From: Andrew Gildfind Date: Mon, 2 Apr 2001 00:41:31 +0000 (+0000) Subject: No Message Supplied X-Git-Tag: v1.1.0~1286 X-Git-Url: http://git.apps.os.sepia.ceph.com/?a=commitdiff_plain;h=a12763fe45157f24d5474e1dac6bf0f54148f941;p=xfstests-dev.git No Message Supplied --- diff --git a/051 b/051 index 4c4fa368..1ca4c101 100755 --- a/051 +++ b/051 @@ -50,6 +50,7 @@ trap "_cleanup; exit \$status" 0 1 2 3 15 # get standard environment, filters and checks . ./common.rc . ./common.filter +. ./common.attr _cleanup() { @@ -57,41 +58,6 @@ _cleanup() rm -rf $TEST_DIR/$seq.dir1 } -_ls() -{ - ls -ln $* | awk '{ print $1, $3, $4, $NF }' | _filter_id -} - - -_setup_ids() -{ - eval `cat /etc/passwd /etc/group | gawk -F: ' - { ids[$3]=1 } - END { - j=1 - for(i=1; i<1000000 && j<=3;i++){ - if (! (i in ids)) { - printf "acl%d=%d;", j, i; - j++ - } - } - }'` -} - -_filter_id() -{ - sed \ - -e "s/u:$acl1/u:id1/" \ - -e "s/u:$acl2/u:id2/" \ - -e "s/u:$acl3/u:id3/" \ - -e "s/g:$acl1/g:id1/" \ - -e "s/g:$acl2/g:id2/" \ - -e "s/g:$acl3/g:id3/" \ - -e "s/ $acl1 / id1 /" \ - -e "s/ $acl2 / id2 /" \ - -e "s/ $acl3 / id3 /" -} - # ----- # minimal access ACL has ACEs: USER_OBJ, GROUP_OBJ, OTHER_OBJ # This is set with chacl(1) and can be changed by chmod(1). @@ -118,7 +84,7 @@ _filter_id() rm -f $seq.full _need_to_be_root -_setup_ids +_acl_setup_ids [ -x /bin/chacl ] || _notrun "chacl command not found" [ -x $runas ] || _notrun "$runas executable not found" @@ -158,28 +124,28 @@ chmod u=rwx file1 chmod g=rw- file1 chmod o=r-- file1 chown $acl1.$acl2 file1 -_ls file1 +_acl_ls file1 echo "" echo "--- Test get and set of ACL ---" -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id echo "Expect to FAIL" chacl u::r--,g::rwx,o:rw- file1 2>&1 echo "Expect to PASS" chacl u::r--,g::rwx,o::rw- file1 2>&1 -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id echo "" echo "--- Test sync of ACL with std permissions ---" -_ls file1 +_acl_ls file1 chmod u+w file1 -_ls file1 -chacl -l file1 | _filter_id +_acl_ls file1 +chacl -l file1 | _acl_filter_id echo "" echo "--- Test owner permissions ---" chacl u::r-x,g::---,o::--- file1 2>&1 -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id # change to owner echo "Expect to PASS" $runas -u $acl1 -g $acl1 ./file1 2>&1 @@ -189,7 +155,7 @@ $runas -u $acl2 -g $acl2 ./file1 2>&1 echo "" echo "--- Test group permissions ---" chacl u::---,g::r-x,o::--- file1 2>&1 -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id echo "Expect to FAIL - acl1 is owner" $runas -u $acl1 -g $acl1 ./file1 2>&1 echo "Expect to PASS - acl2 matches group" @@ -202,7 +168,7 @@ $runas -u $acl3 -g $acl3 ./file1 2>&1 echo "" echo "--- Test other permissions ---" chacl u::---,g::---,o::r-x file1 2>&1 -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id echo "Expect to FAIL - acl1 is owner" $runas -u $acl1 -g $acl1 ./file1 2>&1 echo "Expect to FAIL - acl2 is in group" @@ -222,10 +188,10 @@ echo "--- Test adding a USER ACE ---" echo "Expect to FAIL as no MASK provided" chacl u::---,g::---,o::---,u:$acl2:r-x file1 2>&1 echo "Ensure that ACL has not been changed" -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id echo "Expect to PASS - USER ACE matches user" chacl u::---,g::---,o::---,u:$acl2:r-x,m::rwx file1 2>&1 -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id $runas -u $acl2 -g $acl2 ./file1 2>&1 echo "Expect to FAIL - USER ACE does not match user" $runas -u $acl3 -g $acl3 ./file1 2>&1 @@ -235,9 +201,9 @@ echo "--- Test adding a GROUP ACE ---" echo "Expect to FAIL as no MASK provided" chacl u::---,g::---,o::---,g:$acl2:r-x file1 2>&1 echo "Ensure that ACL has not been changed" -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id chacl u::---,g::---,o::---,g:$acl2:r-x,m::rwx file1 2>&1 -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id echo "Expect to PASS - GROUP ACE matches group" $runas -u $acl2 -g $acl2 ./file1 2>&1 echo "Expect to PASS - GROUP ACE matches sup group" @@ -252,7 +218,7 @@ echo "--- Test MASK ---" # group chacl u::---,g::---,o::---,g:$acl2:r-x,m::-w- file1 2>&1 -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id echo "Expect to FAIL as MASK prohibits execution" $runas -u $acl2 -g $acl2 ./file1 2>&1 @@ -287,24 +253,42 @@ echo "=== Test can read ACLs without access permissions ===" # This was a bug in kernel code where syscred wasn't being used # to override the capabilities chacl o::---,g::---,u::--- file1 2>&1 -chacl -l file1 | _filter_id +chacl -l file1 | _acl_filter_id #------------------------------------------------------- echo "" echo "=== Test Default ACLs ===" mkdir acldir -chacl -b "u::rwx,g::rwx,o::rwx" "u::r-x,g::r--,o::---" ./acldir 2>&1 -chacl -l acldir | _filter_id +chacl -b "u::rwx,g::rwx,o::rwx" "u::r-x,g::r--,o::---" acldir 2>&1 +chacl -l acldir | _acl_filter_id cd acldir touch file2 -_ls file2 -chacl -l file2 | _filter_id +_acl_ls file2 +chacl -l file2 | _acl_filter_id cd .. #------------------------------------------------------- +echo "" +echo "=== Removing ACLs ===" +chacl -l file1 | _acl_filter_id +chacl -l acldir | _acl_filter_id +chacl -l acldir/file2 | _acl_filter_id +echo "Remove ACLs..." +chacl -R file1 +chacl -B acldir +chacl -R acldir/file2 +chacl -l file1 | _acl_filter_id +chacl -l acldir | _acl_filter_id +chacl -l acldir/file2 | _acl_filter_id + +#------------------------------------------------------- + + + + # success, all done status=0 exit diff --git a/051.out b/051.out index 9fc8003a..339758a2 100644 --- a/051.out +++ b/051.out @@ -93,3 +93,12 @@ file1 [o::---,g::---,u::---] acldir [u::rwx,g::rwx,o::rwx/u::r-x,g::r--,o::---] -r--r----- 0 0 file2 file2 [u::r--,g::r--,o::---] + +=== Removing ACLs === +file1 [o::---,g::---,u::---] +acldir [u::rwx,g::rwx,o::rwx/u::r-x,g::r--,o::---] +acldir/file2 [u::r--,g::---,o::---] +Remove ACLs... +file1 [] +acldir [] +acldir/file2 [] diff --git a/053 b/053 new file mode 100755 index 00000000..5241ddc5 --- /dev/null +++ b/053 @@ -0,0 +1,105 @@ +#! /bin/sh +# XFS QA Test No. 053 +# $Id: 1.1 $ +# +# xfs_repair breaks acls +# +#----------------------------------------------------------------------- +# Copyright (c) 2000 Silicon Graphics, Inc. All Rights Reserved. +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of version 2 of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it would be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# Further, this software is distributed without any warranty that it is +# free of the rightful claim of any third person regarding infringement +# or the like. Any license provided herein, whether implied or +# otherwise, applies only to this software file. Patent licenses, if +# any, provided herein do not apply to combinations of this program with +# other software, or any other product whatsoever. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write the Free Software Foundation, Inc., 59 +# Temple Place - Suite 330, Boston MA 02111-1307, USA. +# +# Contact information: Silicon Graphics, Inc., 1600 Amphitheatre Pkwy, +# Mountain View, CA 94043, or: +# +# http://www.sgi.com +# +# For further information regarding this notice, see: +# +# http://oss.sgi.com/projects/GenInfo/SGIGPLNoticeExplan/ +#----------------------------------------------------------------------- +# +# creator +owner=ajag@bruce.melbourne.sgi.com + +seq=`basename $0` +echo "QA output created by $seq" + +here=`pwd` +tmp=/tmp/$$ +status=1 # failure is the default! +trap "rm -f $tmp.*; exit \$status" 0 1 2 3 15 + +# get standard environment, filters and checks +. ./common.rc +. ./common.filter +. ./common.attr + +# real QA test starts here +_require_scratch +_acl_setup_ids +_do_die_on_error=y +test=$SCRATCH_MNT/test + +# make filesystem on scratch using the defaults +_do 'make filesystem on $SCRATCH_DEV' \ + 'mkfs -t xfs -f $SCRATCH_DEV' +_do 'mount filesytem' \ + 'mount -t xfs $SCRATCH_DEV $SCRATCH_MNT' + +# create test files and set acls +acls=" +u::r--,g::rwx,o::rw- +u::r-x,g::---,o::--- +u::---,g::r-x,o::--- +u::---,g::---,o::r-x +u::---,g::r-x,o::rwx +u::---,g::---,o::---,u:$acl2:r-x,m::rwx +u::rwx,g::r-x,o::r-- +u::---,g::---,o::---,g:$acl2:r-x,m::-w-" + +i=0 +for acl in $acls +do + _do "touch $test.$i" + _do "chacl $acl $test.$i" + i=`expr $i + 1` +done + +list_acls() +{ + i=0 + for acl in $acls + do + chacl -l $test.$i | _acl_filter_id | sed -e "s!$SCRATCH_MNT!\$SCRATCH_MNT!" + i=`expr $i + 1` + done +} + +echo "acls before repair:" +list_acls +_do 'unmount $SCRATCH_DEV' 'umount $SCRATCH_DEV' +_do 'repair filesystem' 'xfs_repair $SCRATCH_DEV' +_do 'mount filesytem' 'mount -t xfs $SCRATCH_DEV $SCRATCH_MNT' +echo "acls after repair: " +list_acls + +# success, all done +status=0; exit diff --git a/053.out b/053.out new file mode 100644 index 00000000..1764d064 --- /dev/null +++ b/053.out @@ -0,0 +1,24 @@ +QA output created by 053 +make filesystem on $SCRATCH_DEV... done +mount filesytem... done +acls before repair: +$SCRATCH_MNT/test.0 [u::r--,g::rwx,o::rw-] +$SCRATCH_MNT/test.1 [u::r-x,g::---,o::---] +$SCRATCH_MNT/test.2 [u::---,g::r-x,o::---] +$SCRATCH_MNT/test.3 [u::---,g::---,o::r-x] +$SCRATCH_MNT/test.4 [u::---,g::r-x,o::rwx] +$SCRATCH_MNT/test.5 [u::---,g::---,o::---,u:id2:r-x,m::rwx] +$SCRATCH_MNT/test.6 [u::rwx,g::r-x,o::r--] +$SCRATCH_MNT/test.7 [u::---,g::---,o::---,g:id2:r-x,m::-w-] +unmount $SCRATCH_DEV... done +repair filesystem... done +mount filesytem... done +acls after repair: +$SCRATCH_MNT/test.0 [u::r--,g::rwx,o::rw-] +$SCRATCH_MNT/test.1 [u::r-x,g::---,o::---] +$SCRATCH_MNT/test.2 [u::---,g::r-x,o::---] +$SCRATCH_MNT/test.3 [u::---,g::---,o::r-x] +$SCRATCH_MNT/test.4 [u::---,g::r-x,o::rwx] +$SCRATCH_MNT/test.5 [u::---,g::---,o::---,u:id2:r-x,m::rwx] +$SCRATCH_MNT/test.6 [u::rwx,g::r-x,o::r--] +$SCRATCH_MNT/test.7 [u::---,g::---,o::---,g:id2:r-x,m::-w-] diff --git a/common.attr b/common.attr new file mode 100644 index 00000000..fc5dbcd4 --- /dev/null +++ b/common.attr @@ -0,0 +1,78 @@ +##/bin/sh + +# +# Copyright (c) 2000 Silicon Graphics, Inc. All Rights Reserved. +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of version 2 of the GNU General Public License as +# published by the Free Software Foundation. +# +# This program is distributed in the hope that it would be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. +# +# Further, this software is distributed without any warranty that it is +# free of the rightful claim of any third person regarding infringement +# or the like. Any license provided herein, whether implied or +# otherwise, applies only to this software file. Patent licenses, if +# any, provided herein do not apply to combinations of this program with +# other software, or any other product whatsoever. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write the Free Software Foundation, Inc., 59 +# Temple Place - Suite 330, Boston MA 02111-1307, USA. +# +# Contact information: Silicon Graphics, Inc., 1600 Amphitheatre Pkwy, +# Mountain View, CA 94043, or: +# +# http://www.sgi.com +# +# For further information regarding this notice, see: +# +# http://oss.sgi.com/projects/GenInfo/SGIGPLNoticeExplan/ +# + +# common extended attribute and ACL support + +# pick three unused user/group ids, store them as $acl[1-3] +# +_acl_setup_ids() +{ + eval `cat /etc/passwd /etc/group | gawk -F: ' + { ids[$3]=1 } + END { + j=1 + for(i=1; i<1000000 && j<=3;i++){ + if (! (i in ids)) { + printf "acl%d=%d;", j, i; + j++ + } + } + }'` +} + +# filter for the acl ids selected above +# +_acl_filter_id() +{ + sed \ + -e "s/u:$acl1/u:id1/" \ + -e "s/u:$acl2/u:id2/" \ + -e "s/u:$acl3/u:id3/" \ + -e "s/g:$acl1/g:id1/" \ + -e "s/g:$acl2/g:id2/" \ + -e "s/g:$acl3/g:id3/" \ + -e "s/ $acl1 / id1 /" \ + -e "s/ $acl2 / id2 /" \ + -e "s/ $acl3 / id3 /" +} + +# filtered ls +# +_acl_ls() +{ + ls -ln $* | awk '{ print $1, $3, $4, $NF }' | _acl_filter_id +} + +# make sure this script returns success +/bin/true \ No newline at end of file diff --git a/common.rc b/common.rc index 82cea6a6..1cb02a5e 100644 --- a/common.rc +++ b/common.rc @@ -262,6 +262,36 @@ _is_block_dev() [ -b $1 ] && src/lstat64 $1 | $AWK_PROG '/Device type:/ { print $9 }' } +# do a command, log it to $seq.full, optionally test return status +# and die if command fails +# +_do() +{ + if [ $# -eq 1 ]; then + _cmd=$1 + elif [ $# -eq 2 ]; then + _note=$1 + _cmd=$2 + echo -n "$_note... " + else + echo "Usage: _do [note] cmd" 1>&2 + status=1; exit + fi + + (eval "echo '---' $_cmd") >>$seq.full + (eval "$_cmd") >$tmp._out 2>&1; ret=$? + cat $tmp._out | _fix_malloc >>$seq.full + if [ $# -eq 2 ]; then + if [ $ret -eq 0 ]; then echo "done"; else echo "fail"; fi + fi + if [ "$_do_die_on_error" -a $ret -ne 0 ]; then + eval "echo $_cmd failed \(returned $ret\): see $seq.full" + status=1; exit + fi + + return $ret +} + # bail out, setting up .notrun file # _notrun()