1 # Copyright (c) 2008, 2009 Edward Tomasz NapieraĆa <trasz@FreeBSD.org>
4 # Redistribution and use in source and binary forms, with or without
5 # modification, are permitted provided that the following conditions
7 # 1. Redistributions of source code must retain the above copyright
8 # notice, this list of conditions and the following disclaimer.
9 # 2. Redistributions in binary form must reproduce the above copyright
10 # notice, this list of conditions and the following disclaimer in the
11 # documentation and/or other materials provided with the distribution.
13 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
14 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
16 # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
17 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
18 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
19 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
20 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
21 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
22 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 # This is a tools-level test intended to verify that cp(1) and mv(1)
29 # do the right thing with respect to ACLs. Run it as root using
32 # /usr/src/tools/regression/acltools/run /usr/src/tools/regression/acltools/tools-nfs4.test
34 # You need to have three subdirectories, named nfs4, posix and none,
35 # with filesystems with NFSv4 ACLs, POSIX.1e ACLs and no ACLs enabled,
36 # respectively, mounted on them, in your current directory.
38 # WARNING: Creates files in unsafe way.
45 $ getfacl -nq nfs4/xxx
46 > owner@:--x-----------:------:deny
47 > owner@:rw-p---A-W-Co-:------:allow
48 > group@:-wxp----------:------:deny
49 > group@:r-------------:------:allow
50 > everyone@:-wxp---A-W-Co-:------:deny
51 > everyone@:r-----a-R-c--s:------:allow
54 $ getfacl -nq posix/xxx
59 # mv with POSIX.1e ACLs.
64 $ ls -l posix/xxx | cut -d' ' -f1
66 $ setfacl -m u:42:x,g:43:w posix/xxx
67 $ mv posix/xxx posix/yyy
68 $ getfacl -nq posix/yyy
75 $ ls -l posix/yyy | cut -d' ' -f1
78 # mv from POSIX.1e to none.
83 $ setfacl -m u:42:x,g:43:w posix/xxx
84 $ ls -l posix/xxx | cut -d' ' -f1
86 $ mv posix/xxx none/xxx
87 > mv: failed to set acl entries for none/xxx: Operation not supported
88 $ ls -l none/xxx | cut -d' ' -f1
91 # mv from POSIX.1e to NFSv4.
96 $ setfacl -m u:42:x,g:43:w posix/xxx
97 $ ls -l posix/xxx | cut -d' ' -f1
99 $ mv posix/yyy nfs4/xxx
100 > mv: failed to set acl entries for nfs4/xxx: Invalid argument
101 $ getfacl -nq nfs4/xxx
102 > owner@:-wxp----------:------:deny
103 > owner@:r------A-W-Co-:------:allow
104 > group@:--------------:------:deny
105 > group@:rwxp----------:------:allow
106 > everyone@:--x----A-W-Co-:------:deny
107 > everyone@:rw-p--a-R-c--s:------:allow
108 $ ls -l nfs4/xxx | cut -d' ' -f1
111 # mv with NFSv4 ACLs.
115 $ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx
116 $ mv nfs4/xxx nfs4/yyy
117 $ getfacl -nq nfs4/yyy
118 > user:42:--x-----------:------:allow
119 > group:43:-w------------:------:allow
120 > owner@:--x-----------:------:deny
121 > owner@:rw-p---A-W-Co-:------:allow
122 > group@:-wxp----------:------:deny
123 > group@:r-------------:------:allow
124 > everyone@:-wxp---A-W-Co-:------:deny
125 > everyone@:r-----a-R-c--s:------:allow
126 $ ls -l nfs4/yyy | cut -d' ' -f1
129 # mv from NFSv4 to POSIX.1e without any ACLs.
134 $ ls -l nfs4/xxx | cut -d' ' -f1
136 $ mv nfs4/xxx posix/xxx
137 $ ls -l posix/xxx | cut -d' ' -f1
140 # mv from NFSv4 to none.
145 $ ls -l nfs4/xxx | cut -d' ' -f1
147 $ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx
148 $ ls -l nfs4/xxx | cut -d' ' -f1
150 $ mv nfs4/xxx none/xxx
151 > mv: failed to set acl entries for none/xxx: Operation not supported
152 $ ls -l none/xxx | cut -d' ' -f1
155 # mv from NFSv4 to POSIX.1e.
160 $ ls -l nfs4/xxx | cut -d' ' -f1
162 $ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx
163 $ ls -l nfs4/xxx | cut -d' ' -f1
165 $ mv nfs4/xxx posix/xxx
166 > mv: failed to set acl entries for posix/xxx: Invalid argument
167 $ ls -l posix/xxx | cut -d' ' -f1
170 # cp with POSIX.1e ACLs.
174 $ setfacl -m u:42:x,g:43:w posix/xxx
175 $ ls -l posix/xxx | cut -d' ' -f1
177 $ cp posix/xxx posix/yyy
178 $ ls -l posix/yyy | cut -d' ' -f1
181 # cp -p with POSIX.1e ACLs.
185 $ setfacl -m u:42:x,g:43:w posix/xxx
186 $ getfacl -nq posix/xxx
193 $ ls -l posix/xxx | cut -d' ' -f1
195 $ cp -p posix/xxx posix/yyy
196 $ getfacl -nq posix/yyy
203 $ ls -l posix/yyy | cut -d' ' -f1
206 # cp from POSIX.1e to none.
210 $ setfacl -m u:42:x,g:43:w posix/xxx
211 $ ls -l posix/xxx | cut -d' ' -f1
213 $ cp posix/xxx none/xxx
214 $ ls -l none/xxx | cut -d' ' -f1
217 # cp -p from POSIX.1e to none.
221 $ setfacl -m u:42:x,g:43:w posix/xxx
222 $ ls -l posix/xxx | cut -d' ' -f1
224 $ cp -p posix/xxx none/xxx
225 > cp: failed to set acl entries for none/xxx: Operation not supported
226 $ ls -l none/xxx | cut -d' ' -f1
229 # cp from POSIX.1e to NFSv4.
233 $ setfacl -m u:42:x,g:43:w posix/xxx
234 $ ls -l posix/xxx | cut -d' ' -f1
236 $ cp posix/xxx nfs4/xxx
237 $ ls -l nfs4/xxx | cut -d' ' -f1
240 # cp -p from POSIX.1e to NFSv4.
244 $ setfacl -m u:42:x,g:43:w posix/xxx
245 $ ls -l posix/xxx | cut -d' ' -f1
247 $ cp -p posix/xxx nfs4/xxx
248 > cp: failed to set acl entries for nfs4/xxx: Invalid argument
249 $ ls -l nfs4/xxx | cut -d' ' -f1
252 # cp with NFSv4 ACLs.
257 $ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx
258 $ ls -l nfs4/xxx | cut -d' ' -f1
260 $ cp nfs4/xxx nfs4/yyy
261 $ ls -l nfs4/yyy | cut -d' ' -f1
264 # cp -p with NFSv4 ACLs.
269 $ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx
270 $ cp -p nfs4/xxx nfs4/yyy
271 $ getfacl -nq nfs4/yyy
272 > user:42:--x-----------:------:allow
273 > group:43:-w------------:------:allow
274 > owner@:-w-p----------:------:deny
275 > owner@:r-x----A-W-Co-:------:allow
276 > group@:-wxp----------:------:deny
277 > group@:r-------------:------:allow
278 > everyone@:r------A-W-Co-:------:deny
279 > everyone@:-wxp--a-R-c--s:------:allow
280 $ ls -l nfs4/yyy | cut -d' ' -f1
283 # cp from NFSv4 to none.
288 $ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx
289 $ ls -l nfs4/xxx | cut -d' ' -f1
291 $ cp nfs4/xxx none/xxx
292 $ ls -l none/xxx | cut -d' ' -f1
295 # cp -p from NFSv4 to none.
300 $ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx
301 $ ls -l nfs4/xxx | cut -d' ' -f1
303 $ cp -p nfs4/xxx none/xxx
304 > cp: failed to set acl entries for none/xxx: Operation not supported
305 $ ls -l none/xxx | cut -d' ' -f1
308 # cp from NFSv4 to POSIX.1e.
313 $ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx
314 $ ls -l nfs4/xxx | cut -d' ' -f1
316 $ cp nfs4/xxx posix/xxx
317 $ ls -l posix/xxx | cut -d' ' -f1
320 # cp -p from NFSv4 to POSIX.1e.
325 $ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx
326 $ ls -l nfs4/xxx | cut -d' ' -f1
328 $ cp -p nfs4/xxx posix/xxx
329 > cp: failed to set acl entries for posix/xxx: Invalid argument
330 $ ls -l posix/xxx | cut -d' ' -f1