diff options
author | Uri Simchoni <uri@samba.org> | 2016-03-21 23:13:25 +0200 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2016-03-24 03:06:16 +0100 |
commit | 099c6f325265a8820e876c83f1d204bcf09e0242 (patch) | |
tree | 8de110b93d7c576e85fa412dbbb49c118cb59038 | |
parent | 765e5f1f2670d3d5d8d62a04b4ccf38a680bcb37 (diff) | |
download | samba-099c6f325265a8820e876c83f1d204bcf09e0242.tar.gz |
seltest: add test for "ignore system acls" in vfs_acl_xattr.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11806
Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
-rw-r--r-- | selftest/selftesthelpers.py | 1 | ||||
-rwxr-xr-x | selftest/target/Samba3.pm | 4 | ||||
-rwxr-xr-x | source3/script/tests/test_acl_xattr.sh | 125 | ||||
-rwxr-xr-x | source3/selftest/tests.py | 1 |
4 files changed, 131 insertions, 0 deletions
diff --git a/selftest/selftesthelpers.py b/selftest/selftesthelpers.py index f26484bf455..495a0b7a922 100644 --- a/selftest/selftesthelpers.py +++ b/selftest/selftesthelpers.py @@ -186,3 +186,4 @@ vfstest = binpath('vfstest') smbcquotas = binpath('smbcquotas') smbget = binpath('smbget') rpcclient = binpath('rpcclient') +smbcacls = binpath('smbcacls') diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 5dc4b177dfe..0b16e032d66 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -649,6 +649,10 @@ sub setup_fileserver($$) path = $smbget_sharedir comment = smb username is [%U] guest ok = yes +[ign_sysacls] + path = $share_dir + comment = ignore system acls + acl_xattr:ignore system acls = yes "; my $vars = $self->provision($path, diff --git a/source3/script/tests/test_acl_xattr.sh b/source3/script/tests/test_acl_xattr.sh new file mode 100755 index 00000000000..9b8808df78a --- /dev/null +++ b/source3/script/tests/test_acl_xattr.sh @@ -0,0 +1,125 @@ +#!/bin/sh + +# this tests acl_xattr config parameter "ignore system acl" + +if [ $# -lt 6 ]; then +cat <<EOF +Usage: $0 SERVER USERNAME PASSWORD PREFIX SMBCLIENT SMBCACLS +EOF +exit 1; +fi + +SERVER="$1" +USERNAME="$2" +PASSWORD="$3" +PREFIX="$4" +SMBCLIENT="$5" +SMBCACLS="$6" +SMBCLIENT="$VALGRIND ${SMBCLIENT}" +SMBCACLS="$VALGRIND ${SMBCACLS}" + +incdir=`dirname $0`/../../../testprogs/blackbox +. $incdir/subunit.sh + +setup_remote_file() { + local share=$1 + local fname="$share.$$" + local local_fname=$PREFIX/$fname + touch $local_fname + $SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "rm $fname" + $SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "ls" | grep "$fname" && exit 1 + $SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "lcd $PREFIX; put $fname" || exit 1 +} + +nt_affects_posix() { + local share=$1 + local expected=$2 + local b4 + local af + local fname="$share.$$" + b4=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1 + $SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -a "ACL:$SERVER\force_user:ALLOWED/0x0/READ" 2>/dev/null || exit 1 + af=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1 + echo "before: $b4" + echo "after: $af" + if test "$expected" = "true" ; then + test "$b4" != "$af" + else + test "$b4" = "$af" + fi +} + +nt_affects_chown() { + local share=$1 + local b4_expected + local af_expected + local b4_actual + local af_actual + local fname="$share.$$" + + echo -n "determining uid of $USERNAME..." + b4_expected=$(getent passwd $USERNAME) || exit 1 + b4_expected=$(echo "$b4_expected" | awk -F: '{print $3}') + echo "$b4_expected" + + echo -n "determining uid of force_user..." + af_expected=$(getent passwd force_user) || exit 1 + af_expected=$(echo "$af_expected" | awk -F: '{print $3}') + echo "$af_expected" + + #basic sanity... + test "$b4_expected != $af_expected" || exit 1 + + b4_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1 + b4_actual=$(echo "$b4_actual" | sed -rn 's/^# owner: (.*)/\1/p') + $SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -C force_user 2>/dev/null || exit 1 + af_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1 + af_actual=$(echo "$af_actual" | sed -rn 's/^# owner: (.*)/\1/p') + echo "before: $b4_actual" + echo "after: $af_actual" + test "$b4_expected" = "$b4_actual" && test "$af_expected" = "$af_actual" +} + +nt_affects_chgrp() { + local share=$1 + local b4_expected + local af_expected + local b4_actual + local af_actual + local fname="$share.$$" + + echo -n "determining gid of domusers..." + b4_expected=$(getent group domusers) || exit 1 + b4_expected=$(echo "$b4_expected" | awk -F: '{print $3}') + echo "$b4_expected" + + echo -n "determining uid of domadmins..." + af_expected=$(getent passwd domadmins) || exit 1 + af_expected=$(echo "$af_expected" | awk -F: '{print $3}') + echo "$af_expected" + + #basic sanity... + test "$b4_expected != $af_expected" || exit 1 + + b4_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1 + b4_actual=$(echo "$b4_actual" | sed -rn 's/^# group: (.*)/\1/p') + $SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -G domadmins 2>/dev/null || exit 1 + af_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1 + af_actual=$(echo "$af_actual" | sed -rn 's/^# group: (.*)/\1/p') + echo "before: $b4_actual" + echo "after: $af_actual" + test "$b4_expected" = "$b4_actual" && test "$af_expected" = "$af_actual" +} + +testit "setup remote file tmp" setup_remote_file tmp +testit "setup remote file ign_sysacls" setup_remote_file ign_sysacls +testit "nt_affects_posix tmp" nt_affects_posix tmp "true" +testit "nt_affects_posix ign_sysacls" nt_affects_posix ign_sysacls "false" +testit "setup remote file tmp" setup_remote_file tmp +testit "setup remote file ign_sysacls" setup_remote_file ign_sysacls +testit "nt_affects_chown tmp" nt_affects_chown tmp +testit "nt_affects_chown ign_sysacls" nt_affects_chown ign_sysacls +testit "setup remote file tmp" setup_remote_file tmp +testit "setup remote file ign_sysacls" setup_remote_file ign_sysacls +testit "nt_affects_chgrp tmp" nt_affects_chown tmp +testit "nt_affects_chgrp ign_sysacls" nt_affects_chown ign_sysacls diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index c4bed49b754..54b51367aeb 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -187,6 +187,7 @@ for env in ["fileserver"]: plantestsuite("samba3.blackbox.smbclient.forceuser_validusers (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_forceuser_validusers.sh"), '$SERVER', '$DOMAIN', '$USERNAME', '$PASSWORD', '$LOCAL_PATH', smbclient3]) plantestsuite("samba3.blackbox.smbget (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_smbget.sh"), '$SERVER', '$SERVER_IP', '$DOMAIN', 'smbget_user', '$PASSWORD', '$LOCAL_PATH/smbget', smbget]) plantestsuite("samba3.blackbox.netshareenum (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_shareenum.sh"), '$SERVER', '$USERNAME', '$PASSWORD', rpcclient]) + plantestsuite("samba3.blackbox.acl_xattr (%s)" % env, env, [os.path.join(samba3srcdir, "script/tests/test_acl_xattr.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$PREFIX', smbclient3, smbcacls]) # # tar command tests |