1 #!/bin/sh 2 #********************************************************************* 3 # Copyright (c) International Business Machines Corp., 2003 4 # 5 # This program is free software; you can redistribute it and/or modify 6 # it under the terms of the GNU General Public License as published by 7 # the Free Software Foundation; either version 2 of the License, or 8 # (at your option) any later version. 9 # 10 # This program is distributed in the hope that it will be useful, 11 # but WITHOUT ANY WARRANTY; without even the implied warranty of 12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See 13 # the GNU General Public License for more details. 14 # 15 # You should have received a copy of the GNU General Public License 16 # along with this program; if not, write to the Free Software 17 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA 18 # 19 # 20 # 21 # FILE : acls 22 # 23 # PURPOSE: Tests extended acls 24 # 25 # HISTORY: 26 # 03/03 Jerone Young (jyoung5 (at] us.ibm.com) 27 # 09/08 Jacky Malcles changing the setup to have this TC started by runltp 28 #********************************************************************* 29 # 30 ################################################################ 31 # 32 # Make sure that uid=root is running this script. 33 # Make sure that loop device is built into the kernel 34 # Make sure that ACL(Access Control List) and Extended Attribute are 35 # built into the kernel 36 # 37 # 38 ################################################################ 39 40 export TCID=acltest01 41 export TST_TOTAL=5 42 export TST_COUNT=1 43 44 . test.sh 45 46 TMP=${TMP:=/tmp} 47 48 TEST_USER1="acltest1" 49 TEST_USER1_GROUP="users" 50 TEST_USER1_PASSWD="ltp_test_pass1" 51 TEST_USER1_HOMEDIR="$TMP/tacl/mount-ext3/$TEST_USER1" 52 53 FILE_ACL="$TMP/tacl/mount-ext3/test_file" 54 FILE_ACL_LINK="$TMP/tacl/mount-ext3/test_file_link" 55 TCbin=`pwd` 56 57 COMMAND=$(command -v "getenforce" "setenforce" |wc -l) 58 if [ $COMMAND -eq 2 ]; then 59 SELINUX=$(getenforce) 60 else 61 SELINUX="" 62 fi 63 64 do_setup() 65 { 66 tst_require_root 67 68 if ! ( test -d $TMP/tacl || mkdir -m 777 $TMP/tacl) ; then 69 tst_brkm TBROK "Failed to create $TMP/tacl directory." 70 fi 71 72 dd if=/dev/zero of=$TMP/tacl/blkext3 bs=1k count=10240 && chmod 777 $TMP/tacl/blkext3 73 if [ $? -ne 0 ] ; then 74 tst_brkm TBROK "Failed to create $TMP/tacl/blkext3" 75 fi 76 77 if ! LOOP_DEV=$(losetup -f) || [ "x$LOOP_DEV" = x ]; then 78 tst_brkm TCONF "[ losetup.1 ] Failed to find an available loopback device -- is the required support compiled in your kernel?" 79 fi 80 81 if ! losetup $LOOP_DEV $TMP/tacl/blkext3 2>&1 > /dev/null; then 82 echo "" 83 tst_brkm TCONF "[ losetup.2 ] Failed to setup the device." 84 fi 85 86 mount | grep ext2 87 if [ $? -ne 0 ]; then 88 mkfs -t ext3 $LOOP_DEV #> /dev/null 2>&1 89 mkdir -m 777 $TMP/tacl/mount-ext3 90 mount -t ext3 -o defaults,acl,user_xattr $LOOP_DEV $TMP/tacl/mount-ext3 91 if [ $? -ne 0 ]; then 92 tst_resm TCONF "[ mount ] Make sure that ACL (Access Control List)" 93 tst_resm TCONF "\t and Extended Attribute are built into the kernel\n" 94 tst_brkm TCONF "\t Can not mount ext3 file system with acl and user_xattr options\n" 95 fi 96 else 97 mkfs -t ext2 $LOOP_DEV 98 mkdir -m 777 $TMP/tacl/mount-ext3 99 mount -t ext2 -o defaults,acl,user_xattr $LOOP_DEV $TMP/tacl/mount-ext3 100 if [ $? -ne 0 ]; then 101 tst_resm TCONF "FAILED: [ mount ] Make sure that ACL (Access Control List)" 102 tst_resm TCONF "\t and Extended Attribute are built into the kernel\n" 103 tst_brkm TCONF "\t Can not mount ext2 file system with acl and user_xattr options\n" 104 fi 105 fi 106 107 # We couldn't consider whether the SElinux is Disable or Permissive. 108 # We only set it to Permissive when it it Enforcing. 109 if [ "$SELINUX" = "Enforcing" ]; then 110 echo "set the SElinux to Permissive." 111 setenforce 0 112 fi 113 114 useradd -d $TEST_USER1_HOMEDIR -m -g $TEST_USER1_GROUP $TEST_USER1 -s /bin/sh 115 if [ $? -ne 0 ]; then 116 tst_brkm TBROK "Could not add test user $TEST_USER1." 117 fi 118 } 119 120 do_cleanup() 121 { 122 userdel $TEST_USER1 > /dev/null 2>&1 123 rm -f $FILE_ACL > /dev/null 2>&1 124 rm -f $FILE_ACL_LINK > /dev/null 2>&1 125 mount | grep -q "$TMP/tacl/mount-ext3" && umount -d $TMP/tacl/mount-ext3 126 rm -rf $TMP/tacl 127 128 # We set it back to Enforcing. 129 if [ "$SELINUX" = "Enforcing" ]; then 130 echo "set the SElinux back to Enforcing." 131 setenforce 1 132 fi 133 } 134 135 do_setup 136 TST_CLEANUP=do_cleanup 137 138 tst_resm TINFO "Testing ACL for root" 139 140 touch $FILE_ACL 141 touch $FILE_ACL_LINK 142 143 #setup files for extended attributes 144 setfacl -mu:root:r $FILE_ACL_LINK 145 setfacl -mu:root:r $FILE_ACL 146 147 acl_file_test $FILE_ACL 148 if [ $? -ne 0 ]; then 149 tst_resm TFAIL "Extended acls for files." 150 else 151 tst_resm TPASS "Extended acls for files." 152 fi 153 154 acl_link_test $FILE_ACL_LINK 155 if [ $? -ne 0 ]; then 156 tst_resm TFAIL "Extended acls for links." 157 else 158 tst_resm TPASS "Extended acls for links." 159 fi 160 161 chown $TEST_USER1 $FILE_ACL 162 chown $TEST_USER1 $FILE_ACL_LINK 163 164 tst_resm TINFO "Testing ACL for $TEST_USER1" 165 166 #setup files for extended attributes 167 setfacl -m u:$TEST_USER1:r $FILE_ACL_LINK 168 setfacl -m u:$TEST_USER1:r $FILE_ACL 169 170 tst_su $TEST_USER1 "acl_file_test $FILE_ACL" 171 if [ $? -ne 0 ]; then 172 tst_resm TFAIL "Extended acls for files." 173 else 174 tst_resm TPASS "Extended acls for files." 175 fi 176 177 tst_su $TEST_USER1 "acl_link_test $FILE_ACL_LINK" 178 if [ $? -ne 0 ]; then 179 tst_resm TFAIL "Extended acls for links." 180 else 181 tst_resm TPASS "Extended acls for links." 182 fi 183 184 tst_exit 185
