allow' e
$SETRICHACL_PROG --set 'u:99:w::deny owner@:rwp::allow u:99:p::allow' f
r sh -c 'echo a > a'
r sh -c 'echo b > b'
r sh -c 'echo c > c'
r sh -c 'echo d > d'
r sh -c 'echo e > e'
r sh -c 'echo f > f'
r sh -c 'echo A >> a'
r sh -c 'echo B >> b'
r sh -c 'echo C >> c'
r sh -c 'echo D >> d'
r sh -c 'echo E >> e'
r sh -c 'echo F >> f'
# success, all done
status=0
exit
tests/generic/370.out
+19
View File
@@ -0,0 +1,19 @@
QA output created by 370
--- runas -u 99 -g 99 sh -c echo a > a
sh: a: Permission denied
--- runas -u 99 -g 99 sh -c echo b > b
--- runas -u 99 -g 99 sh -c echo c > c
sh: c: Permission denied
--- runas -u 99 -g 99 sh -c echo d > d
--- runas -u 99 -g 99 sh -c echo e > e
--- runas -u 99 -g 99 sh -c echo f > f
sh: f: Permission denied
--- runas -u 99 -g 99 sh -c echo A >> a
sh: a: Permission denied
--- runas -u 99 -g 99 sh -c echo B >> b
sh: b: Permission denied
--- runas -u 99 -g 99 sh -c echo C >> c
--- runas -u 99 -g 99 sh -c echo D >> d
--- runas -u 99 -g 99 sh -c echo E >> e
sh: e: Permission denied
--- runas -u 99 -g 99 sh -c echo F >> f
tests/generic/group
+9
View File
@@ -364,3 +364,12 @@
359 auto quick clone
360 auto quick metadata
361 auto quick
362 auto quick richacl
363 auto quick richacl
364 auto quick richacl
365 auto quick richacl
366 auto quick richacl
367 auto quick richacl
368 auto quick richacl
369 auto quick richacl
370 auto quick richacl