diff options
author | Jeremy Allison <jra@samba.org> | 2019-06-25 13:39:59 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2019-06-26 19:31:28 +0000 |
commit | 29ee235caee7e703ee9ebee342c8decb017fd099 (patch) | |
tree | ef6aa53245c7e846e03bdbf48a21a1e449e52dc6 | |
parent | 61777349f1e86cf8c8a289c04afad6cd123207c0 (diff) | |
download | samba-29ee235caee7e703ee9ebee342c8decb017fd099.tar.gz |
s3: torture: Ensure we can always get a POSIX ACL on a directory handle.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jun 26 19:31:28 UTC 2019 on sn-devel-184
-rw-r--r-- | selftest/skip | 1 | ||||
-rwxr-xr-x | source3/selftest/tests.py | 1 | ||||
-rw-r--r-- | source3/torture/torture.c | 127 |
3 files changed, 129 insertions, 0 deletions
diff --git a/selftest/skip b/selftest/skip index 9ff673e0c92..563f7e70599 100644 --- a/selftest/skip +++ b/selftest/skip @@ -50,6 +50,7 @@ ^samba3.smbtorture_s3.plain.POSIX-STREAM-DELETE\(ad_dc_ntvfs\) # Fails against the s4 ntvfs server ^samba3.smbtorture_s3.plain.POSIX-MKDIR\(ad_dc_ntvfs\) # Fails against the s4 ntvfs server ^samba3.smbtorture_s3.plain.POSIX-ACL-OPLOCK\(ad_dc_ntvfs\) # Fails against the s4 ntvfs server +^samba3.smbtorture_s3.plain.POSIX-ACL-SHAREROOT\(ad_dc_ntvfs\) # Fails against the s4 ntvfs server ^samba3.smbtorture_s3.plain.POSIX-BLOCKING-LOCK\(ad_dc_ntvfs\) # Fails against the s4 ntvfs server ^samba3.smbtorture_s3.plain.WINDOWS-BAD-SYMLINK\(ad_dc_ntvfs\) # Fails against the s4 ntvfs server ^samba3.smbtorture_s3.plain.RENAME-ACCESS\(ad_dc_ntvfs\) # Fails against the s4 ntvfs server diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index c7d24f68d6c..a3cd890e903 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -161,6 +161,7 @@ posix_tests = ["POSIX", "POSIX-APPEND", "POSIX-SYMLINK-ACL", "POSIX-SYMLINK-EA", "POSIX-STREAM-DELETE", "WINDOWS-BAD-SYMLINK", "POSIX-MKDIR", "POSIX-BLOCKING-LOCK", "POSIX-ACL-OPLOCK", + "POSIX-ACL-SHAREROOT", ] for t in posix_tests: diff --git a/source3/torture/torture.c b/source3/torture/torture.c index d93a02b2d6a..2cb32efea46 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -8768,6 +8768,129 @@ static bool run_posix_acl_oplock_test(int dummy) return correct; } +static bool run_posix_acl_shareroot_test(int dummy) +{ + struct cli_state *cli; + NTSTATUS status; + bool correct = false; + char *posix_acl = NULL; + size_t posix_acl_len = 0; + uint16_t num_file_acls = 0; + uint16_t num_dir_acls = 0; + uint16_t i; + uint32_t expected_size = 0; + bool got_user = false; + bool got_group = false; + bool got_other = false; + TALLOC_CTX *frame = NULL; + + frame = talloc_stackframe(); + + printf("starting posix_acl_shareroot test\n"); + + if (!torture_open_connection(&cli, 0)) { + TALLOC_FREE(frame); + return false; + } + + smbXcli_conn_set_sockopt(cli->conn, sockops); + + status = torture_setup_unix_extensions(cli); + if (!NT_STATUS_IS_OK(status)) { + printf("Failed to setup unix extensions\n"); + goto out; + } + + /* Get the POSIX ACL on the root of the share. */ + status = cli_posix_getacl(cli, + ".", + frame, + &posix_acl_len, + &posix_acl); + + if (!NT_STATUS_IS_OK(status)) { + printf("cli_posix_getacl of '.' failed (%s)\n", + nt_errstr(status)); + goto out; + } + + if (posix_acl_len < 6 || + SVAL(posix_acl,0) != SMB_POSIX_ACL_VERSION) { + printf("getfacl ., unknown POSIX acl version %u.\n", + (unsigned int)CVAL(posix_acl,0) ); + goto out; + } + + num_file_acls = SVAL(posix_acl,2); + num_dir_acls = SVAL(posix_acl,4); + expected_size = SMB_POSIX_ACL_HEADER_SIZE + + SMB_POSIX_ACL_ENTRY_SIZE* + (num_file_acls+num_dir_acls); + + if (posix_acl_len != expected_size) { + printf("incorrect POSIX acl buffer size " + "(should be %u, was %u).\n", + (unsigned int)expected_size, + (unsigned int)posix_acl_len); + goto out; + } + + /* + * We don't need to know what the ACL's are + * we just need to know we have at least 3 + * file entries (u,g,o). + */ + + for (i = 0; i < num_file_acls; i++) { + unsigned char tagtype = + CVAL(posix_acl, + SMB_POSIX_ACL_HEADER_SIZE+ + (i*SMB_POSIX_ACL_ENTRY_SIZE)); + + switch(tagtype) { + case SMB_POSIX_ACL_USER_OBJ: + got_user = true; + break; + case SMB_POSIX_ACL_GROUP_OBJ: + got_group = true; + break; + case SMB_POSIX_ACL_OTHER: + got_other = true; + break; + default: + break; + } + } + + if (!got_user) { + printf("Missing user entry\n"); + goto out; + } + + if (!got_group) { + printf("Missing group entry\n"); + goto out; + } + + if (!got_other) { + printf("Missing other entry\n"); + goto out; + } + + correct = true; + + out: + + if (!torture_close_connection(cli)) { + correct = false; + } + + printf("finished posix acl shareroot test\n"); + TALLOC_FREE(frame); + + return correct; +} + static uint32_t open_attrs_table[] = { FILE_ATTRIBUTE_NORMAL, FILE_ATTRIBUTE_ARCHIVE, @@ -13509,6 +13632,10 @@ static struct { .fn = run_posix_acl_oplock_test, }, { + .name = "POSIX-ACL-SHAREROOT", + .fn = run_posix_acl_shareroot_test, + }, + { .name = "WINDOWS-BAD-SYMLINK", .fn = run_symlink_open_test, }, |