source3/script/tests/test_acl_xattr.sh

   1 #!/bin/sh
   2
   3 # this tests acl_xattr config parameter "ignore system acl"
   4
   5 if [ $# -lt 6 ]; then
   6 cat <<EOF
   7 Usage: $0 SERVER USERNAME PASSWORD PREFIX SMBCLIENT SMBCACLS
   8 EOF
   9 exit 1;
  10 fi
  11
  12 SERVER="$1"
  13 USERNAME="$2"
  14 PASSWORD="$3"
  15 PREFIX="$4"
  16 SMBCLIENT="$5"
  17 SMBCACLS="$6"
  18 SMBCLIENT="$VALGRIND ${SMBCLIENT}"
  19 SMBCACLS="$VALGRIND ${SMBCACLS}"
  20
  21 incdir=`dirname $0`/../../../testprogs/blackbox
  22 . $incdir/subunit.sh
  23
  24 setup_remote_file() {
  25     local share=$1
  26     local fname="$share.$$"
  27     local local_fname=$PREFIX/$fname
  28     touch $local_fname
  29     $SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "rm $fname"
  30     $SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "ls" | grep "$fname" && exit 1
  31     $SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "lcd $PREFIX; put $fname" || exit 1
  32 }
  33
  34 nt_affects_posix() {
  35     local share=$1
  36     local expected=$2
  37     local b4
  38     local af
  39     local fname="$share.$$"
  40     b4=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1
  41     $SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -a "ACL:$SERVER\force_user:ALLOWED/0x0/READ" 2>/dev/null || exit 1
  42     af=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1
  43     echo "before: $b4"
  44     echo "after: $af"
  45     if test "$expected" = "true" ; then
  46         test "$b4" != "$af"
  47     else
  48         test "$b4" = "$af"
  49     fi
  50 }
  51
  52 nt_affects_chown() {
  53     local share=$1
  54     local b4_expected
  55     local af_expected
  56     local b4_actual
  57     local af_actual
  58     local fname="$share.$$"
  59
  60     echo -n "determining uid of $USERNAME..."
  61     b4_expected=$(getent passwd $USERNAME) || exit 1
  62     b4_expected=$(echo "$b4_expected" | awk -F: '{print $3}')
  63     echo "$b4_expected"
  64
  65     echo -n "determining uid of force_user..."
  66     af_expected=$(getent passwd force_user) || exit 1
  67     af_expected=$(echo "$af_expected" | awk -F: '{print $3}')
  68     echo "$af_expected"
  69
  70     #basic sanity...
  71     test "$b4_expected != $af_expected" || exit 1
  72
  73     b4_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1
  74     b4_actual=$(echo "$b4_actual" | sed -rn 's/^# owner: (.*)/\1/p')
  75     $SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -C force_user 2>/dev/null || exit 1
  76     af_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1
  77     af_actual=$(echo "$af_actual" | sed -rn 's/^# owner: (.*)/\1/p')
  78     echo "before: $b4_actual"
  79     echo "after: $af_actual"
  80     test "$b4_expected" = "$b4_actual" && test "$af_expected" = "$af_actual"
  81 }
  82
  83 nt_affects_chgrp() {
  84     local share=$1
  85     local b4_expected
  86     local af_expected
  87     local b4_actual
  88     local af_actual
  89     local fname="$share.$$"
  90
  91     echo -n "determining gid of domusers..."
  92     b4_expected=$(getent group domusers) || exit 1
  93     b4_expected=$(echo "$b4_expected" | awk -F: '{print $3}')
  94     echo "$b4_expected"
  95
  96     echo -n "determining uid of domadmins..."
  97     af_expected=$(getent passwd domadmins) || exit 1
  98     af_expected=$(echo "$af_expected" | awk -F: '{print $3}')
  99     echo "$af_expected"
 100
 101     #basic sanity...
 102     test "$b4_expected != $af_expected" || exit 1
 103
 104     b4_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1
 105     b4_actual=$(echo "$b4_actual" | sed -rn 's/^# group: (.*)/\1/p')
 106     $SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -G domadmins 2>/dev/null || exit 1
 107     af_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "getfacl $fname" 2>/dev/null) || exit 1
 108     af_actual=$(echo "$af_actual" | sed -rn 's/^# group: (.*)/\1/p')
 109     echo "before: $b4_actual"
 110     echo "after: $af_actual"
 111     test "$b4_expected" = "$b4_actual" && test "$af_expected" = "$af_actual"
 112 }
 113
 114 testit "setup remote file tmp" setup_remote_file tmp
 115 testit "setup remote file ign_sysacls" setup_remote_file ign_sysacls
 116 testit "nt_affects_posix tmp" nt_affects_posix tmp "true"
 117 testit "nt_affects_posix ign_sysacls" nt_affects_posix ign_sysacls "false"
 118 testit "setup remote file tmp" setup_remote_file tmp
 119 testit "setup remote file ign_sysacls" setup_remote_file ign_sysacls
 120 testit "nt_affects_chown tmp" nt_affects_chown tmp
 121 testit "nt_affects_chown ign_sysacls" nt_affects_chown ign_sysacls
 122 testit "setup remote file tmp" setup_remote_file tmp
 123 testit "setup remote file ign_sysacls" setup_remote_file ign_sysacls
 124 testit "nt_affects_chgrp tmp" nt_affects_chown tmp
 125 testit "nt_affects_chgrp ign_sysacls" nt_affects_chown ign_sysacls