diff --git a/configure.ac b/configure.ac index 07f590b390..e31d122713 100644 --- a/configure.ac +++ b/configure.ac @@ -240,6 +240,7 @@ AC_CONFIG_FILES([ tests/zfs-tests/tests/Makefile tests/zfs-tests/tests/functional/Makefile tests/zfs-tests/tests/functional/acl/Makefile + tests/zfs-tests/tests/functional/acl/off/Makefile tests/zfs-tests/tests/functional/acl/posix/Makefile tests/zfs-tests/tests/functional/acl/posix-sa/Makefile tests/zfs-tests/tests/functional/alloc_class/Makefile diff --git a/tests/runfiles/freebsd.run b/tests/runfiles/freebsd.run index c7ca1d769f..153b204b49 100644 --- a/tests/runfiles/freebsd.run +++ b/tests/runfiles/freebsd.run @@ -22,6 +22,10 @@ failsafe = callbacks/zfs_failsafe outputdir = /var/tmp/test_results tags = ['functional'] +[tests/functional/acl/off:FreeBSD] +tests = ['dosmode'] +tags = ['functional', 'acl'] + [tests/functional/cli_root/zfs_jail:FreeBSD] tests = ['zfs_jail_001_pos'] tags = ['functional', 'cli_root', 'zfs_jail'] diff --git a/tests/zfs-tests/tests/functional/acl/Makefile.am b/tests/zfs-tests/tests/functional/acl/Makefile.am index 382bb5f064..d752f63744 100644 --- a/tests/zfs-tests/tests/functional/acl/Makefile.am +++ b/tests/zfs-tests/tests/functional/acl/Makefile.am @@ -3,4 +3,4 @@ dist_pkgdata_DATA = \ acl.cfg \ acl_common.kshlib -SUBDIRS = posix posix-sa +SUBDIRS = off posix posix-sa diff --git a/tests/zfs-tests/tests/functional/acl/off/.gitignore b/tests/zfs-tests/tests/functional/acl/off/.gitignore new file mode 100644 index 0000000000..f3c93191ce --- /dev/null +++ b/tests/zfs-tests/tests/functional/acl/off/.gitignore @@ -0,0 +1 @@ +/dosmode_readonly_write diff --git a/tests/zfs-tests/tests/functional/acl/off/Makefile.am b/tests/zfs-tests/tests/functional/acl/off/Makefile.am new file mode 100644 index 0000000000..df8adcafef --- /dev/null +++ b/tests/zfs-tests/tests/functional/acl/off/Makefile.am @@ -0,0 +1,15 @@ +include $(top_srcdir)/config/Rules.am + +pkgdatadir = $(datadir)/@PACKAGE@/zfs-tests/tests/functional/acl/off + +dist_pkgdata_SCRIPTS = \ + dosmode.ksh \ + cleanup.ksh \ + setup.ksh + +pkgexecdir = $(datadir)/@PACKAGE@/zfs-tests/tests/functional/acl/off + +if BUILD_FREEBSD +pkgexec_PROGRAMS = dosmode_readonly_write +dosmode_readonly_write_SOURCES = dosmode_readonly_write.c +endif diff --git a/tests/zfs-tests/tests/functional/acl/off/cleanup.ksh b/tests/zfs-tests/tests/functional/acl/off/cleanup.ksh new file mode 100755 index 0000000000..bb58a8cf2e --- /dev/null +++ b/tests/zfs-tests/tests/functional/acl/off/cleanup.ksh @@ -0,0 +1,33 @@ +#!/bin/ksh -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Copyright 2007 Sun Microsystems, Inc. All rights reserved. +# Use is subject to license terms. +# + +. $STF_SUITE/include/libtest.shlib +. $STF_SUITE/tests/functional/acl/acl_common.kshlib + +cleanup_user_group + +default_cleanup diff --git a/tests/zfs-tests/tests/functional/acl/off/dosmode.ksh b/tests/zfs-tests/tests/functional/acl/off/dosmode.ksh new file mode 100755 index 0000000000..e232dfd525 --- /dev/null +++ b/tests/zfs-tests/tests/functional/acl/off/dosmode.ksh @@ -0,0 +1,199 @@ +#!/bin/ksh -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Portions Copyright 2021 iXsystems, Inc. +# + +. $STF_SUITE/include/libtest.shlib +. $STF_SUITE/tests/functional/acl/acl_common.kshlib + +# +# DESCRIPTION: +# Verify that DOS mode flags function correctly. +# +# These flags are not currently exposed on Linux, so the test is +# only useful on FreeBSD. +# +# STRATEGY: +# 1. ARCHIVE +# 2. HIDDEN +# 3. OFFLINE +# 4. READONLY +# 5. REPARSE +# 6. SPARSE +# 7. SYSTEM +# + +verify_runnable "both" + +function cleanup +{ + rm -f $testfile +} + +function hasflag +{ + typeset flag=$1 + typeset path=$2 + + ls -lo $path | awk '{ gsub(",", "\n", $5); print $5 }' | grep -qxF $flag +} + +log_assert "Verify DOS mode flags function correctly" +log_onexit cleanup + +tests_base=$STF_SUITE/tests/functional/acl/off +testfile=$TESTDIR/testfile +owner=$ZFS_ACL_STAFF1 +other=$ZFS_ACL_STAFF2 + +# +# ARCHIVE +# +# This flag is set by ZFS when a file has been updated to indicate that +# the file needs to be archived. +# +log_must touch $testfile +log_must hasflag uarch $testfile +log_must chflags nouarch $testfile +log_must hasflag - $testfile +log_must touch $testfile +log_must hasflag uarch $testfile +log_must rm $testfile +log_must user_run $owner touch $testfile +log_must hasflag uarch $testfile +log_must user_run $owner chflags nouarch $testfile +log_mustnot user_run $other chflags uarch $testfile +log_must hasflag - $testfile +log_must user_run $owner touch $testfile +log_mustnot user_run $other chflags nouarch $testfile +log_must hasflag uarch $testfile +log_must user_run $owner rm $testfile + +# +# HIDDEN +# +log_must touch $testfile +log_must chflags hidden $testfile +log_must hasflag hidden $testfile +log_must chflags 0 $testfile +log_must hasflag - $testfile +log_must rm $testfile +log_must user_run $owner touch $testfile +log_must user_run $owner chflags hidden $testfile +log_mustnot user_run $other chflags nohidden $testfile +log_must hasflag hidden $testfile +log_must user_run $owner chflags 0 $testfile +log_mustnot user_run $other chflags hidden $testfile +log_must hasflag - $testfile +log_must user_run $owner rm $testfile + + +# +# OFFLINE +# +log_must touch $testfile +log_must chflags offline $testfile +log_must hasflag offline $testfile +log_must chflags 0 $testfile +log_must hasflag - $testfile +log_must rm $testfile +log_must user_run $owner touch $testfile +log_must user_run $owner chflags offline $testfile +log_mustnot user_run $other chflags nooffline $testfile +log_must hasflag offline $testfile +log_must user_run $owner chflags 0 $testfile +log_mustnot user_run $other chflags offline $testfile +log_must hasflag - $testfile +log_must user_run $owner rm $testfile + +# +# READONLY +# +# This flag prevents users from writing or appending to the file, +# but root is always allowed the operation. +# +log_must touch $testfile +log_must chflags rdonly $testfile +log_must hasflag rdonly $testfile +log_must eval "echo 'root write allowed' >> $testfile" +log_must cat $testfile +log_must chflags 0 $testfile +log_must hasflag - $tesfile +log_must rm $testfile +# It is required to still be able to write to an fd that was opened RW before +# READONLY is set. We have a special test program for that. +log_must user_run $owner touch $testfile +log_mustnot user_run $other chflags rdonly $testfile +log_must user_run $owner $tests_base/dosmode_readonly_write $testfile +log_mustnot user_run $other chflags nordonly $testfile +log_must hasflag rdonly $testfile +log_mustnot user_run $owner "echo 'user write forbidden' >> $testfile" +log_must eval "echo 'root write allowed' >> $testfile" +# We are still allowed to read and remove the file when READONLY is set. +log_must user_run $owner cat $testfile +log_must user_run $owner rm $testfile + +# +# REPARSE +# +# FIXME: does not work, not sure if broken or testing wrong +# + +# +# SPARSE +# +log_must truncate -s 1m $testfile +log_must chflags sparse $testfile +log_must hasflag sparse $testfile +log_must chflags 0 $testfile +log_must hasflag - $testfile +log_must rm $testfile +log_must user_run $owner truncate -s 1m $testfile +log_must user_run $owner chflags sparse $testfile +log_mustnot user_run $other chflags nosparse $testfile +log_must hasflag sparse $testfile +log_must user_run $owner chflags 0 $testfile +log_mustnot user_run $other chflags sparse $testfile +log_must hasflag - $testfile +log_must user_run $owner rm $testfile + +# +# SYSTEM +# +log_must touch $testfile +log_must chflags system $testfile +log_must hasflag system $testfile +log_must chflags 0 $testfile +log_must hasflag - $testfile +log_must rm $testfile +log_must user_run $owner touch $testfile +log_must user_run $owner chflags system $testfile +log_mustnot user_run $other chflags nosystem $testfile +log_must hasflag system $testfile +log_must user_run $owner chflags 0 $testfile +log_mustnot user_run $other chflags system $testfile +log_must hasflag - $testfile +log_must user_run $owner rm $testfile + +log_pass "DOS mode flags function correctly" diff --git a/tests/zfs-tests/tests/functional/acl/off/dosmode_readonly_write.c b/tests/zfs-tests/tests/functional/acl/off/dosmode_readonly_write.c new file mode 100644 index 0000000000..372c3f7f64 --- /dev/null +++ b/tests/zfs-tests/tests/functional/acl/off/dosmode_readonly_write.c @@ -0,0 +1,61 @@ +/* + * SPDX-License-Identifier: BSD-2-Clause-FreeBSD + * + * Copyright (c) 2021 iXsystems, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * Test for correct behavior of DOS mode READONLY flag on a file. + * We should be able to open a file RW, set READONLY, and still write to the fd. + */ + +#include +#include +#include +#include +#include +#include +#include + +int +main(int argc, const char *argv[]) +{ + const char *buf = "We should be allowed to write this to the fd.\n"; + const char *path; + int fd; + + if (argc != 2) { + fprintf(stderr, "usage: %s PATH\n", argv[0]); + return (EXIT_FAILURE); + } + path = argv[1]; + fd = open(path, O_CREAT|O_RDWR, 0777); + if (fd == -1) + err(EXIT_FAILURE, "%s: open failed", path); + if (chflags(path, UF_READONLY) == -1) + err(EXIT_FAILURE, "%s: chflags failed", path); + if (write(fd, buf, strlen(buf)) == -1) + err(EXIT_FAILURE, "%s: write failed", path); + if (close(fd) == -1) + err(EXIT_FAILURE, "%s: close failed", path); + return (EXIT_SUCCESS); +} diff --git a/tests/zfs-tests/tests/functional/acl/off/setup.ksh b/tests/zfs-tests/tests/functional/acl/off/setup.ksh new file mode 100755 index 0000000000..9a5b598a59 --- /dev/null +++ b/tests/zfs-tests/tests/functional/acl/off/setup.ksh @@ -0,0 +1,44 @@ +#!/bin/ksh -p +# +# CDDL HEADER START +# +# The contents of this file are subject to the terms of the +# Common Development and Distribution License (the "License"). +# You may not use this file except in compliance with the License. +# +# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE +# or http://www.opensolaris.org/os/licensing. +# See the License for the specific language governing permissions +# and limitations under the License. +# +# When distributing Covered Code, include this CDDL HEADER in each +# file and include the License file at usr/src/OPENSOLARIS.LICENSE. +# If applicable, add the following below this CDDL HEADER, with the +# fields enclosed by brackets "[]" replaced with your own identifying +# information: Portions Copyright [yyyy] [name of copyright owner] +# +# CDDL HEADER END +# + +# +# Portions Copyright (c) 2021 iXsystems, Inc. +# + +. $STF_SUITE/include/libtest.shlib +. $STF_SUITE/tests/functional/acl/acl_common.kshlib + +DISK=${DISKS%% *} + +cleanup_user_group + +# Create staff group and add users to it +log_must add_group $ZFS_ACL_STAFF_GROUP +log_must add_user $ZFS_ACL_STAFF_GROUP $ZFS_ACL_STAFF1 +log_must add_user $ZFS_ACL_STAFF_GROUP $ZFS_ACL_STAFF2 + +default_setup_noexit $DISK + +log_must zfs set acltype=off $TESTPOOL/$TESTFS +log_must chmod 0777 $TESTDIR + +log_pass