diff options
| author | John Wren Kennedy <john.kennedy@delphix.com> | 2013-01-11 15:56:21 -0800 |
|---|---|---|
| committer | Richard Lowe <richlowe@richlowe.net> | 2013-01-14 17:08:01 -0500 |
| commit | 7b1753e64ab6c8c68e7cd79acbedfdfba12bd7f8 (patch) | |
| tree | 07c5b22d58cf4465f38d8ef236ce13be6204fa9d | |
| parent | f6dcd367bb2ab63785ea4839111eb4846066404d (diff) | |
| download | illumos-joyent-7b1753e64ab6c8c68e7cd79acbedfdfba12bd7f8.tar.gz | |
3444 README for usr/src/test
3445 ZFS tests for restricted aclmode
Reviewed by: Richard Lowe <richlowe@richlowe.net>
Reviewed by: Christopher Siden <csiden@delphix.com>
Approved by: Richard Lowe <richlowe@richlowe.net>
9 files changed, 321 insertions, 11 deletions
diff --git a/usr/src/pkg/manifests/system-test-zfstest.mf b/usr/src/pkg/manifests/system-test-zfstest.mf index 7c5beaec2b..4b137334cc 100644 --- a/usr/src/pkg/manifests/system-test-zfstest.mf +++ b/usr/src/pkg/manifests/system-test-zfstest.mf @@ -10,7 +10,7 @@ # # -# Copyright (c) 2012 by Delphix. All rights reserved. +# Copyright (c) 2013 by Delphix. All rights reserved. # set name=pkg.fmri value=pkg:/system/test/zfstest@$(PKGVERS) @@ -111,6 +111,9 @@ file path=opt/zfs-tests/tests/functional/acl/cifs/cleanup mode=0555 file path=opt/zfs-tests/tests/functional/acl/cifs/setup mode=0555 file path=opt/zfs-tests/tests/functional/acl/nontrivial/cleanup mode=0555 file path=opt/zfs-tests/tests/functional/acl/nontrivial/setup mode=0555 +file \ + path=opt/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_aclmode_restricted_001_neg \ + mode=0555 file path=opt/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_chmod_001_neg \ mode=0555 file path=opt/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_chmod_002_pos \ @@ -183,6 +186,9 @@ file path=opt/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_tar_002_pos \ mode=0555 file path=opt/zfs-tests/tests/functional/acl/trivial/cleanup mode=0555 file path=opt/zfs-tests/tests/functional/acl/trivial/setup mode=0555 +file \ + path=opt/zfs-tests/tests/functional/acl/trivial/zfs_acl_aclmode_restricted_001_pos \ + mode=0555 file path=opt/zfs-tests/tests/functional/acl/trivial/zfs_acl_chmod_001_pos \ mode=0555 file path=opt/zfs-tests/tests/functional/acl/trivial/zfs_acl_compress_001_pos \ diff --git a/usr/src/test/README b/usr/src/test/README new file mode 100644 index 0000000000..f3fe2b8253 --- /dev/null +++ b/usr/src/test/README @@ -0,0 +1,86 @@ +# +# This file and its contents are supplied under the terms of the +# Common Development and Distribution License ("CDDL"), version 1.0. +# You may only use this file in accordance with the terms of version +# 1.0 of the CDDL. +# +# A full copy of the text of the CDDL should have accompanied this +# source. A copy of the CDDL is also available via the Internet at +# http://www.illumos.org/license/CDDL. +# + +# +# Copyright (c) 2013 by Delphix. All rights reserved. +# + +illumos Testing README + +1. A Brief History of usr/src/test +2. How to Run These Tests +3. How to Develop New Tests +4. Porting Tests from Other Frameworks + +-------------------------------------------------------------------------------- + +1. A Brief History of usr/src/test + +The tests here come in two varieties - tests written from scratch, and tests +that have been ported from the Solaris Test Collection. Not all of the STC +tests have been ported, and a forked repository of those that have been made +publicly available may currently be found here: + + https://bitbucket.org/illumos/illumos-stc/ + +Regardless of origin, all of these tests are executed using the run(1) script +described in the next section. + +2. How to Run These Tests + +Currently, all the test suites under usr/src/test provide a wrapper script +around run(1). These wrappers allow environment variables to be set up which +may (for example) allow the script to specify which disks may be used by a test +suite, and which must be preserved. Additionally, the wrappers allow options to +run(1) to be passed through so that a user may specify a custom configuration +file for a test suite. For specifics on the options available in the framework +itself, please see the run(1) manpage. + +3. How to Develop New Tests + +New tests should mimic the directory layout of existing tests to the degree +possible. This includes the following directories: + +cmd - Any support binaries or scripts used by the tests in this package. +doc - READMEs or other support documentation to be delivered with the package. +runfiles - Configuration files that dictate how the tests are run. +tests - The tests themselves (see below). + +The tests you create will be run, and given a PASS or FAIL status in accordance +with the exit value returned by the test. A test may also be marked SKIPPED in +the event that a prerequisite test is marked FAIL, or marked KILLED in the +event the test times out. Note that there is no way to force a test to be +marked SKIPPED; this is intentional. If a test must be skipped due to +insufficient resources for example, then a wrapper script should be provided +that chooses or creates an appropriate configuration file. The goal of every +run is that every test is marked PASS. + +4. Porting Tests from Other Frameworks + +STF (Solaris Test Framework) + +Porting tests from this framework is relatively straightforward. For the most +part the tests can be arranged in the new directory structure and added to the +configuration file. The template for a configuration file can easily be created +using the -w option to run(1). There are a few other changes that may be +required: + +Some STF tests consume the values of variables from the user's environment. +These variables must be set before beginning the test run either manually, or +via a wrapper script. + +Groups of tests in STF can automatically source .cfg files specified in the +'stf_description' file that exists in an STF directory. Ported tests that +require any of these variables must manually source the .cfg file instead. + +The configuration file of a newly ported test must specify the user the test +should run as, along with the timeout value. In STF, these are also specified +in the 'stf_description' file. diff --git a/usr/src/test/zfs-tests/doc/README b/usr/src/test/zfs-tests/doc/README index 45b3fc52bf..7fe70f4526 100644 --- a/usr/src/test/zfs-tests/doc/README +++ b/usr/src/test/zfs-tests/doc/README @@ -10,7 +10,7 @@ # # -# Copyright (c) 2012 by Delphix. All rights reserved. +# Copyright (c) 2013 by Delphix. All rights reserved. # ZFS Test Suite README @@ -60,7 +60,7 @@ Once the pre-requisites are satisfied, simply run the zfstest script: When the '-q' option is specified, it is passed to run(1) which causes output to be written to the console only for tests that do not pass and the results -summary. +summary. The ZFS Test Suite allows the user to specify a subset of the tests via a runfile. The format of the runfile is explained in run(1), and the files that diff --git a/usr/src/test/zfs-tests/runfiles/delphix.run b/usr/src/test/zfs-tests/runfiles/delphix.run index 90de7d28ed..abab40b68c 100644 --- a/usr/src/test/zfs-tests/runfiles/delphix.run +++ b/usr/src/test/zfs-tests/runfiles/delphix.run @@ -10,7 +10,7 @@ # # -# Copyright (c) 2012 by Delphix. All rights reserved. +# Copyright (c) 2013 by Delphix. All rights reserved. # [DEFAULT] @@ -38,7 +38,8 @@ tests = ['zfs_acl_chmod_001_neg', 'zfs_acl_chmod_002_pos', 'zfs_acl_chmod_xattr_001_pos', 'zfs_acl_chmod_xattr_002_pos', 'zfs_acl_cp_001_pos', 'zfs_acl_cp_002_pos', 'zfs_acl_cpio_001_pos', 'zfs_acl_cpio_002_pos', 'zfs_acl_find_001_pos', 'zfs_acl_ls_001_pos', - 'zfs_acl_mv_001_pos', 'zfs_acl_tar_001_pos', 'zfs_acl_tar_002_pos'] + 'zfs_acl_mv_001_pos', 'zfs_acl_tar_001_pos', 'zfs_acl_tar_002_pos', + 'zfs_acl_aclmode_restricted_001_neg'] [/opt/zfs-tests/tests/functional/acl/trivial] tests = ['zfs_acl_chmod_001_pos', 'zfs_acl_compress_001_pos', @@ -47,7 +48,8 @@ tests = ['zfs_acl_chmod_001_pos', 'zfs_acl_compress_001_pos', 'zfs_acl_ls_002_neg', 'zfs_acl_mv_001_pos', 'zfs_acl_pack_001_pos', 'zfs_acl_pax_001_pos', 'zfs_acl_pax_002_pos', 'zfs_acl_pax_003_pos', 'zfs_acl_pax_004_pos', 'zfs_acl_pax_005_pos', 'zfs_acl_pax_006_pos', - 'zfs_acl_tar_001_pos', 'zfs_acl_tar_002_neg'] + 'zfs_acl_tar_001_pos', 'zfs_acl_tar_002_neg', + 'zfs_acl_aclmode_restricted_001_pos'] [/opt/zfs-tests/tests/functional/atime] tests = ['atime_001_pos', 'atime_002_neg'] diff --git a/usr/src/test/zfs-tests/runfiles/openindiana.run b/usr/src/test/zfs-tests/runfiles/openindiana.run index 90de7d28ed..abab40b68c 100644 --- a/usr/src/test/zfs-tests/runfiles/openindiana.run +++ b/usr/src/test/zfs-tests/runfiles/openindiana.run @@ -10,7 +10,7 @@ # # -# Copyright (c) 2012 by Delphix. All rights reserved. +# Copyright (c) 2013 by Delphix. All rights reserved. # [DEFAULT] @@ -38,7 +38,8 @@ tests = ['zfs_acl_chmod_001_neg', 'zfs_acl_chmod_002_pos', 'zfs_acl_chmod_xattr_001_pos', 'zfs_acl_chmod_xattr_002_pos', 'zfs_acl_cp_001_pos', 'zfs_acl_cp_002_pos', 'zfs_acl_cpio_001_pos', 'zfs_acl_cpio_002_pos', 'zfs_acl_find_001_pos', 'zfs_acl_ls_001_pos', - 'zfs_acl_mv_001_pos', 'zfs_acl_tar_001_pos', 'zfs_acl_tar_002_pos'] + 'zfs_acl_mv_001_pos', 'zfs_acl_tar_001_pos', 'zfs_acl_tar_002_pos', + 'zfs_acl_aclmode_restricted_001_neg'] [/opt/zfs-tests/tests/functional/acl/trivial] tests = ['zfs_acl_chmod_001_pos', 'zfs_acl_compress_001_pos', @@ -47,7 +48,8 @@ tests = ['zfs_acl_chmod_001_pos', 'zfs_acl_compress_001_pos', 'zfs_acl_ls_002_neg', 'zfs_acl_mv_001_pos', 'zfs_acl_pack_001_pos', 'zfs_acl_pax_001_pos', 'zfs_acl_pax_002_pos', 'zfs_acl_pax_003_pos', 'zfs_acl_pax_004_pos', 'zfs_acl_pax_005_pos', 'zfs_acl_pax_006_pos', - 'zfs_acl_tar_001_pos', 'zfs_acl_tar_002_neg'] + 'zfs_acl_tar_001_pos', 'zfs_acl_tar_002_neg', + 'zfs_acl_aclmode_restricted_001_pos'] [/opt/zfs-tests/tests/functional/atime] tests = ['atime_001_pos', 'atime_002_neg'] diff --git a/usr/src/test/zfs-tests/tests/functional/acl/nontrivial/Makefile b/usr/src/test/zfs-tests/tests/functional/acl/nontrivial/Makefile index c1e14d5c83..047170a3c3 100644 --- a/usr/src/test/zfs-tests/tests/functional/acl/nontrivial/Makefile +++ b/usr/src/test/zfs-tests/tests/functional/acl/nontrivial/Makefile @@ -10,7 +10,7 @@ # # -# Copyright (c) 2012 by Delphix. All rights reserved. +# Copyright (c) 2013 by Delphix. All rights reserved. # include $(SRC)/Makefile.master @@ -20,6 +20,7 @@ TESTDIR = $(ROOTOPTPKG)/tests/functional/acl/nontrivial PROGS = cleanup \ setup \ + zfs_acl_aclmode_restricted_001_neg \ zfs_acl_chmod_001_neg \ zfs_acl_chmod_002_pos \ zfs_acl_chmod_aclmode_001_pos \ diff --git a/usr/src/test/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_aclmode_restricted_001_neg.ksh b/usr/src/test/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_aclmode_restricted_001_neg.ksh new file mode 100644 index 0000000000..9080bec691 --- /dev/null +++ b/usr/src/test/zfs-tests/tests/functional/acl/nontrivial/zfs_acl_aclmode_restricted_001_neg.ksh @@ -0,0 +1,82 @@ +#!/usr/bin/ksh -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2008 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# + +# +# Copyright (c) 2013 by Delphix. All rights reserved. +# Copyright (c) 2013 by Paul B. Henson <henson@acm.org>. +# All rights reserved. +# + + +. $STF_SUITE/tests/functional/acl/acl.cfg +. $STF_SUITE/tests/functional/acl/acl_common.kshlib + +# +# DESCRIPTION: +# Verify mode bits based chmod fails on files/directories with +# non-trivial ACLs when aclmode=restricted +# +# STRATEGY: +# 1. Loop super user and non-super user to run the test case +# 2. Create test file and directory +# 3. Set non-trivial ACL on test file and directory +# 4. Verify mode bits based chmod fails +# + +verify_runnable "both" + +function cleanup +{ + # reset aclmode=discard + log_must $ZFS set aclmode=discard $TESTPOOL/$TESTFS +} + +log_assert "Verify mode bits based chmod fails on files/directories "\ + "with non-trivial ACLs when aclmode=restricted" +log_onexit cleanup + +log_must $ZFS set aclmode=restricted $TESTPOOL/$TESTFS + +for user in root $ZFS_ACL_STAFF1; do + log_must set_cur_usr $user + + log_must usr_exec $MKDIR $TESTDIR/testdir + log_must usr_exec $TOUCH $TESTDIR/testfile + + # Make sure ACL is non-trival + log_must usr_exec $CHMOD A+user:${ZFS_ACL_STAFF1}:r::allow \ + $TESTDIR/testdir $TESTDIR/testfile + + log_mustnot usr_exec $CHMOD u-w $TESTDIR/testdir + log_mustnot usr_exec $CHMOD u-w $TESTDIR/testfile + + log_must usr_exec $RMDIR $TESTDIR/testdir + log_must usr_exec $RM $TESTDIR/testfile +done + +log_pass "Verify mode bits based chmod fails on files/directories "\ + "with non-trivial ACLs when aclmode=restricted passed." diff --git a/usr/src/test/zfs-tests/tests/functional/acl/trivial/Makefile b/usr/src/test/zfs-tests/tests/functional/acl/trivial/Makefile index 3555c31da3..07ee251710 100644 --- a/usr/src/test/zfs-tests/tests/functional/acl/trivial/Makefile +++ b/usr/src/test/zfs-tests/tests/functional/acl/trivial/Makefile @@ -10,7 +10,7 @@ # # -# Copyright (c) 2012 by Delphix. All rights reserved. +# Copyright (c) 2013 by Delphix. All rights reserved. # include $(SRC)/Makefile.master @@ -20,6 +20,7 @@ TESTDIR = $(ROOTOPTPKG)/tests/functional/acl/trivial PROGS = cleanup \ setup \ + zfs_acl_aclmode_restricted_001_pos \ zfs_acl_chmod_001_pos \ zfs_acl_compress_001_pos \ zfs_acl_cp_001_pos \ diff --git a/usr/src/test/zfs-tests/tests/functional/acl/trivial/zfs_acl_aclmode_restricted_001_pos.ksh b/usr/src/test/zfs-tests/tests/functional/acl/trivial/zfs_acl_aclmode_restricted_001_pos.ksh new file mode 100644 index 0000000000..86b23980c9 --- /dev/null +++ b/usr/src/test/zfs-tests/tests/functional/acl/trivial/zfs_acl_aclmode_restricted_001_pos.ksh @@ -0,0 +1,130 @@ +#!/bin/ksh -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2009 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# + +# +# Copyright (c) 2013 by Delphix. All rights reserved. +# Copyright (c) 2013 by Paul B. Henson <henson@acm.org>. All rights reserved. +# + +. $STF_SUITE/tests/functional/acl/acl.cfg +. $STF_SUITE/tests/functional/acl/acl_common.kshlib + +# +# DESCRIPTION: +# Verify chmod permission settings on files and directories, as both root +# and non-root users, with aclmode set to restricted. +# +# STRATEGY: +# 1. Loop root and $ZFS_ACL_STAFF1 as root and non-root users. +# 2. Create test file and directory in zfs filesystem. +# 3. Execute 'chmod' with specified options. +# 4. Check 'ls -l' output and compare with expect results. + +verify_runnable "both" + +function cleanup +{ + # reset aclmode=discard + log_must $ZFS set aclmode=discard $TESTPOOL/$TESTFS +} + +# "init_map" "options" "expect_map" +set -A argv \ + "000" "a+rw" "rw-rw-rw-" "000" "a+rwx" "rwxrwxrwx" \ + "000" "u+xr" "r-x------" "000" "gu-xw" "---------" \ + "644" "a-r" "-w-------" "644" "augo-x" "rw-r--r--" \ + "644" "=x" "--x--x--x" "644" "u-rw" "---r--r--" \ + "644" "uo+x" "rwxr--r-x" "644" "ga-wr" "---------" \ + "777" "augo+x" "rwxrwxrwx" "777" "go-xr" "rwx-w--w-" \ + "777" "o-wx" "rwxrwxr--" "777" "ou-rx" "-w-rwx-w-" \ + "777" "a+rwx" "rwxrwxrwx" "777" "u=rw" "rw-rwxrwx" \ + "000" "123" "--x-w--wx" "000" "412" "r----x-w-" \ + "231" "562" "r-xrw--w-" "712" "000" "---------" \ + "777" "121" "--x-w---x" "123" "775" "rwxrwxr-x" + +log_assert " Verify chmod permission settings on files and directories for " \ + "aclmode=restricted" +log_onexit cleanup + +# +# Verify file or directory have correct map after chmod +# +# $1 file or directory +# +function test_chmod_mapping #<file-dir> +{ + typeset node=$1 + typeset -i i=0 + + while ((i < ${#argv[@]})); do + usr_exec $CHMOD ${argv[i]} $node + if (($? != 0)); then + log_note "usr_exec $CHMOD ${argv[i]} $node" + return 1 + fi + usr_exec $CHMOD ${argv[((i + 1))]} $node + if (($? != 0)); then + log_note "usr_exec $CHMOD ${argv[((i + 1))]} $node" + return 1 + fi + + typeset mode + mode=$(get_mode ${node}) + + if [[ $mode != "-${argv[((i + 2))]}"* && \ + $mode != "d${argv[((i + 2))]}"* ]] + then + log_fail "FAIL: '${argv[i]}' '${argv[((i + 1))]}' \ + '${argv[((i + 2))]}'" + fi + + ((i += 3)) + done + + return 0 +} + +# set aclmode=restricted +log_must $ZFS set aclmode=restricted $TESTPOOL/$TESTFS + +for user in root $ZFS_ACL_STAFF1; do + log_must set_cur_usr $user + + # Test file + log_must usr_exec $TOUCH $testfile + log_must test_chmod_mapping $testfile + + # Test directory + log_must usr_exec $MKDIR $testdir + log_must test_chmod_mapping $testdir + + log_must usr_exec $RM $testfile + log_must usr_exec $RM -rf $testdir +done + +log_pass "Setting permissions using 'chmod' for aclmode=restricted completed " \ + "successfully." |