Differential D11315 Diff 30705 bin/getfacl/tests/getfacl_test.sh

Changeset View

Standalone View

bin/getfacl/tests/getfacl_test.sh

This file was added.

				#
				# Copyright 2017 Shivansh Rai
				# All rights reserved.
				#
				# Redistribution and use in source and binary forms, with or without
				# modification, are permitted provided that the following conditions
				# are met:
				# 1. Redistributions of source code must retain the above copyright
				# notice, this list of conditions and the following disclaimer.
				# 2. Redistributions in binary form must reproduce the above copyright
				# notice, this list of conditions and the following disclaimer in the
				# documentation and/or other materials provided with the distribution.
				#
				# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
				# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
				# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
				# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
				# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
				# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
				# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
				# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
				# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
				# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
				# SUCH DAMAGE.
				#
				# $FreeBSD$
				#

				check_acl()
				{
				# Check if POSIX.1e ACLs are enabled on the root partition.
				fs=`df . \| awk '$NF ~ "/" {print $1}'`
				if mount \| awk -v fs=$fs '$1 == fs' \| grep -q acls &&
				asomersUnsubmitted Not Done Inline Actions This isn't reliable. There's no guarantee on the order of filesystems returned by `mount`. If you want to check the root partition, you should try something like `mount \| awk '$3 == "/"'` Also, you seem to be using this as a gate for whether to run tests. In that case, it's inappropriate to ues `atf_check`, because that will fail the test if ACLs aren't enabled. Instead, you should skip the test if ACLs aren't enabled. Finally, Kyua doesn't use / for temporary files. Instead, it uses $TMPDIR. But you shouldn't rely on that. Instead, you should check the filesystem where you happen to be executing. Try something like this: fs=`df . \| awk '$NF ~ "/" {print $1}'` if mount \| awk -v fs=$fs '$1 == fs' \| grep -q acls; then # ok else atf_skip "ACLs not enabled" fi asomers: This isn't reliable. There's no guarantee on the order of filesystems returned by `mount`. If…
				tunefs -p "$fs" 2>&1 \| awk '$2 == "POSIX.1e" {print $5}' \| grep -q enabled; then
				asomersUnsubmitted Not Done Inline Actions `tunefs` will only work for UFS. Can you write something that works for ZFS too? Try `getconf TRUSTEDBSD_ACL_NFS4 .` and `getconf TRUSTEDBSD_ACL_EXTENDED .` . asomers: `tunefs` will only work for UFS. Can you write something that works for ZFS too? Try `getconf…
				ngieUnsubmitted Not Done Inline Actions Don't use `TRUSTEDBSD_ACL_EXTENDED` -- that isn't documented as well as `ACL_EXTENDED` is (I should really remove that in another CR I send out to rwatson@ -- it's an old backwards compat knob that doesn't make much sense IMHO). ngie: Don't use `TRUSTEDBSD_ACL_EXTENDED` -- that isn't documented as well as `ACL_EXTENDED` is (I…
				# ok
				else
				atf_skip "POSIX.1e ACLs are not enabled"
				fi
				ngieUnsubmitted Not Done Inline Actions Using getconf(1) is better (cuts to the chase and is not reliant on how the filesystem information is presented): _PC_ACL_EXTENDED Returns 1 if an Access Control List (ACL) can be set on the specified file, otherwise 0. _PC_ACL_NFS4 Returns 1 if an NFSv4 ACLs can be set on the specified file, otherwise 0. For example: # UFS (without POSIX ACLs enabled) $ getconf ACL_EXTENDED /mnt/tmp/ 0 # UFS (with POSIX ACLs enabled) # XXX: had to unmount -- mount -ru /mnt/tmp updated the superblock, but # the value returned via pathconf(2) didn't change. # $ sudo mount -ru /mnt/tmp $ sudo umount /mnt/tmp $ sudo tunefs -a enable /dev/md0 $ sudo mount /dev/md0 /mnt/tmp $ getconf ACL_EXTENDED /mnt/tmp 1 # ZFS $ getconf ACL_EXTENDED / 0 If you want to be really slick and get full coverage, I'd create a temporary UFS file system as I showed above and cleanup at test completion. I need to code this up generically though--I have some common patterns in contrib/netbsd-tests and elsewhere that illustrates how one can do this. It might be a good idea to check `sysctl kern.features.ufs_acl` to make sure it's available and skip the UFS tests if it's not available -- otherwise the filesystem won't support it and you'll get confusing errors with newfs/tunefs. ngie:* 1. Using getconf(1) is better (cuts to the chase and is not reliant on how the filesystem…
				shivanshAuthorUnsubmitted Not Done Inline Actions @ngie I found out `src/contrib/netbsd-tests/fs/tmpfs/h_funcs.subr` in which there are custom functions to create mount points and mount/unmount them (`test_mount()` and `test_unmount()`). I have some common patterns in contrib/netbsd-tests and elsewhere that illustrates how one can do this. Is this the pattern that you previously mentioned ? In case this is the pattern which you mentioned above, is it advisable for me to use this file itself via `. $(atf_get_srcdir)/$(traverse to appropriate location)/h_funcs.subr` or should I make a similar file inside `src/bin/getfacl/tests`. shivansh: @ngie I found out `src/contrib/netbsd-tests/fs/tmpfs/h_funcs.subr` in which there are custom…
				}

				get_user()
				{
				stat -f "%Su" "$1"
				}

				get_group()
				{
				stat -f "%Sg" "$1"
				}

				get_user_perm()
				{
				stat -f "%SHp" "$1"
				}

				get_group_perm()
				{
				stat -f "%SMp" "$1"
				}

				get_other_perm()
				{
				stat -f "%SLp" "$1"
				}

				atf_test_case no_opt
				no_opt_head()
				{
				atf_set "descr" "Verify the output of the getfacl(1) command " \
				"without any options."
				atf_set "require.user" "root"
				}
				asomersUnsubmitted Not Done Inline Actions This will only work for POSIX.1e ACLs. FreeBSD supports two incompatible ACL formats: POSIX.1e and NFSv4. I think the best thing to do would be to write two sets of tests: one for each ACL format. On any one run, one set would be skipped, depending on what filesystem Kyua is using. Or, you could write tests just for POSIX.1e ACLs, because that's what FreeBSD's CI system uses. In that case, you should modify `check_acl` to exclude filesystems with NFSv4 ACLs. asomers: This will only work for POSIX.1e ACLs. FreeBSD supports two incompatible ACL formats: POSIX.1e…

				no_opt_body()
				{
				check_acl
				atf_check touch A
				atf_check setfacl -m u::rw,g::r,o::r A
				user_A=$(get_user A)
				group_A=$(get_group A)
				user_perm_A=$(get_user_perm A)
				group_perm_A=$(get_group_perm A)
				other_perm_A=$(get_other_perm A)
				atf_check -o inline:'# file: A\n# owner: '"$user_A"'\n# group: '"$group_A"'\nuser::'"$user_perm_A"'\ngroup::'"$group_perm_A"'\nmask::'"$group_perm_A"'\nother::'"$other_perm_A"'\n' getfacl A
				}

				atf_test_case no_opt_symbolic
				no_opt_symbolic_head()
				{
				atf_set "descr" "Verify that if the target of the operation is a symbolic " \
				"link, then getfacl(1) returns the ACL from the source of " \
				"the symbolic link."
				atf_set "require.user" "root"
				}

				no_opt_symbolic_body()
				{
				check_acl
				atf_check touch A
				atf_check setfacl -m u::rw,g::r,o::r A
				atf_check ln -s A B
				user_A=$(get_user A)
				group_A=$(get_group A)
				user_perm_A=$(get_user_perm A)
				group_perm_A=$(get_group_perm A)
				other_perm_A=$(get_other_perm A)
				atf_check -o inline:'# file: B\n# owner: '"$user_A"'\n# group: '"$group_A"'\nuser::'"$user_perm_A"'\ngroup::'"$group_perm_A"'\nmask::'"$group_perm_A"'\nother::'"$other_perm_A"'\n' getfacl B
				}

				atf_test_case h_flag
				h_flag_head()
				{
				atf_set "descr" "Verify that if the target of the operation is a symbolic " \
				"link, then '-h' option returns the ACL from the symbolic " \
				"link rather than following the link."
				atf_set "require.user" "root"
				}

				h_flag_body()
				{
				check_acl
				atf_check touch A
				atf_check setfacl -m u::rw,g::r,o::r A
				atf_check ln -s A B
				user_perm_B=$(get_user_perm B)
				group_perm_B=$(get_group_perm B)
				other_perm_B=$(get_other_perm B)
				atf_check -o inline:'user::'"$user_perm_B"'\ngroup::'"$group_perm_B"'\nother::'"$other_perm_B"'\n' getfacl -hq B
				}

				atf_test_case q_flag
				q_flag_head()
				{
				atf_set "descr" "Verify that '-q' option does not display commented " \
				"information about file name and ownership."
				atf_set "require.user" "root"
				}

				q_flag_body()
				{
				check_acl
				atf_check touch A
				atf_check setfacl -m u::rw,g::r,o::r A
				user_perm_A=$(get_user_perm A)
				group_perm_A=$(get_group_perm A)
				other_perm_A=$(get_other_perm A)
				atf_check -o inline:'user::'"$user_perm_A"'\ngroup::'"$group_perm_A"'\nmask::'"$group_perm_A"'\nother::'"$other_perm_A"'\n' getfacl -q A
				}

				atf_init_test_cases()
				{
				atf_add_test_case no_opt
				atf_add_test_case no_opt_symbolic
				atf_add_test_case h_flag
				atf_add_test_case q_flag
				}