blob: 7d11e147d0e99e7f214a57775785aaa3b7f64b49 [file] [log] [blame]
#! /bin/bash
# FS QA Test 369
#
# RichACL delete test
#
#-----------------------------------------------------------------------
# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License as
# published by the Free Software Foundation.
#
# This program is distributed in the hope that it would be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write the Free Software Foundation,
# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
#-----------------------------------------------------------------------
#
seq=`basename $0`
seqres=$RESULT_DIR/$seq
echo "QA output created by $seq"
here=`pwd`
tmp=/tmp/$$
status=1 # failure is the default!
trap "_cleanup; exit \$status" 0 1 2 3 15
_cleanup()
{
cd /
rm -f $tmp.*
}
# get standard environment, filters and checks
. ./common/rc
# remove previous $seqres.full before test
rm -f $seqres.full
# real QA test starts here
_supported_fs generic
_supported_os Linux
_require_scratch
_require_scratch_richacl
_require_richacl_prog
_require_runas
_scratch_mkfs_richacl >> $seqres.full
_scratch_mount
cd $SCRATCH_MNT
r()
{
echo "--- runas -u 99 -g 99 $*"
_runas -u 99 -g 99 -- "$@"
}
umask 022
chmod go+w .
mkdir d1 d2 d3 d4 d5 d6 d7
touch d1/f d1/g d2/f d3/f d4/f d5/f d6/f d7/f d7/g d7/h
chmod o+w d1/g
chown 99 d2
chgrp 99 d3
chmod g+w d3
$SETRICHACL_PROG --set 'u:99:wx::allow' d4
$SETRICHACL_PROG --set 'u:99:d::allow' d5
$SETRICHACL_PROG --set 'u:99:xd::allow' d6
$SETRICHACL_PROG --set 'u:99:D::allow' d7/f d7/g d7/h
chmod 664 d7/g
mkdir s2 s3 s4 s5 s6 s7
chmod +t s2 s3 s4 s5 s6 s7
touch s2/f s3/f s4/f s5/f s6/f s7/f s7/g s7/h
chown 99 s2
chgrp 99 s3
chmod g+w s3
$SETRICHACL_PROG --set 'u:99:wx::allow' s4
$SETRICHACL_PROG --set 'u:99:d::allow' s5
$SETRICHACL_PROG --set 'u:99:xd::allow' s6
$SETRICHACL_PROG --set 'u:99:D::allow' s7/f s7/g s7/h
chmod 664 s7/g
# Cannot delete files with no or only with write permissions on the directory
r rm -f d1/f d1/g
# Can delete files in directories we own
r rm -f d2/f s2/f
# Can delete files in non-sticky directories we have write access to
r rm -f d3/f s3/f
# "Write_data/execute" access does not include delete_child access, so deleting
# is not allowed:
r rm -f d4/f s4/f
# "Delete_child" access alone also is not sufficient
r rm -f d5/f s5/f
# "Execute/delete_child" access is sufficient for non-sticky directories
r rm -f d6/f s6/f
# "Delete" access on the child is sufficient, even in sticky directories.
r rm -f d7/f s7/f
# Regression: Delete access must not override add_file / add_subdirectory
# access.
r touch h
r mv -f h d7/
r mv -f h s7/
# A chmod turns off the "delete" permission
r rm -f d7/g s7/g
# success, all done
status=0
exit