5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
23 . $STF_SUITE/tests/functional/user_namespace/user_namespace_common.kshlib
28 # Regression test for secpolicy_vnode_setids_setgids
32 # 1. Create files with various owners.
33 # 2. Try to set setgid bit.
36 verify_runnable "both"
39 # uroot: root within user namespace
40 # uother: other user within user namespace
41 set -A files rroot_rroot uroot_uroot uroot_other uother_uroot uother_uother
45 for i in ${files[*]}; do
46 log_must rm -f $TESTDIR/$i
52 log_assert "Check root in user namespaces"
54 TOUCH=$(readlink -e $(which touch))
55 CHMOD=$(readlink -e $(which chmod))
57 for i in ${files[*]}; do
58 log_must $TOUCH $TESTDIR/$i
59 log_must $CHMOD 0644 $TESTDIR/$i
62 log_must chown 0:0 $TESTDIR/rroot_rroot
63 log_must chown $ROOT_UID:$ROOT_UID $TESTDIR/uroot_uroot
64 log_must chown $ROOT_UID:$OTHER_UID $TESTDIR/uroot_other
65 log_must chown $OTHER_UID:$ROOT_UID $TESTDIR/uother_uroot
66 log_must chown $OTHER_UID:$OTHER_UID $TESTDIR/uother_uother
68 log_mustnot user_ns_exec $CHMOD 02755 $TESTDIR/rroot_rroot
69 log_mustnot test -g $TESTDIR/rroot_rroot
71 log_must user_ns_exec $CHMOD 02755 $TESTDIR/uroot_uroot
72 log_must test -g $TESTDIR/uroot_uroot
74 log_must user_ns_exec $CHMOD 02755 $TESTDIR/uroot_other
75 log_must test -g $TESTDIR/uroot_other
77 log_must user_ns_exec $CHMOD 02755 $TESTDIR/uother_uroot
78 log_must test -g $TESTDIR/uother_uroot
80 log_must user_ns_exec $CHMOD 02755 $TESTDIR/uother_uother
81 log_must test -g $TESTDIR/uother_uother
83 log_mustnot user_ns_exec $TOUCH $TESTDIR/rroot_rroot
84 log_must $CHMOD 0666 $TESTDIR/rroot_rroot
85 for i in ${files[*]}; do
86 log_must user_ns_exec $TOUCH $TESTDIR/$i
89 log_pass "Check root in user namespaces"