9 # Verify if security.mac.portacl.suser_exempt=1 really exempts super-user.
11 trap restore_settings EXIT INT TERM
13 sysctl security.mac.portacl.suser_exempt=1 >/dev/null
15 bind_test ok ok uid root tcp 77
16 bind_test ok ok uid root tcp 7777
17 bind_test ok ok uid root udp 77
18 bind_test ok ok uid root udp 7777
20 bind_test ok ok gid root tcp 77
21 bind_test ok ok gid root tcp 7777
22 bind_test ok ok gid root udp 77
23 bind_test ok ok gid root udp 7777
25 # Verify if security.mac.portacl.suser_exempt=0 really doesn't exempt super-user.
27 sysctl security.mac.portacl.suser_exempt=0 >/dev/null
29 bind_test fl ok uid root tcp 77
30 bind_test ok ok uid root tcp 7777
31 bind_test fl ok uid root udp 77
32 bind_test ok ok uid root udp 7777
34 bind_test fl ok gid root tcp 77
35 bind_test ok ok gid root tcp 7777
36 bind_test fl ok gid root udp 77
37 bind_test ok ok gid root udp 7777
39 # Verify if security.mac.portacl.port_high works for super-user.
41 sysctl security.mac.portacl.port_high=7778 >/dev/null
43 bind_test fl ok uid root tcp 77
44 bind_test fl ok uid root tcp 7777
45 bind_test fl ok uid root udp 77
46 bind_test fl ok uid root udp 7777
48 bind_test fl ok gid root tcp 77
49 bind_test fl ok gid root tcp 7777
50 bind_test fl ok gid root udp 77
51 bind_test fl ok gid root udp 7777