* [XFSTESTS v4 0/4] Richacl tests
@ 2016-03-09 12:06 Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 1/4] Rename output file templates to match TEST.out* Andreas Gruenbacher
` (5 more replies)
0 siblings, 6 replies; 10+ messages in thread
From: Andreas Gruenbacher @ 2016-03-09 12:06 UTC (permalink / raw)
To: xfs; +Cc: Andreas Gruenbacher
Hello,
here is a new version of the richacl tests. According to feedback from the
previous posting (http://oss.sgi.com/archives/xfs/2015-12/msg00316.html), each
of the richacl tests is not run separately, on a new scratch filesystem.
Thanks,
Andreas
Andreas Gruenbacher (4):
Rename output file templates to match TEST.out*
check: Add support for tests without *.out files
xfs/191: Remove obsolete nfs4acl tests
Add richacl tests
.gitignore | 19 +++
Makefile | 2 +-
check | 77 ++++++---
common/rc | 36 ++++
nfs4acl/Makefile | 29 ----
nfs4acl/apply-mask.test | 143 ----------------
nfs4acl/basic.test | 70 --------
nfs4acl/chmod.test | 31 ----
nfs4acl/chown.test | 63 -------
nfs4acl/computed-mode.test | 62 -------
nfs4acl/create.test | 35 ----
nfs4acl/ctime.test | 36 ----
nfs4acl/delete.test | 77 ---------
nfs4acl/run | 298 ---------------------------------
nfs4acl/unrepresentable.test | 20 ---
nfs4acl/write-vs-append.test | 46 -----
richacl/Makefile | 23 +++
richacl/apply-masks | 163 ++++++++++++++++++
richacl/auto-inheritance | 191 +++++++++++++++++++++
richacl/basic | 97 +++++++++++
richacl/chmod | 40 +++++
richacl/chown | 42 +++++
richacl/create | 36 ++++
richacl/ctime | 35 ++++
richacl/delete | 89 ++++++++++
richacl/setrichacl-modify | 57 +++++++
richacl/test-lib.sh | 154 +++++++++++++++++
richacl/write-vs-append | 54 ++++++
tests/generic/338 | 67 ++++++++
tests/generic/339-apply-masks | 1 +
tests/generic/340-auto-inheritance | 1 +
tests/generic/341-basic | 1 +
tests/generic/342-chmod | 1 +
tests/generic/343-chown | 1 +
tests/generic/344-create | 1 +
tests/generic/345-ctime | 1 +
tests/generic/346-delete | 1 +
tests/generic/347-setrichacl-modify | 1 +
tests/generic/348-write-vs-append | 1 +
tests/generic/group | 10 ++
tests/xfs/096 | 4 +-
tests/xfs/096.external | 50 ------
tests/xfs/096.internal | 51 ------
tests/xfs/096.out.external | 50 ++++++
tests/xfs/096.out.internal | 51 ++++++
tests/xfs/191 | 75 ---------
tests/xfs/191.out | 324 ------------------------------------
tests/xfs/group | 1 -
48 files changed, 1277 insertions(+), 1441 deletions(-)
delete mode 100644 nfs4acl/Makefile
delete mode 100644 nfs4acl/apply-mask.test
delete mode 100644 nfs4acl/basic.test
delete mode 100644 nfs4acl/chmod.test
delete mode 100644 nfs4acl/chown.test
delete mode 100644 nfs4acl/computed-mode.test
delete mode 100644 nfs4acl/create.test
delete mode 100644 nfs4acl/ctime.test
delete mode 100644 nfs4acl/delete.test
delete mode 100755 nfs4acl/run
delete mode 100644 nfs4acl/unrepresentable.test
delete mode 100644 nfs4acl/write-vs-append.test
create mode 100644 richacl/Makefile
create mode 100755 richacl/apply-masks
create mode 100755 richacl/auto-inheritance
create mode 100755 richacl/basic
create mode 100755 richacl/chmod
create mode 100755 richacl/chown
create mode 100755 richacl/create
create mode 100755 richacl/ctime
create mode 100755 richacl/delete
create mode 100755 richacl/setrichacl-modify
create mode 100644 richacl/test-lib.sh
create mode 100755 richacl/write-vs-append
create mode 100755 tests/generic/338
create mode 120000 tests/generic/339-apply-masks
create mode 120000 tests/generic/340-auto-inheritance
create mode 120000 tests/generic/341-basic
create mode 120000 tests/generic/342-chmod
create mode 120000 tests/generic/343-chown
create mode 120000 tests/generic/344-create
create mode 120000 tests/generic/345-ctime
create mode 120000 tests/generic/346-delete
create mode 120000 tests/generic/347-setrichacl-modify
create mode 120000 tests/generic/348-write-vs-append
delete mode 100644 tests/xfs/096.external
delete mode 100644 tests/xfs/096.internal
create mode 100644 tests/xfs/096.out.external
create mode 100644 tests/xfs/096.out.internal
delete mode 100755 tests/xfs/191
delete mode 100644 tests/xfs/191.out
--
2.5.0
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply [flat|nested] 10+ messages in thread
* [XFSTESTS v4 1/4] Rename output file templates to match TEST.out*
2016-03-09 12:06 [XFSTESTS v4 0/4] Richacl tests Andreas Gruenbacher
@ 2016-03-09 12:06 ` Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 2/4] check: Add support for tests without *.out files Andreas Gruenbacher
` (4 subsequent siblings)
5 siblings, 0 replies; 10+ messages in thread
From: Andreas Gruenbacher @ 2016-03-09 12:06 UTC (permalink / raw)
To: xfs; +Cc: Andreas Gruenbacher
Rename the expected output files so that they all match "$TEST_NAME.out*".
That way, we can statically check if a test has any .out* files.
Add $TEST_NAME.out and similar symlinks to .gitignore.
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
.gitignore | 19 +++++++++++++++++
tests/xfs/096 | 4 ++--
tests/xfs/096.external | 50 ---------------------------------------------
tests/xfs/096.internal | 51 ----------------------------------------------
tests/xfs/096.out.external | 50 +++++++++++++++++++++++++++++++++++++++++++++
tests/xfs/096.out.internal | 51 ++++++++++++++++++++++++++++++++++++++++++++++
6 files changed, 122 insertions(+), 103 deletions(-)
delete mode 100644 tests/xfs/096.external
delete mode 100644 tests/xfs/096.internal
create mode 100644 tests/xfs/096.out.external
create mode 100644 tests/xfs/096.out.internal
diff --git a/.gitignore b/.gitignore
index 28fa205..f9ea1fa 100644
--- a/.gitignore
+++ b/.gitignore
@@ -199,3 +199,22 @@
/dmapi/src/suite2/src/test_invis
/dmapi/src/suite2/src/test_region
/dmapi/src/suite2/src/test_rights
+
+# Symlinked files
+/tests/generic/088.out
+/tests/generic/097.out
+/tests/xfs/018.op
+/tests/xfs/022.out
+/tests/xfs/023.out
+/tests/xfs/030.out
+/tests/xfs/031.out
+/tests/xfs/033.out
+/tests/xfs/035.out
+/tests/xfs/036.out
+/tests/xfs/039.out
+/tests/xfs/043.out
+/tests/xfs/055.out
+/tests/xfs/071.out
+/tests/xfs/082.op
+/tests/xfs/096.out
+/tests/xfs/146.out
diff --git a/tests/xfs/096 b/tests/xfs/096
index c289c10..f949e83 100755
--- a/tests/xfs/096
+++ b/tests/xfs/096
@@ -109,9 +109,9 @@ _require_v2log
# choose .out file based on internal/external log
rm -f $seqfull.out
if [ "$USE_EXTERNAL" = yes ]; then
- ln -s $seq.external $seqfull.out
+ ln -s $seq.out.external $seqfull.out
else
- ln -s $seq.internal $seqfull.out
+ ln -s $seq.out.internal $seqfull.out
fi
# maximum log record size
diff --git a/tests/xfs/096.external b/tests/xfs/096.external
deleted file mode 100644
index 3122330..0000000
--- a/tests/xfs/096.external
+++ /dev/null
@@ -1,50 +0,0 @@
-QA output created by 096
-
-# su too big but must be a multiple of fs block size too
---- mkfs=-l version=2,su=262656 ---
-log stripe unit (262656) must be a multiple of the block size (4096)
-
-
-# test log stripe greater than LR size
---- mkfs=-l version=2,su=266240 ---
-meta-data=DEV isize=N agcount=N, agsize=N blks
-data = bsize=4096 blocks=N, imaxpct=N
- = sunit=0 swidth=0 blks, unwritten=1
-naming =version 2 bsize=4096
-log =LOG bsize=4096 blocks=N, version=N
-realtime =REALTIME extsz=N, blocks=N, rtextents=N
-
-
-# same test but get log stripe from data stripe
---- mkfs=-l version=2 -d su=266240,sw=1 ---
-meta-data=DEV isize=N agcount=N, agsize=N blks
-data = bsize=4096 blocks=N, imaxpct=N
- = sunit=65 swidth=65 blks, unwritten=1
-naming =version 2 bsize=4096
-log =LOG bsize=4096 blocks=N, version=N
- = sunit=N blks
-realtime =REALTIME extsz=N, blocks=N, rtextents=N
-
-
-# test out data stripe
---- mkfs=-m crc=0 -l version=1 -d su=266240,sw=1 ---
-meta-data=DEV isize=N agcount=N, agsize=N blks
-data = bsize=4096 blocks=N, imaxpct=N
- = sunit=65 swidth=65 blks, unwritten=1
-naming =version 2 bsize=4096
-log =LOG bsize=4096 blocks=N, version=N
- = sunit=N blks
-realtime =REALTIME extsz=N, blocks=N, rtextents=N
-
-
-# test out data stripe the same but using sunit & swidth
---- mkfs=-m crc=0 -l version=1 -d sunit=520,swidth=520 ---
-meta-data=DEV isize=N agcount=N, agsize=N blks
-data = bsize=4096 blocks=N, imaxpct=N
- = sunit=65 swidth=65 blks, unwritten=1
-naming =version 2 bsize=4096
-log =LOG bsize=4096 blocks=N, version=N
- = sunit=N blks
-realtime =REALTIME extsz=N, blocks=N, rtextents=N
-
-
diff --git a/tests/xfs/096.internal b/tests/xfs/096.internal
deleted file mode 100644
index 80201d2..0000000
--- a/tests/xfs/096.internal
+++ /dev/null
@@ -1,51 +0,0 @@
-QA output created by 096
-
-# su too big but must be a multiple of fs block size too
---- mkfs=-l version=2,su=262656 ---
-log stripe unit (262656) must be a multiple of the block size (4096)
-
-
-# test log stripe greater than LR size
---- mkfs=-l version=2,su=266240 ---
-meta-data=DEV isize=N agcount=N, agsize=N blks
-data = bsize=4096 blocks=N, imaxpct=N
- = sunit=0 swidth=0 blks, unwritten=1
-naming =version 2 bsize=4096
-log =LOG bsize=4096 blocks=N, version=N
- = sunit=N blks
-realtime =REALTIME extsz=N, blocks=N, rtextents=N
-
-
-# same test but get log stripe from data stripe
---- mkfs=-l version=2 -d su=266240,sw=1 ---
-meta-data=DEV isize=N agcount=N, agsize=N blks
-data = bsize=4096 blocks=N, imaxpct=N
- = sunit=65 swidth=65 blks, unwritten=1
-naming =version 2 bsize=4096
-log =LOG bsize=4096 blocks=N, version=N
- = sunit=N blks
-realtime =REALTIME extsz=N, blocks=N, rtextents=N
-
-
-# test out data stripe
---- mkfs=-m crc=0 -l version=1 -d su=266240,sw=1 ---
-meta-data=DEV isize=N agcount=N, agsize=N blks
-data = bsize=4096 blocks=N, imaxpct=N
- = sunit=65 swidth=65 blks, unwritten=1
-naming =version 2 bsize=4096
-log =LOG bsize=4096 blocks=N, version=N
- = sunit=N blks
-realtime =REALTIME extsz=N, blocks=N, rtextents=N
-
-
-# test out data stripe the same but using sunit & swidth
---- mkfs=-m crc=0 -l version=1 -d sunit=520,swidth=520 ---
-meta-data=DEV isize=N agcount=N, agsize=N blks
-data = bsize=4096 blocks=N, imaxpct=N
- = sunit=65 swidth=65 blks, unwritten=1
-naming =version 2 bsize=4096
-log =LOG bsize=4096 blocks=N, version=N
- = sunit=N blks
-realtime =REALTIME extsz=N, blocks=N, rtextents=N
-
-
diff --git a/tests/xfs/096.out.external b/tests/xfs/096.out.external
new file mode 100644
index 0000000..3122330
--- /dev/null
+++ b/tests/xfs/096.out.external
@@ -0,0 +1,50 @@
+QA output created by 096
+
+# su too big but must be a multiple of fs block size too
+--- mkfs=-l version=2,su=262656 ---
+log stripe unit (262656) must be a multiple of the block size (4096)
+
+
+# test log stripe greater than LR size
+--- mkfs=-l version=2,su=266240 ---
+meta-data=DEV isize=N agcount=N, agsize=N blks
+data = bsize=4096 blocks=N, imaxpct=N
+ = sunit=0 swidth=0 blks, unwritten=1
+naming =version 2 bsize=4096
+log =LOG bsize=4096 blocks=N, version=N
+realtime =REALTIME extsz=N, blocks=N, rtextents=N
+
+
+# same test but get log stripe from data stripe
+--- mkfs=-l version=2 -d su=266240,sw=1 ---
+meta-data=DEV isize=N agcount=N, agsize=N blks
+data = bsize=4096 blocks=N, imaxpct=N
+ = sunit=65 swidth=65 blks, unwritten=1
+naming =version 2 bsize=4096
+log =LOG bsize=4096 blocks=N, version=N
+ = sunit=N blks
+realtime =REALTIME extsz=N, blocks=N, rtextents=N
+
+
+# test out data stripe
+--- mkfs=-m crc=0 -l version=1 -d su=266240,sw=1 ---
+meta-data=DEV isize=N agcount=N, agsize=N blks
+data = bsize=4096 blocks=N, imaxpct=N
+ = sunit=65 swidth=65 blks, unwritten=1
+naming =version 2 bsize=4096
+log =LOG bsize=4096 blocks=N, version=N
+ = sunit=N blks
+realtime =REALTIME extsz=N, blocks=N, rtextents=N
+
+
+# test out data stripe the same but using sunit & swidth
+--- mkfs=-m crc=0 -l version=1 -d sunit=520,swidth=520 ---
+meta-data=DEV isize=N agcount=N, agsize=N blks
+data = bsize=4096 blocks=N, imaxpct=N
+ = sunit=65 swidth=65 blks, unwritten=1
+naming =version 2 bsize=4096
+log =LOG bsize=4096 blocks=N, version=N
+ = sunit=N blks
+realtime =REALTIME extsz=N, blocks=N, rtextents=N
+
+
diff --git a/tests/xfs/096.out.internal b/tests/xfs/096.out.internal
new file mode 100644
index 0000000..80201d2
--- /dev/null
+++ b/tests/xfs/096.out.internal
@@ -0,0 +1,51 @@
+QA output created by 096
+
+# su too big but must be a multiple of fs block size too
+--- mkfs=-l version=2,su=262656 ---
+log stripe unit (262656) must be a multiple of the block size (4096)
+
+
+# test log stripe greater than LR size
+--- mkfs=-l version=2,su=266240 ---
+meta-data=DEV isize=N agcount=N, agsize=N blks
+data = bsize=4096 blocks=N, imaxpct=N
+ = sunit=0 swidth=0 blks, unwritten=1
+naming =version 2 bsize=4096
+log =LOG bsize=4096 blocks=N, version=N
+ = sunit=N blks
+realtime =REALTIME extsz=N, blocks=N, rtextents=N
+
+
+# same test but get log stripe from data stripe
+--- mkfs=-l version=2 -d su=266240,sw=1 ---
+meta-data=DEV isize=N agcount=N, agsize=N blks
+data = bsize=4096 blocks=N, imaxpct=N
+ = sunit=65 swidth=65 blks, unwritten=1
+naming =version 2 bsize=4096
+log =LOG bsize=4096 blocks=N, version=N
+ = sunit=N blks
+realtime =REALTIME extsz=N, blocks=N, rtextents=N
+
+
+# test out data stripe
+--- mkfs=-m crc=0 -l version=1 -d su=266240,sw=1 ---
+meta-data=DEV isize=N agcount=N, agsize=N blks
+data = bsize=4096 blocks=N, imaxpct=N
+ = sunit=65 swidth=65 blks, unwritten=1
+naming =version 2 bsize=4096
+log =LOG bsize=4096 blocks=N, version=N
+ = sunit=N blks
+realtime =REALTIME extsz=N, blocks=N, rtextents=N
+
+
+# test out data stripe the same but using sunit & swidth
+--- mkfs=-m crc=0 -l version=1 -d sunit=520,swidth=520 ---
+meta-data=DEV isize=N agcount=N, agsize=N blks
+data = bsize=4096 blocks=N, imaxpct=N
+ = sunit=65 swidth=65 blks, unwritten=1
+naming =version 2 bsize=4096
+log =LOG bsize=4096 blocks=N, version=N
+ = sunit=N blks
+realtime =REALTIME extsz=N, blocks=N, rtextents=N
+
+
--
2.5.0
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [XFSTESTS v4 2/4] check: Add support for tests without *.out files
2016-03-09 12:06 [XFSTESTS v4 0/4] Richacl tests Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 1/4] Rename output file templates to match TEST.out* Andreas Gruenbacher
@ 2016-03-09 12:06 ` Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 3/4] xfs/191: Remove obsolete nfs4acl tests Andreas Gruenbacher
` (3 subsequent siblings)
5 siblings, 0 replies; 10+ messages in thread
From: Andreas Gruenbacher @ 2016-03-09 12:06 UTC (permalink / raw)
To: xfs; +Cc: Andreas Gruenbacher
Add support for tests which report their status through their exit code
instead of producing output that is compared with the expected output.
When such a test returns with exit code 77, it is assumed to have been
skipped; all other non-zero exit codes are treated as test failures.
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
check | 77 +++++++++++++++++++++++++++++++++++++++++++------------------------
1 file changed, 50 insertions(+), 27 deletions(-)
diff --git a/check b/check
index 2986d84..1327e1c 100755
--- a/check
+++ b/check
@@ -203,6 +203,13 @@ _prepare_test_list()
fi
}
+# Check if a test has any .out* files
+has_out_files()
+{
+ set -- "$1".out*
+ [ $# -gt 0 -a -e "$1" ]
+}
+
# Process command arguments first.
while [ $# -gt 0 ]; do
case "$1" in
@@ -635,6 +642,13 @@ for section in $HOST_OPTIONS_SECTIONS; do
err=true
fi
+ if ! has_out_files $seq; then
+ if [ $sts -eq 77 ]; then
+ cat $tmp.out > $seqres.notrun
+ sts=0
+ fi
+ fi
+
if [ -f $seqres.notrun ]
then
$timestamp || echo -n " [not run] "
@@ -647,41 +661,50 @@ for section in $HOST_OPTIONS_SECTIONS; do
echo -n " [failed, exit status $sts]"
err=true
fi
- if [ ! -f $seq.out ]
- then
- echo " - no qualified output"
- err=true
- else
- # coreutils 8.16+ changed quote formats in error messages from
- # `foo' to 'foo'. Filter old versions to match the new version.
- sed -i "s/\`/\'/g" $tmp.out
- if diff $seq.out $tmp.out >/dev/null 2>&1
+ if has_out_files $seq; then
+ if [ ! -f $seq.out ]
then
- if $err
+ echo " - no qualified output"
+ err=true
+ else
+ # coreutils 8.16+ changed quote formats in error messages from
+ # `foo' to 'foo'. Filter old versions to match the new version.
+ sed -i "s/\`/\'/g" $tmp.out
+
+ if ! diff $seq.out $tmp.out >/dev/null 2>&1
then
- :
- else
- echo "$seqnum `expr $stop - $start`" >>$tmp.time
- echo -n " `expr $stop - $start`s"
+ echo " - output mismatch (see $seqres.out.bad)"
+ mv $tmp.out $seqres.out.bad
+ $diff $seq.out $seqres.out.bad | {
+ if test "$DIFF_LENGTH" -le 0; then
+ cat
+ else
+ head -n "$DIFF_LENGTH"
+ echo "..."
+ echo "(Run '$diff $seq.out $seqres.out.bad'" \
+ " to see the entire diff)"
+ fi; } | \
+ sed -e 's/^\(.\)/ \1/'
+ err=true
fi
- echo ""
+ fi
+ else
+ if ! $err; then
+ mv $tmp.out $seqres.out.good
else
- echo " - output mismatch (see $seqres.out.bad)"
mv $tmp.out $seqres.out.bad
- $diff $seq.out $seqres.out.bad | {
- if test "$DIFF_LENGTH" -le 0; then
- cat
- else
- head -n "$DIFF_LENGTH"
- echo "..."
- echo "(Run '$diff $seq.out $seqres.out.bad'" \
- " to see the entire diff)"
- fi; } | \
- sed -e 's/^\(.\)/ \1/'
- err=true
+ echo " - output (see $seqres.out.bad)"
+ cat $seqres.out.bad
fi
fi
+
+ if ! $err; then
+ echo "$seqnum `expr $stop - $start`" >>$tmp.time
+ echo -n " `expr $stop - $start`s"
+ echo ""
+ fi
+
try="$try $seqnum"
n_try=`expr $n_try + 1`
_check_filesystems
--
2.5.0
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [XFSTESTS v4 3/4] xfs/191: Remove obsolete nfs4acl tests
2016-03-09 12:06 [XFSTESTS v4 0/4] Richacl tests Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 1/4] Rename output file templates to match TEST.out* Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 2/4] check: Add support for tests without *.out files Andreas Gruenbacher
@ 2016-03-09 12:06 ` Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 4/4] Add richacl tests Andreas Gruenbacher
` (2 subsequent siblings)
5 siblings, 0 replies; 10+ messages in thread
From: Andreas Gruenbacher @ 2016-03-09 12:06 UTC (permalink / raw)
To: xfs; +Cc: Andreas Gruenbacher
The nfs4acl tests don't make sense anymore as they have been obsoleted
by richacls.
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
nfs4acl/Makefile | 29 ----
nfs4acl/apply-mask.test | 143 -------------------
nfs4acl/basic.test | 70 ----------
nfs4acl/chmod.test | 31 -----
nfs4acl/chown.test | 63 ---------
nfs4acl/computed-mode.test | 62 ---------
nfs4acl/create.test | 35 -----
nfs4acl/ctime.test | 36 -----
nfs4acl/delete.test | 77 ----------
nfs4acl/run | 298 ---------------------------------------
nfs4acl/unrepresentable.test | 20 ---
nfs4acl/write-vs-append.test | 46 ------
tests/xfs/191 | 75 ----------
tests/xfs/191.out | 324 -------------------------------------------
tests/xfs/group | 1 -
15 files changed, 1310 deletions(-)
delete mode 100644 nfs4acl/Makefile
delete mode 100644 nfs4acl/apply-mask.test
delete mode 100644 nfs4acl/basic.test
delete mode 100644 nfs4acl/chmod.test
delete mode 100644 nfs4acl/chown.test
delete mode 100644 nfs4acl/computed-mode.test
delete mode 100644 nfs4acl/create.test
delete mode 100644 nfs4acl/ctime.test
delete mode 100644 nfs4acl/delete.test
delete mode 100755 nfs4acl/run
delete mode 100644 nfs4acl/unrepresentable.test
delete mode 100644 nfs4acl/write-vs-append.test
delete mode 100755 tests/xfs/191
delete mode 100644 tests/xfs/191.out
diff --git a/nfs4acl/Makefile b/nfs4acl/Makefile
deleted file mode 100644
index 42313f3..0000000
--- a/nfs4acl/Makefile
+++ /dev/null
@@ -1,29 +0,0 @@
-#-----------------------------------------------------------------------
-# Copyright (c) 2008 Silicon Graphics, Inc. All Rights Reserved.
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation.
-#
-# This program is distributed in the hope that it would be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-#
-#-----------------------------------------------------------------------
-
-TOPDIR = ..
-include $(TOPDIR)/include/builddefs
-
-LSRCFILES = run \
- apply-mask.test chmod.test computed-mode.test ctime.test \
- unrepresentable.test basic.test chown.test create.test \
- delete.test write-vs-append.test
-
-include $(BUILDRULES)
-
-default install install-dev install-lib:
diff --git a/nfs4acl/apply-mask.test b/nfs4acl/apply-mask.test
deleted file mode 100644
index 9b9483a..0000000
--- a/nfs4acl/apply-mask.test
+++ /dev/null
@@ -1,143 +0,0 @@
-$ rm -rf d
-$ mkdir d
-$ cd d
-
-$ touch x
-
-$ nfs4acl --set 'owner@:rw::allow group@:rw::allow everyone@:r::allow' x
-$ nfs4acl --get x
-> x:
-> owner@:rw::allow
-> group@:rw::allow
-> everyone@:r::allow
->
-
-$ nfs4acl --set 'everyone@:w::allow owner@:r::allow group@:r::allow' x
-$ chmod 664 x
-$ nfs4acl --get x
-> x:
-> owner@:rw::allow
-> group@:rw::allow
->
-
-$ nfs4acl --set 'everyone@:w::deny owner@:rw::allow group@:rw::allow' x
-$ chmod 664 x
-$ nfs4acl --get x
-> x:
-> owner@:r::allow
-> group@:r::allow
->
-
-$ nfs4acl --set 'owner@:rwmo::allow' x
-$ nfs4acl --get x
-> x:
-> owner@:rwmo::allow
->
-
-$ chmod 644 x
-$ nfs4acl --get x
-> x:
-> owner@:rw::allow
->
-
-$ nfs4acl --set 'root:rw::allow' x
-$ chmod 664 x
-$ nfs4acl --get x
-> x:
-> root:rw::allow
->
-
-$ chmod 644 x
-$ nfs4acl --get x
-> x:
-> root:r::allow
->
-
-$ chmod 664 x
-$ nfs4acl --get x
-> x:
-> root:rw::allow
->
-
-$ nfs4acl --set 'root:rw::allow everyone@:r::allow' x
-$ chmod 664 x
-$ nfs4acl --get x
-> x:
-> root:rw::allow
-> everyone@:r::allow
->
-
-$ nfs4acl --set 'root:r::allow everyone@:rw::allow' x
-$ chmod 664 x
-$ nfs4acl --get x
-> x:
-> root:rw::allow
-> owner@:rw::allow
-> group@:rw::allow
-> everyone@:r::allow
->
-
-$ nfs4acl --set 'root:w::deny everyone@:rw::allow' x
-$ chmod 664 x
-$ nfs4acl --get x
-> x:
-> root:w::deny
-> owner@:rw::allow
-> group@:rw::allow
-> root:r::allow
-> everyone@:r::allow
->
-
-$ nfs4acl --set 'root:rw::allow root:w::deny everyone@:rw::allow' x
-$ chmod 664 x
-$ nfs4acl --get x
-> x:
-> root:rw::allow
-> root:w::deny
-> owner@:rw::allow
-> group@:rw::allow
-> everyone@:r::allow
->
-
-$ nfs4acl --set 'everyone@:rw::allow' x
-$ chmod 066 x
-$ nfs4acl --get x
-> x:
-> owner@:rw::deny
-> everyone@:rw::allow
->
-
-$ chmod 006 x
-$ nfs4acl --get x
-> x:
-> owner@:rw::deny
-> group@:rw::deny
-> everyone@:rw::allow
->
-
-$ chmod 606 x
-$ nfs4acl --get x
-> x:
-> group@:rw::deny
-> everyone@:rw::allow
->
-
-$ nfs4acl --set 'root:rw::allow everyone@:rw::allow' x
-$ chmod 606 x
-$ nfs4acl --get x
-> x:
-> group@:rw::deny
-> everyone@:rw::allow
->
-
-$ chmod 646 x
-$ nfs4acl --get x
-> x:
-> root:r::allow
-> group@:w::deny
-> root:w::deny
-> everyone@:rw::allow
->
-
-$ cd ..
-$ rm -rf d
diff --git a/nfs4acl/basic.test b/nfs4acl/basic.test
deleted file mode 100644
index 1ae2896..0000000
--- a/nfs4acl/basic.test
+++ /dev/null
@@ -1,70 +0,0 @@
-$ rm -rf d
-$ mkdir d
-$ cd d
-
-$ chown bin .
-$ su bin
-
-$ touch x
-$ nfs4acl --set 'everyone@:rw::allow' x
-$ ls -l x | cut -d ' ' -f 1
-> -rw-rw-rw-
-
-$ nfs4acl --get x
-> x:
-> everyone@:rw::allow
->
-
-$ chmod 664 x
-$ ls -l x | cut -d ' ' -f 1
-> -rw-rw-r--
-
-$ nfs4acl --get x
-> x:
-> owner@:rw::allow
-> group@:rw::allow
-> everyone@:r::allow
->
-
-$ mkdir sub
-$ nfs4acl --set 'everyone@:rwax:fd:allow' sub
-$ ls -dl sub | cut -d ' ' -f 1
-> drwxrwxrwx
-
-$ nfs4acl --get sub
-> sub:
-> everyone@:rwax:fd:allow
->
-
-$ chmod 775 sub
-$ ls -dl sub | cut -d ' ' -f 1
-> drwxrwxr-x
-$ nfs4acl --get sub
-> sub:
-> owner@:rwax::allow
-> group@:rwax::allow
-> everyone@:rwax:fdi:allow
-> everyone@:rx::allow
->
-
-$ touch sub/f
-$ ls -l sub/f | cut -d ' ' -f 1
-> -rw-rw-rw-
-
-$ nfs4acl --get sub/f
-> sub/f:
-> everyone@:rwa::allow
->
-
-$ mkdir sub/sub2
-$ ls -dl sub/sub2 | cut -d ' ' -f 1
-> drwxrwxrwx
-
-$ nfs4acl --get sub/sub2
-> sub/sub2:
-> everyone@:rwax:fd:allow
->
-
-$ su
-$ cd ..
-$ rm -rf d
diff --git a/nfs4acl/chmod.test b/nfs4acl/chmod.test
deleted file mode 100644
index f4238b0..0000000
--- a/nfs4acl/chmod.test
+++ /dev/null
@@ -1,31 +0,0 @@
-$ mkdir d
-$ cd d
-
-$ whoami
-> root
-
-$ touch a
-
-Neet to have write_acl permission to chmod or set the acl:
- $ su bin
- $ chmod 666 a
- > chmod: changing permissions of `a': Operation not permitted
- $ nfs4acl --set 'bin:rwM::allow' a
- > a: Operation not permitted
-
-$ su
-$ nfs4acl --set 'bin:rwm::allow' a
-
-Can set the acl now:
- $ su bin
- $ nfs4acl --set 'bin:rwm::allow' a
-
-A chmod limits the permissions to the specified mode, which always disables
-write_acl:
- $ chmod 666 a
- $ nfs4acl --set 'bin:rwm::allow' a
- > a: Operation not permitted
-
-$ su
-$ cd ..
-$ rm -rf d
diff --git a/nfs4acl/chown.test b/nfs4acl/chown.test
deleted file mode 100644
index df29bf4..0000000
--- a/nfs4acl/chown.test
+++ /dev/null
@@ -1,63 +0,0 @@
-$ mkdir d
-$ cd d
-
-$ whoami
-> root
-
-$ id -Gn daemon
-> daemon bin
-
-$ touch a
-
-Chown and chgrp with no take ownership permission fails:
- $ su daemon
- $ chown daemon a
- > chown: changing ownership of `a': Operation not permitted
- $ chgrp daemon a
- > chgrp: changing group of `a': Operation not permitted
- $ nfs4acl --set 'daemon:rwo::allow' a
- > a: Operation not permitted
-
-Add the take_ownership permission. This is reflected in the file masks; the
-file mode cannot show this though:
- $ su
- $ nfs4acl --set 'daemon:rwo::allow' a
-
-Chown and chgrp to an arbitrary other user or group fails:
- $ su daemon
- $ chown root a
- > chown: changing ownership of `a': Operation not permitted
- $ chgrp root a
- > chgrp: changing group of `a': Operation not permitted
-
-Changing the mode makes that an upper bound of the permissions granted, even
-when the file mode stays the same:
- $ su
- $ ls -l a | cut -d ' ' -f1
- > -rw-rw----
- $ chmod 660 a
-
-Chown and chgrp to the same user or a group the process is in now fails
-because the masks now do not grant change_ownership access:
- $ su daemon
- $ chown daemon a
- > chown: changing ownership of `a': Operation not permitted
- $ chgrp daemon a
- > chgrp: changing group of `a': Operation not permitted
- $ chgrp bin a
- > chgrp: changing group of `a': Operation not permitted
-
-Add back change_ownership:
- $ su
- $ nfs4acl --set 'daemon:rwo::allow' a
-
-Now, chgrp to one of the groups the process is in and chown to the same user
-succeeds:
- $ su daemon
- $ chgrp daemon a
- $ chgrp bin a
- $ chown daemon a
-
-$ su
-$ cd ..
-$ rm -rf d
diff --git a/nfs4acl/computed-mode.test b/nfs4acl/computed-mode.test
deleted file mode 100644
index baa68d6..0000000
--- a/nfs4acl/computed-mode.test
+++ /dev/null
@@ -1,62 +0,0 @@
-$ rm -rf d
-$ mkdir d
-$ cd d
-
-$ mkdir e
-
-$ nfs4acl --set 'owner@:rwx:f:allow' e
-$ touch e/f
-$ ls -l e/f | cut -d ' ' -f 1
-> -rw-------
-$ rm e/f
-
-$ nfs4acl --set 'group@:rwx:f:allow' e
-$ touch e/f
-$ ls -l e/f | cut -d ' ' -f 1
-> -rw-rw----
-$ rm e/f
-
-$ nfs4acl --set 'everyone@:rwx:f:allow' e
-$ touch e/f
-$ ls -l e/f | cut -d ' ' -f 1
-> -rw-rw-rw-
-$ rm e/f
-
-$ nfs4acl --set 'owner@:rwx:f:allow root:rx:f:deny root:rx:f:allow' e
-$ touch e/f
-$ ls -l e/f | cut -d ' ' -f 1
-> -rw-------
-$ rm e/f
-
-$ nfs4acl --set 'owner@:rwx::allow everyone@:w:fi:deny everyone@:rwx:fi:allow' e
-$ touch e/f
-$ ls -l e/f | cut -d ' ' -f 1
-> -r--r--r--
-$ rm e/f
-
-$ nfs4acl --set 'owner@:rwx::allow root:rx:fi:deny root:rx:fi:allow' e
-$ touch e/f
-$ ls -l e/f | cut -d ' ' -f 1
-> ----------
-$ rm e/f
-
-$ nfs4acl --set 'owner@:rx:fi:allow group@:rwx:fi:deny everyone@:rwx:f:allow' e
-$ touch e/f
-$ ls -l e/f | cut -d ' ' -f 1
-> -rw----rw-
-$ rm e/f
-
-$ nfs4acl --set 'owner@:rx:fi:allow root:rwx:fi:deny everyone@:rwx:f:allow' e
-$ touch e/f
-$ ls -l e/f | cut -d ' ' -f 1
-> -rw-rw-rw-
-$ rm e/f
-
-$ nfs4acl --set 'everyone@:w:fi:deny root:rx:fi:allow everyone@:rwx:f:allow' e
-$ touch e/f
-$ ls -l e/f | cut -d ' ' -f 1
-> -r--r--r--
-$ rm e/f
-
-$ cd ..
-$ rm -rf d
diff --git a/nfs4acl/create.test b/nfs4acl/create.test
deleted file mode 100644
index e140f4b..0000000
--- a/nfs4acl/create.test
+++ /dev/null
@@ -1,35 +0,0 @@
-$ mkdir d
-$ cd d
-
-$ whoami
-> root
-
-$ mkdir d1 d2 d3 d4
-$ nfs4acl --set 'daemon:wx::allow' d2
-$ nfs4acl --set 'daemon:ax::allow' d3
-$ nfs4acl --set 'daemon:wax::allow' d4
-
-$ su daemon
-
-Cannot create files or directories without permissions:
- $ touch d1/f
- > touch: cannot touch `d1/f': Permission denied
- $ mkdir d1/d
- > mkdir: cannot create directory `d1/d': Permission denied
-
-Can create files with add_file (w) permission:
- $ touch d2/f
- $ mkdir d2/d
- > mkdir: cannot create directory `d2/d': Permission denied
-
-Can create directories with add_subdirectory (p) permission:
- $ touch d3/f
- > touch: cannot touch `d3/f': Permission denied
- $ mkdir d3/d
-
-Both permissions at the same time:
- $ touch d4/f
- $ mkdir d4/d
-$ su
-$ cd ..
-$ rm -rf d
diff --git a/nfs4acl/ctime.test b/nfs4acl/ctime.test
deleted file mode 100644
index 614d79b..0000000
--- a/nfs4acl/ctime.test
+++ /dev/null
@@ -1,36 +0,0 @@
-$ mkdir d
-$ cd d
-
-$ whoami
-> root
-
-$ touch a b
-$ sleep 1
-
-Without write access, the ctime cannot be changed.
- $ su bin
- $ touch a
- > touch: cannot touch `a': Permission denied
-
-With write access, the ctime can be set to the current time, but not to
-any other time:
- $ su
- $ nfs4acl --set 'bin:rw::allow' a
-
- $ su bin
- $ touch a
- $ [ b -ot a ] || echo 'b should be older than a'
- $ touch -r b a
- > touch: setting times of `a': Operation not permitted
-
-With set_attributes access, the ctime can be set to an arbitrary time:
- $ su
- $ nfs4acl --set 'bin:rwt::allow' a
-
- $ su bin
- $ touch -r b a
- $ [ b -ot a -o a -ot b ] && echo 'a should be as old as b'
-
-$ su
-$ cd ..
-$ rm -rf d
diff --git a/nfs4acl/delete.test b/nfs4acl/delete.test
deleted file mode 100644
index 9c5f24f..0000000
--- a/nfs4acl/delete.test
+++ /dev/null
@@ -1,77 +0,0 @@
-$ mkdir d
-$ cd d
-
-$ whoami
-> root
-
-$ id -Gn daemon
-> daemon bin
-
-$ mkdir n1
-$ touch n1/f
-
-$ mkdir d2 d3 d4 d5 d6 d7
-$ touch d2/f d3/f d4/f d5/f d6/f d7/f d7/g
-$ chown daemon d2
-$ chgrp bin d3
-$ chmod g+w d3
-$ nfs4acl --set 'daemon:wx::allow' d4
-$ nfs4acl --set 'daemon:d::allow' d5
-$ nfs4acl --set 'daemon:xd::allow' d6
-$ nfs4acl --set 'daemon:D::allow' d7/f d7/g
-$ chmod 664 d7/g
-
-$ mkdir s2 s3 s4 s5 s6 s7
-$ chmod +t s2 s3 s4 s5 s6 s7
-$ touch s2/f s3/f s4/f s5/f s6/f s7/f s7/g
-$ chown daemon s2
-$ chgrp bin s3
-$ chmod g+w s3
-$ nfs4acl --set 'daemon:wx::allow' s4
-$ nfs4acl --set 'daemon:d::allow' s5
-$ nfs4acl --set 'daemon:xd::allow' s6
-$ nfs4acl --set 'daemon:D::allow' s7/f
-$ nfs4acl --set 'daemon:D::allow' s7/g s7/g
-$ chmod 664 s7/g
-
-$ su daemon
-
-Cannot delete files without permissions:
- $ rm n1/f
- > rm: cannot remove `n1/f': Permission denied
-
-Can delete files we own:
- $ rm d2/f s2/f
-
-Cannot delete files where we are in the owning group in a non-sticky directory,
-but not in a sticky one:
- $ rm d3/f s3/f
- > rm: cannot remove `s3/f': Operation not permitted
-
-"Write_data/execute" access does not include delete_child access, and so this
-is not enough for deleting:
- $ rm d4/f s4/f
- > rm: cannot remove `d4/f': Permission denied
- > rm: cannot remove `s4/f': Permission denied
-
-"Delete_child" access alone also is not sufficient:
- $ rm d5/f s5/f
- > rm: cannot remove `d5/f': Permission denied
- > rm: cannot remove `s5/f': Permission denied
-
-"Execute/delete_child" on the directory does allow that, though, but only in
-a non-sticky directory:
- $ rm d6/f s6/f
- > rm: cannot remove `s6/f': Operation not permitted
-
-"Delete" on the child itself overrides the sticky check as well:
- $ rm d7/f s7/f
-
-But Delete is not a subset of POSIX read/write, so chmod turns it off:
- $ rm d7/g s7/g
- > rm: cannot remove `d7/g': Permission denied
- > rm: cannot remove `s7/g': Permission denied
-
-$ su
-$ cd ..
-$ rm -rf d
diff --git a/nfs4acl/run b/nfs4acl/run
deleted file mode 100755
index 360739e..0000000
--- a/nfs4acl/run
+++ /dev/null
@@ -1,298 +0,0 @@
-#!/usr/bin/perl -w -U
-
-#
-# Possible improvements:
-#
-# - distinguish stdout and stderr output
-# - add environment variable like assignments
-# - run up to a specific line
-# - resume at a specific line
-#
-
-use strict;
-use FileHandle;
-use Getopt::Std;
-use POSIX qw(isatty setuid getcwd);
-use vars qw($opt_l $opt_v);
-
-no warnings qw(taint);
-
-$opt_l = ~0; # a really huge number
-getopts('l:v');
-
-my ($OK, $FAILED) = ("ok", "failed");
-if (isatty(fileno(STDOUT))) {
- $OK = "\033[32m" . $OK . "\033[m";
- $FAILED = "\033[31m\033[1m" . $FAILED . "\033[m";
-}
-
-sub exec_test($$);
-sub process_test($$$$);
-
-my ($prog, $in, $out) = ([], [], []);
-my $prog_line = 0;
-my ($tests, $failed) = (0,0);
-my $lineno;
-my $width = ($ENV{COLUMNS} || 80) >> 1;
-
-for (;;) {
- my $line = <>; $lineno++;
- if (defined $line) {
- # Substitute %VAR and %{VAR} with environment variables.
- $line =~ s[%(\w+)][$ENV{$1}]eg;
- $line =~ s[%{(\w+)}][$ENV{$1}]eg;
- }
- if (defined $line) {
- if ($line =~ s/^\s*< ?//) {
- push @$in, $line;
- } elsif ($line =~ s/^\s*> ?//) {
- push @$out, $line;
- } else {
- process_test($prog, $prog_line, $in, $out);
- last if $prog_line >= $opt_l;
-
- $prog = [];
- $prog_line = 0;
- }
- if ($line =~ s/^\s*\$ ?//) {
- $line =~ s/\s+#.*//; # remove comments here...
- $prog = [ map { s/\\(.)/$1/g; $_ } split /(?<!\\)\s+/, $line ];
- $prog_line = $lineno;
- $in = [];
- $out = [];
- }
- } else {
- process_test($prog, $prog_line, $in, $out);
- last;
- }
-}
-
-my $status = sprintf("%d commands (%d passed, %d failed)",
- $tests, $tests-$failed, $failed);
-if (isatty(fileno(STDOUT))) {
- if ($failed) {
- $status = "\033[31m\033[1m" . $status . "\033[m";
- } else {
- $status = "\033[32m" . $status . "\033[m";
- }
-}
-print $status, "\n";
-exit $failed ? 1 : 0;
-
-
-sub process_test($$$$) {
- my ($prog, $prog_line, $in, $out) = @_;
-
- return unless @$prog;
-
- my $p = [ @$prog ];
- print "[$prog_line] \$ ", join(' ',
- map { s/\s/\\$&/g; $_ } @$p), " -- ";
- my $result = exec_test($prog, $in);
- my @good = ();
- my $nmax = (@$out > @$result) ? @$out : @$result;
- for (my $n=0; $n < $nmax; $n++) {
- my $use_re;
- if (defined $out->[$n] && $out->[$n] =~ /^~ /) {
- $use_re = 1;
- $out->[$n] =~ s/^~ //g;
- }
-
- if (!defined($out->[$n]) || !defined($result->[$n]) ||
- (!$use_re && $result->[$n] ne $out->[$n]) ||
- ( $use_re && $result->[$n] !~ /^$out->[$n]/)) {
- push @good, ($use_re ? '!~' : '!=');
- }
- else {
- push @good, ($use_re ? '=~' : '==');
- }
- }
- my $good = !(grep /!/, @good);
- $tests++;
- $failed++ unless $good;
- print $good ? $OK : $FAILED, "\n";
- if (!$good || $opt_v) {
- for (my $n=0; $n < $nmax; $n++) {
- my $l = defined($out->[$n]) ? $out->[$n] : "~";
- chomp $l;
- my $r = defined($result->[$n]) ? $result->[$n] : "~";
- chomp $r;
- print sprintf("%-" . ($width-3) . "s %s %s\n",
- $r, $good[$n], $l);
- }
- }
-}
-
-
-sub su($) {
- my ($user) = @_;
-
- $user ||= "root";
-
- my ($login, $pass, $uid, $gid) = getpwnam($user)
- or return [ "su: user $user does not exist\n" ];
- my @groups = ();
- my $fh = new FileHandle("/etc/group")
- or return [ "opening /etc/group: $!\n" ];
- while (<$fh>) {
- chomp;
- my ($group, $passwd, $gid, $users) = split /:/;
- foreach my $u (split /,/, $users) {
- push @groups, $gid
- if ($user eq $u);
- }
- }
- $fh->close;
-
- my $groups = join(" ", ($gid, $gid, @groups));
- #print STDERR "[[$groups]]\n";
- $! = 0; # reset errno
- $> = 0;
- $( = $gid;
- $) = $groups;
- if ($!) {
- return [ "su: $!\n" ];
- }
- if ($uid != 0) {
- $> = $uid;
- #$< = $uid;
- if ($!) {
- return [ "su: $prog->[1]: $!\n" ];
- }
- }
- #print STDERR "[($>,$<)($(,$))]";
- return [];
-}
-
-
-sub sg($) {
- my ($group) = @_;
-
- my $gid = getgrnam($group)
- or return [ "sg: group $group does not exist\n" ];
- my %groups = map { $_ eq $gid ? () : ($_ => 1) } (split /\s/, $));
-
- #print STDERR "<<", join("/", keys %groups), ">>\n";
- my $groups = join(" ", ($gid, $gid, keys %groups));
- #print STDERR "[[$groups]]\n";
- $! = 0; # reset errno
- if ($> != 0) {
- my $uid = $>;
- $> = 0;
- $( = $gid;
- $) = $groups;
- $> = $uid;
- } else {
- $( = $gid;
- $) = $groups;
- }
- if ($!) {
- return [ "sg: $!\n" ];
- }
- print STDERR "[($>,$<)($(,$))]";
- return [];
-}
-
-
-sub exec_test($$) {
- my ($prog, $in) = @_;
- local (*IN, *IN_DUP, *IN2, *OUT_DUP, *OUT, *OUT2);
- my $needs_shell = (join('', @$prog) =~ /[][|<>"'`\$\*\?]/);
-
- if ($prog->[0] eq "umask") {
- umask oct $prog->[1];
- return [];
- } elsif ($prog->[0] eq "cd") {
- if (!chdir $prog->[1]) {
- return [ "chdir: $prog->[1]: $!\n" ];
- }
- $ENV{PWD} = getcwd;
- return [];
- } elsif ($prog->[0] eq "su") {
- return su($prog->[1]);
- } elsif ($prog->[0] eq "sg") {
- return sg($prog->[1]);
- } elsif ($prog->[0] eq "export") {
- my ($name, $value) = split /=/, $prog->[1];
- # FIXME: need to evaluate $value, so that things like this will work:
- # export dir=$PWD/dir
- $ENV{$name} = $value;
- return [];
- } elsif ($prog->[0] eq "unset") {
- delete $ENV{$prog->[1]};
- return [];
- }
-
- pipe *IN2, *OUT
- or die "Can't create pipe for reading: $!";
- open *IN_DUP, "<&STDIN"
- or *IN_DUP = undef;
- open *STDIN, "<&IN2"
- or die "Can't duplicate pipe for reading: $!";
- close *IN2;
-
- open *OUT_DUP, ">&STDOUT"
- or die "Can't duplicate STDOUT: $!";
- pipe *IN, *OUT2
- or die "Can't create pipe for writing: $!";
- open *STDOUT, ">&OUT2"
- or die "Can't duplicate pipe for writing: $!";
- close *OUT2;
-
- *STDOUT->autoflush();
- *OUT->autoflush();
-
- if (fork()) {
- # Server
- if (*IN_DUP) {
- open *STDIN, "<&IN_DUP"
- or die "Can't duplicate STDIN: $!";
- close *IN_DUP
- or die "Can't close STDIN duplicate: $!";
- }
- open *STDOUT, ">&OUT_DUP"
- or die "Can't duplicate STDOUT: $!";
- close *OUT_DUP
- or die "Can't close STDOUT duplicate: $!";
-
- foreach my $line (@$in) {
- #print "> $line";
- print OUT $line;
- }
- close *OUT
- or die "Can't close pipe for writing: $!";
-
- my $result = [];
- while (<IN>) {
- #print "< $_";
- if ($needs_shell) {
- s#^/bin/sh: line \d+: ##;
- }
- push @$result, $_;
- }
- return $result;
- } else {
- # Client
- $< = $>;
- close IN
- or die "Can't close read end for input pipe: $!";
- close OUT
- or die "Can't close write end for output pipe: $!";
- close OUT_DUP
- or die "Can't close STDOUT duplicate: $!";
- local *ERR_DUP;
- open ERR_DUP, ">&STDERR"
- or die "Can't duplicate STDERR: $!";
- open STDERR, ">&STDOUT"
- or die "Can't join STDOUT and STDERR: $!";
-
- if ($needs_shell) {
- exec ('/bin/sh', '-c', join(" ", @$prog));
- } else {
- exec @$prog;
- }
- print STDERR $prog->[0], ": $!\n";
- exit;
- }
-}
-
diff --git a/nfs4acl/unrepresentable.test b/nfs4acl/unrepresentable.test
deleted file mode 100644
index 17fe5d4..0000000
--- a/nfs4acl/unrepresentable.test
+++ /dev/null
@@ -1,20 +0,0 @@
-Test cases for (acl, masks) pairs that cannot be represented as
-pure ACLs
-
-$ rm -rf d
-$ mkdir d
-$ cd d
-
-$ touch x
-
-$ nfs4acl --set 'group@:rw::allow' x
-$ chmod 600 x
-$ ls -l x | cut -d ' ' -f 1
-> -rw-------
-$ nfs4acl --get x
-> x:
->
-$ rm -f x
-
-$ cd ..
-$ rm -rf d
diff --git a/nfs4acl/write-vs-append.test b/nfs4acl/write-vs-append.test
deleted file mode 100644
index f1f940a..0000000
--- a/nfs4acl/write-vs-append.test
+++ /dev/null
@@ -1,46 +0,0 @@
-$ mkdir d
-$ cd d
-
-$ whoami
-> root
-
-$ touch a b c d e f
-$ nfs4acl --set 'owner@:*::allow' a
-$ nfs4acl --set 'owner@:*::allow bin:w::allow' b
-$ nfs4acl --set 'owner@:*::allow bin:a::allow' c
-$ nfs4acl --set 'owner@:*::allow bin:wa::allow' d
-$ nfs4acl --set 'bin:a::deny owner@:*::allow bin:w::allow' e
-$ nfs4acl --set 'bin:w::deny owner@:*::allow bin:a::allow' f
-
-$ su bin
-$ echo a > a
-> /bin/sh: a: Permission denied
-$ echo b > b
-$ echo c > c
-> /bin/sh: c: Permission denied
-$ echo d > d
-$ echo e > e
-$ echo f > f
-> /bin/sh: f: Permission denied
-
-$ echo A >> a
-> /bin/sh: a: Permission denied
-$ echo B >> b
-> /bin/sh: b: Permission denied
-$ echo C >> c
-$ echo D >> d
-$ echo E >> e
-> /bin/sh: e: Permission denied
-$ echo F >> f
-
-$ su
-$ cat a b c d e f
-> b
-> C
-> d
-> D
-> e
-> F
-
-$ cd ..
-$ rm -rf d
diff --git a/tests/xfs/191 b/tests/xfs/191
deleted file mode 100755
index e9aef20..0000000
--- a/tests/xfs/191
+++ /dev/null
@@ -1,75 +0,0 @@
-#!/bin/bash
-# FS QA Test No. 191
-#
-# To call into the nfs4acl qa suite of Andreas Gruenbacher.
-#
-#-----------------------------------------------------------------------
-# Copyright (c) 2008 Silicon Graphics, Inc. All Rights Reserved.
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation.
-#
-# This program is distributed in the hope that it would be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write the Free Software Foundation,
-# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
-#
-#-----------------------------------------------------------------------
-#
-
-seq=`basename $0`
-seqres=$RESULT_DIR/$seq
-echo "QA output created by $seq"
-
-here=`pwd`
-tmp=/tmp/$$
-status=1 # failure is the default!
-trap "rm -f $tmp.*; exit \$status" 0 1 2 3 15
-
-# get standard environment, filters and checks
-. ./common/rc
-. ./common/filter
-
-# real QA test starts here
-
-# Modify as appropriate.
-_supported_fs xfs
-_supported_os Linux
-
-_require_scratch
-_scratch_mkfs_xfs -i nfs4acl 1>$tmp.mkfs 2>$seqres.full
-if [ $? -ne 0 ]
-then
- _notrun "no mkfs support for NFS v4 ACLs"
-fi
-
-_scratch_mount 2>/dev/null
-if [ $? -ne 0 ]
-then
- _notrun "no kernel mount support for NFS v4 ACLs"
-fi
-
-set_prog_path nfs4acl >>$seqres.full
-if [ $? -ne 0 ]
-then
- _notrun "no nfs4acl utility found"
-fi
-
-cd $SCRATCH_MNT
-for file in $here/nfs4acl/*.test
-do
- print_file=`echo $file | sed 's/.*nfs4acl/nfs4acl/'`
- echo ""
- echo "*** $print_file ***"
- echo ""
- $here/nfs4acl/run $file
-done
-
-# success, all done
-status=0
-exit
diff --git a/tests/xfs/191.out b/tests/xfs/191.out
deleted file mode 100644
index 7a37ec8..0000000
--- a/tests/xfs/191.out
+++ /dev/null
@@ -1,324 +0,0 @@
-QA output created by 191
-
-*** nfs4acl/apply-mask.test ***
-
-[1] $ rm -rf d -- ok
-[2] $ mkdir d -- ok
-[3] $ cd d -- ok
-[5] $ touch x -- ok
-[7] $ nfs4acl --set 'owner@:rw::allow group@:rw::allow everyone@:r::allow' x -- ok
-[8] $ nfs4acl --get x -- ok
-[15] $ nfs4acl --set 'everyone@:w::allow owner@:r::allow group@:r::allow' x -- ok
-[16] $ chmod 664 x -- ok
-[17] $ nfs4acl --get x -- ok
-[23] $ nfs4acl --set 'everyone@:w::deny owner@:rw::allow group@:rw::allow' x -- ok
-[24] $ chmod 664 x -- ok
-[25] $ nfs4acl --get x -- ok
-[31] $ nfs4acl --set 'owner@:rwmo::allow' x -- ok
-[32] $ nfs4acl --get x -- ok
-[37] $ chmod 644 x -- ok
-[38] $ nfs4acl --get x -- ok
-[43] $ nfs4acl --set 'root:rw::allow' x -- ok
-[44] $ chmod 664 x -- ok
-[45] $ nfs4acl --get x -- ok
-[50] $ chmod 644 x -- ok
-[51] $ nfs4acl --get x -- ok
-[56] $ chmod 664 x -- ok
-[57] $ nfs4acl --get x -- ok
-[62] $ nfs4acl --set 'root:rw::allow everyone@:r::allow' x -- ok
-[63] $ chmod 664 x -- ok
-[64] $ nfs4acl --get x -- ok
-[70] $ nfs4acl --set 'root:r::allow everyone@:rw::allow' x -- ok
-[71] $ chmod 664 x -- ok
-[72] $ nfs4acl --get x -- ok
-[80] $ nfs4acl --set 'root:w::deny everyone@:rw::allow' x -- ok
-[81] $ chmod 664 x -- ok
-[82] $ nfs4acl --get x -- ok
-[91] $ nfs4acl --set 'root:rw::allow root:w::deny everyone@:rw::allow' x -- ok
-[92] $ chmod 664 x -- ok
-[93] $ nfs4acl --get x -- ok
-[102] $ nfs4acl --set 'everyone@:rw::allow' x -- ok
-[103] $ chmod 066 x -- ok
-[104] $ nfs4acl --get x -- ok
-[110] $ chmod 006 x -- ok
-[111] $ nfs4acl --get x -- ok
-[118] $ chmod 606 x -- ok
-[119] $ nfs4acl --get x -- ok
-[125] $ nfs4acl --set 'root:rw::allow everyone@:rw::allow' x -- ok
-[126] $ chmod 606 x -- ok
-[127] $ nfs4acl --get x -- ok
-[133] $ chmod 646 x -- ok
-[134] $ nfs4acl --get x -- ok
-[142] $ cd .. -- ok
-[143] $ rm -rf d -- ok
-49 commands (49 passed, 0 failed)
-
-*** nfs4acl/basic.test ***
-
-[1] $ rm -rf d -- ok
-[2] $ mkdir d -- ok
-[3] $ cd d -- ok
-[5] $ chown bin . -- ok
-[6] $ su bin -- ok
-[8] $ touch x -- ok
-[9] $ nfs4acl --set 'everyone@:rw::allow' x -- ok
-[10] $ ls -l x | cut -d ' ' -f 1 -- ok
-[13] $ nfs4acl --get x -- ok
-[18] $ chmod 664 x -- ok
-[19] $ ls -l x | cut -d ' ' -f 1 -- ok
-[22] $ nfs4acl --get x -- ok
-[29] $ mkdir sub -- ok
-[30] $ nfs4acl --set 'everyone@:rwax:fd:allow' sub -- ok
-[31] $ ls -dl sub | cut -d ' ' -f 1 -- ok
-[34] $ nfs4acl --get sub -- ok
-[39] $ chmod 775 sub -- ok
-[40] $ ls -dl sub | cut -d ' ' -f 1 -- ok
-[42] $ nfs4acl --get sub -- ok
-[50] $ touch sub/f -- ok
-[51] $ ls -l sub/f | cut -d ' ' -f 1 -- ok
-[54] $ nfs4acl --get sub/f -- ok
-[59] $ mkdir sub/sub2 -- ok
-[60] $ ls -dl sub/sub2 | cut -d ' ' -f 1 -- ok
-[63] $ nfs4acl --get sub/sub2 -- ok
-[68] $ su -- ok
-[69] $ cd .. -- ok
-[70] $ rm -rf d -- ok
-28 commands (28 passed, 0 failed)
-
-*** nfs4acl/chmod.test ***
-
-[1] $ mkdir d -- ok
-[2] $ cd d -- ok
-[4] $ whoami -- ok
-[7] $ touch a -- ok
-[10] $ su bin -- ok
-[11] $ chmod 666 a -- ok
-[13] $ nfs4acl --set 'bin:rwM::allow' a -- ok
-[16] $ su -- ok
-[17] $ nfs4acl --set 'bin:rwm::allow' a -- ok
-[20] $ su bin -- ok
-[21] $ nfs4acl --set 'bin:rwm::allow' a -- ok
-[25] $ chmod 666 a -- ok
-[26] $ nfs4acl --set 'bin:rwm::allow' a -- ok
-[29] $ su -- ok
-[30] $ cd .. -- ok
-[31] $ rm -rf d -- ok
-16 commands (16 passed, 0 failed)
-
-*** nfs4acl/chown.test ***
-
-[1] $ mkdir d -- ok
-[2] $ cd d -- ok
-[4] $ whoami -- ok
-[7] $ id -Gn daemon -- ok
-[10] $ touch a -- ok
-[13] $ su daemon -- ok
-[14] $ chown daemon a -- ok
-[16] $ chgrp daemon a -- ok
-[18] $ nfs4acl --set 'daemon:rwo::allow' a -- ok
-[23] $ su -- ok
-[24] $ nfs4acl --set 'daemon:rwo::allow' a -- ok
-[27] $ su daemon -- ok
-[28] $ chown root a -- ok
-[30] $ chgrp root a -- ok
-[35] $ su -- ok
-[36] $ ls -l a | cut -d ' ' -f1 -- ok
-[38] $ chmod 660 a -- ok
-[42] $ su daemon -- ok
-[43] $ chown daemon a -- ok
-[45] $ chgrp daemon a -- ok
-[47] $ chgrp bin a -- ok
-[51] $ su -- ok
-[52] $ nfs4acl --set 'daemon:rwo::allow' a -- ok
-[56] $ su daemon -- ok
-[57] $ chgrp daemon a -- ok
-[58] $ chgrp bin a -- ok
-[59] $ chown daemon a -- ok
-[61] $ su -- ok
-[62] $ cd .. -- ok
-[63] $ rm -rf d -- ok
-30 commands (30 passed, 0 failed)
-
-*** nfs4acl/computed-mode.test ***
-
-[1] $ rm -rf d -- ok
-[2] $ mkdir d -- ok
-[3] $ cd d -- ok
-[5] $ mkdir e -- ok
-[7] $ nfs4acl --set 'owner@:rwx:f:allow' e -- ok
-[8] $ touch e/f -- ok
-[9] $ ls -l e/f | cut -d ' ' -f 1 -- ok
-[11] $ rm e/f -- ok
-[13] $ nfs4acl --set 'group@:rwx:f:allow' e -- ok
-[14] $ touch e/f -- ok
-[15] $ ls -l e/f | cut -d ' ' -f 1 -- ok
-[17] $ rm e/f -- ok
-[19] $ nfs4acl --set 'everyone@:rwx:f:allow' e -- ok
-[20] $ touch e/f -- ok
-[21] $ ls -l e/f | cut -d ' ' -f 1 -- ok
-[23] $ rm e/f -- ok
-[25] $ nfs4acl --set 'owner@:rwx:f:allow root:rx:f:deny root:rx:f:allow' e -- ok
-[26] $ touch e/f -- ok
-[27] $ ls -l e/f | cut -d ' ' -f 1 -- ok
-[29] $ rm e/f -- ok
-[31] $ nfs4acl --set 'owner@:rwx::allow everyone@:w:fi:deny everyone@:rwx:fi:allow' e -- ok
-[32] $ touch e/f -- ok
-[33] $ ls -l e/f | cut -d ' ' -f 1 -- ok
-[35] $ rm e/f -- ok
-[37] $ nfs4acl --set 'owner@:rwx::allow root:rx:fi:deny root:rx:fi:allow' e -- ok
-[38] $ touch e/f -- ok
-[39] $ ls -l e/f | cut -d ' ' -f 1 -- ok
-[41] $ rm e/f -- ok
-[43] $ nfs4acl --set 'owner@:rx:fi:allow group@:rwx:fi:deny everyone@:rwx:f:allow' e -- ok
-[44] $ touch e/f -- ok
-[45] $ ls -l e/f | cut -d ' ' -f 1 -- ok
-[47] $ rm e/f -- ok
-[49] $ nfs4acl --set 'owner@:rx:fi:allow root:rwx:fi:deny everyone@:rwx:f:allow' e -- ok
-[50] $ touch e/f -- ok
-[51] $ ls -l e/f | cut -d ' ' -f 1 -- ok
-[53] $ rm e/f -- ok
-[55] $ nfs4acl --set 'everyone@:w:fi:deny root:rx:fi:allow everyone@:rwx:f:allow' e -- ok
-[56] $ touch e/f -- ok
-[57] $ ls -l e/f | cut -d ' ' -f 1 -- ok
-[59] $ rm e/f -- ok
-[61] $ cd .. -- ok
-[62] $ rm -rf d -- ok
-42 commands (42 passed, 0 failed)
-
-*** nfs4acl/create.test ***
-
-[1] $ mkdir d -- ok
-[2] $ cd d -- ok
-[4] $ whoami -- ok
-[7] $ mkdir d1 d2 d3 d4 -- ok
-[8] $ nfs4acl --set 'daemon:wx::allow' d2 -- ok
-[9] $ nfs4acl --set 'daemon:ax::allow' d3 -- ok
-[10] $ nfs4acl --set 'daemon:wax::allow' d4 -- ok
-[12] $ su daemon -- ok
-[15] $ touch d1/f -- ok
-[17] $ mkdir d1/d -- ok
-[21] $ touch d2/f -- ok
-[22] $ mkdir d2/d -- ok
-[26] $ touch d3/f -- ok
-[28] $ mkdir d3/d -- ok
-[31] $ touch d4/f -- ok
-[32] $ mkdir d4/d -- ok
-[33] $ su -- ok
-[34] $ cd .. -- ok
-[35] $ rm -rf d -- ok
-19 commands (19 passed, 0 failed)
-
-*** nfs4acl/ctime.test ***
-
-[1] $ mkdir d -- ok
-[2] $ cd d -- ok
-[4] $ whoami -- ok
-[7] $ touch a b -- ok
-[8] $ sleep 1 -- ok
-[11] $ su bin -- ok
-[12] $ touch a -- ok
-[17] $ su -- ok
-[18] $ nfs4acl --set 'bin:rw::allow' a -- ok
-[20] $ su bin -- ok
-[21] $ touch a -- ok
-[22] $ [ b -ot a ] || echo 'b should be older than a' -- ok
-[23] $ touch -r b a -- ok
-[27] $ su -- ok
-[28] $ nfs4acl --set 'bin:rwt::allow' a -- ok
-[30] $ su bin -- ok
-[31] $ touch -r b a -- ok
-[32] $ [ b -ot a -o a -ot b ] && echo 'a should be as old as b' -- ok
-[34] $ su -- ok
-[35] $ cd .. -- ok
-[36] $ rm -rf d -- ok
-21 commands (21 passed, 0 failed)
-
-*** nfs4acl/delete.test ***
-
-[1] $ mkdir d -- ok
-[2] $ cd d -- ok
-[4] $ whoami -- ok
-[7] $ id -Gn daemon -- ok
-[10] $ mkdir n1 -- ok
-[11] $ touch n1/f -- ok
-[13] $ mkdir d2 d3 d4 d5 d6 d7 -- ok
-[14] $ touch d2/f d3/f d4/f d5/f d6/f d7/f d7/g -- ok
-[15] $ chown daemon d2 -- ok
-[16] $ chgrp bin d3 -- ok
-[17] $ chmod g+w d3 -- ok
-[18] $ nfs4acl --set 'daemon:wx::allow' d4 -- ok
-[19] $ nfs4acl --set 'daemon:d::allow' d5 -- ok
-[20] $ nfs4acl --set 'daemon:xd::allow' d6 -- ok
-[21] $ nfs4acl --set 'daemon:D::allow' d7/f d7/g -- ok
-[22] $ chmod 664 d7/g -- ok
-[24] $ mkdir s2 s3 s4 s5 s6 s7 -- ok
-[25] $ chmod +t s2 s3 s4 s5 s6 s7 -- ok
-[26] $ touch s2/f s3/f s4/f s5/f s6/f s7/f s7/g -- ok
-[27] $ chown daemon s2 -- ok
-[28] $ chgrp bin s3 -- ok
-[29] $ chmod g+w s3 -- ok
-[30] $ nfs4acl --set 'daemon:wx::allow' s4 -- ok
-[31] $ nfs4acl --set 'daemon:d::allow' s5 -- ok
-[32] $ nfs4acl --set 'daemon:xd::allow' s6 -- ok
-[33] $ nfs4acl --set 'daemon:D::allow' s7/f -- ok
-[34] $ nfs4acl --set 'daemon:D::allow' s7/g s7/g -- ok
-[35] $ chmod 664 s7/g -- ok
-[37] $ su daemon -- ok
-[40] $ rm n1/f -- ok
-[44] $ rm d2/f s2/f -- ok
-[48] $ rm d3/f s3/f -- ok
-[53] $ rm d4/f s4/f -- ok
-[58] $ rm d5/f s5/f -- ok
-[64] $ rm d6/f s6/f -- ok
-[68] $ rm d7/f s7/f -- ok
-[71] $ rm d7/g s7/g -- ok
-[75] $ su -- ok
-[76] $ cd .. -- ok
-[77] $ rm -rf d -- ok
-40 commands (40 passed, 0 failed)
-
-*** nfs4acl/unrepresentable.test ***
-
-[4] $ rm -rf d -- ok
-[5] $ mkdir d -- ok
-[6] $ cd d -- ok
-[8] $ touch x -- ok
-[10] $ nfs4acl --set 'group@:rw::allow' x -- ok
-[11] $ chmod 600 x -- ok
-[12] $ ls -l x | cut -d ' ' -f 1 -- ok
-[14] $ nfs4acl --get x -- ok
-[17] $ rm -f x -- ok
-[19] $ cd .. -- ok
-[20] $ rm -rf d -- ok
-11 commands (11 passed, 0 failed)
-
-*** nfs4acl/write-vs-append.test ***
-
-[1] $ mkdir d -- ok
-[2] $ cd d -- ok
-[4] $ whoami -- ok
-[7] $ touch a b c d e f -- ok
-[8] $ nfs4acl --set 'owner@:*::allow' a -- ok
-[9] $ nfs4acl --set 'owner@:*::allow bin:w::allow' b -- ok
-[10] $ nfs4acl --set 'owner@:*::allow bin:a::allow' c -- ok
-[11] $ nfs4acl --set 'owner@:*::allow bin:wa::allow' d -- ok
-[12] $ nfs4acl --set 'bin:a::deny owner@:*::allow bin:w::allow' e -- ok
-[13] $ nfs4acl --set 'bin:w::deny owner@:*::allow bin:a::allow' f -- ok
-[15] $ su bin -- ok
-[16] $ echo a > a -- ok
-[18] $ echo b > b -- ok
-[19] $ echo c > c -- ok
-[21] $ echo d > d -- ok
-[22] $ echo e > e -- ok
-[23] $ echo f > f -- ok
-[26] $ echo A >> a -- ok
-[28] $ echo B >> b -- ok
-[30] $ echo C >> c -- ok
-[31] $ echo D >> d -- ok
-[32] $ echo E >> e -- ok
-[34] $ echo F >> f -- ok
-[36] $ su -- ok
-[37] $ cat a b c d e f -- ok
-[45] $ cd .. -- ok
-[46] $ rm -rf d -- ok
-27 commands (27 passed, 0 failed)
diff --git a/tests/xfs/group b/tests/xfs/group
index e0c4553..2bc2db4 100644
--- a/tests/xfs/group
+++ b/tests/xfs/group
@@ -188,7 +188,6 @@
188 ci dir auto
189 mount auto quick
190 rw auto quick
-191 nfs4acl auto
192 auto quick clone
193 auto quick clone
194 rw auto
--
2.5.0
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [XFSTESTS v4 4/4] Add richacl tests
2016-03-09 12:06 [XFSTESTS v4 0/4] Richacl tests Andreas Gruenbacher
` (2 preceding siblings ...)
2016-03-09 12:06 ` [XFSTESTS v4 3/4] xfs/191: Remove obsolete nfs4acl tests Andreas Gruenbacher
@ 2016-03-09 12:06 ` Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 4/4] generic/338: " Andreas Gruenbacher
2016-03-14 22:24 ` [XFSTESTS v4 0/4] Richacl tests Dave Chinner
5 siblings, 0 replies; 10+ messages in thread
From: Andreas Gruenbacher @ 2016-03-09 12:06 UTC (permalink / raw)
To: xfs; +Cc: Andreas Gruenbacher
Add the Rich Access Control List tests from the richacl package. The
tests requires SCRATCH_DEV and SCRATCH_MNT to be set. They try to
create and mount a scratch filesystem with richacl support; if that
fails, the tests will be skipped.
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
Makefile | 2 +-
common/rc | 36 +++++++
richacl/Makefile | 23 +++++
richacl/apply-masks | 163 ++++++++++++++++++++++++++++++
richacl/auto-inheritance | 191 ++++++++++++++++++++++++++++++++++++
richacl/basic | 97 ++++++++++++++++++
richacl/chmod | 40 ++++++++
richacl/chown | 42 ++++++++
richacl/create | 36 +++++++
richacl/ctime | 35 +++++++
richacl/delete | 89 +++++++++++++++++
richacl/setrichacl-modify | 57 +++++++++++
richacl/test-lib.sh | 154 +++++++++++++++++++++++++++++
richacl/write-vs-append | 54 ++++++++++
tests/generic/338 | 67 +++++++++++++
tests/generic/339-apply-masks | 1 +
tests/generic/340-auto-inheritance | 1 +
tests/generic/341-basic | 1 +
tests/generic/342-chmod | 1 +
tests/generic/343-chown | 1 +
tests/generic/344-create | 1 +
tests/generic/345-ctime | 1 +
tests/generic/346-delete | 1 +
tests/generic/347-setrichacl-modify | 1 +
tests/generic/348-write-vs-append | 1 +
tests/generic/group | 10 ++
26 files changed, 1105 insertions(+), 1 deletion(-)
create mode 100644 richacl/Makefile
create mode 100755 richacl/apply-masks
create mode 100755 richacl/auto-inheritance
create mode 100755 richacl/basic
create mode 100755 richacl/chmod
create mode 100755 richacl/chown
create mode 100755 richacl/create
create mode 100755 richacl/ctime
create mode 100755 richacl/delete
create mode 100755 richacl/setrichacl-modify
create mode 100644 richacl/test-lib.sh
create mode 100755 richacl/write-vs-append
create mode 100755 tests/generic/338
create mode 120000 tests/generic/339-apply-masks
create mode 120000 tests/generic/340-auto-inheritance
create mode 120000 tests/generic/341-basic
create mode 120000 tests/generic/342-chmod
create mode 120000 tests/generic/343-chown
create mode 120000 tests/generic/344-create
create mode 120000 tests/generic/345-ctime
create mode 120000 tests/generic/346-delete
create mode 120000 tests/generic/347-setrichacl-modify
create mode 120000 tests/generic/348-write-vs-append
diff --git a/Makefile b/Makefile
index 30d8747..3eec26f 100644
--- a/Makefile
+++ b/Makefile
@@ -57,7 +57,7 @@ TOOL_SUBDIRS += dmapi
endif
export TESTS_DIR = tests
-SUBDIRS = $(LIB_SUBDIRS) $(TOOL_SUBDIRS) $(TESTS_DIR)
+SUBDIRS = $(LIB_SUBDIRS) $(TOOL_SUBDIRS) $(TESTS_DIR) richacl
default: include/builddefs $(DMAPI_MAKEFILE)
ifeq ($(HAVE_BUILDDEFS), no)
diff --git a/common/rc b/common/rc
index 16f5a43..155e8b2 100644
--- a/common/rc
+++ b/common/rc
@@ -1908,6 +1908,42 @@ _require_xfs_db_command()
_notrun "xfs_db $command support is missing"
}
+_setup_scratch_richacl_xfs()
+{
+ _scratch_mkfs_xfs_supported -m richacl=1 >/dev/null 2>&1 \
+ || _notrun "mkfs.xfs doesn't have richacl feature"
+
+ _scratch_mkfs_xfs -m richacl=1 >/dev/null 2>&1
+ _scratch_mount >/dev/null 2>&1 \
+ || _notrun "kernel doesn't support richacl feature"
+}
+
+__setup_scratch_richacl()
+{
+ _scratch_mkfs -O richacl >/dev/null 2>&1 \
+ || _notrun "can't mkfs $FSTYP with option -O richacl"
+ _scratch_mount >/dev/null 2>&1 \
+ || _notrun "kernel doesn't support richacl feature on $FSTYP"
+}
+
+_setup_scratch_richacl()
+{
+ GETRICHACL_PROG=`set_prog_path getrichacl`
+ _require_command "$GETRICHACL_PROG" getrichacl
+ SETRICHACL_PROG=`set_prog_path setrichacl`
+ _require_command "$SETRICHACL_PROG" setrichacl
+
+ _require_scratch
+ case "$FSTYP" in
+ xfs) _setup_scratch_richacl_xfs
+ ;;
+ ext4) __setup_scratch_richacl
+ ;;
+ *) _notrun "this test requires richacl support on \$SCRATCH_DEV"
+ ;;
+ esac
+}
+
# check that kernel and filesystem support direct I/O
_require_odirect()
{
diff --git a/richacl/Makefile b/richacl/Makefile
new file mode 100644
index 0000000..6c25d18
--- /dev/null
+++ b/richacl/Makefile
@@ -0,0 +1,23 @@
+#
+# Copyright (C) 2016 Red Hat, Inc.
+#
+
+TESTS = apply-masks basic chmod chown create delete setrichacl-modify \
+ write-vs-append ctime auto-inheritance
+
+LSRCFILES = test-lib.sh $(TESTS)
+
+TOPDIR = ..
+include $(TOPDIR)/include/builddefs
+
+TARGET_DIR = $(PKG_LIB_DIR)/richacl
+
+include $(BUILDRULES)
+
+install:
+ $(INSTALL) -m 755 -d $(TARGET_DIR)
+ $(INSTALL) -m 755 $(TESTS) $(TARGET_DIR)
+ $(INSTALL) -m 644 test-lib.sh $(TARGET_DIR)
+
+# Nothing.
+install-dev install-lib:
diff --git a/richacl/apply-masks b/richacl/apply-masks
new file mode 100755
index 0000000..8d3493d
--- /dev/null
+++ b/richacl/apply-masks
@@ -0,0 +1,163 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_richacls
+use_testdir
+
+ncheck "touch x"
+ncheck "setrichacl --set 'owner@:rwp::allow group@:rwp::allow everyone@:r::allow' x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'everyone@:wp::allow owner@:r::allow group@:r::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'everyone@:wp::deny owner@:rwp::allow group@:rwp::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'owner@:rwCo::allow' x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rw-------Co--::allow
+EOF
+
+ncheck "setrichacl --set 'owner@:rwpCo::allow' x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+EOF
+
+ncheck "chmod 644 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:rwp::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:rwp----------::allow
+ group@:r------------::deny
+ everyone@:r------------::allow
+EOF
+
+ncheck "chmod 644 x"
+check "getrichacl --numeric-ids x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:r------------::allow
+ group@:r------------::deny
+ everyone@:r------------::allow
+EOF
+
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:rwp----------::allow
+ group@:r------------::deny
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:rwp::allow everyone@:r::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:r::allow everyone@:rwp::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ user:77:rwp----------::allow
+ owner@:rwp----------::allow
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:wp::deny everyone@:rwp::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:-wp----------::deny
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:rwp::allow u:77:wp::deny everyone@:rwp::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:rwp----------::allow
+ user:77:-wp----------::deny
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'everyone@:rwp::allow' x"
+ncheck "chmod 066 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::deny
+ everyone@:rwp----------::allow
+EOF
+
+ncheck "chmod 006 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::deny
+ group@:rwp----------::deny
+ everyone@:rwp----------::allow
+EOF
+
+ncheck "chmod 606 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::deny
+ everyone@:rwp----------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:rwp::allow everyone@:rwp::allow' x"
+ncheck "chmod 606 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::deny
+ everyone@:rwp----------::allow
+EOF
+
+ncheck "chmod 646 x"
+check "getrichacl x" <<EOF
+x:
+ user:77:r------------::allow
+ owner@:rwp----------::allow
+ group@:-wp----------::deny
+ user:77:-wp----------::deny
+ everyone@:rwp----------::allow
+EOF
diff --git a/richacl/auto-inheritance b/richacl/auto-inheritance
new file mode 100755
index 0000000..4642125
--- /dev/null
+++ b/richacl/auto-inheritance
@@ -0,0 +1,191 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_richacls
+use_testdir
+
+umask 022
+
+ncheck "mkdir d1"
+ncheck "setrichacl --modify u:101:rw:fd:deny d1"
+ncheck "setrichacl --modify u:102:rw:f:deny d1"
+ncheck "setrichacl --modify u:103:rw:d:deny d1"
+ncheck "setrichacl --modify g:101:rw:fdi:deny d1"
+
+ncheck "setrichacl --modify flags:a d1"
+
+check "getrichacl --numeric --raw d1" <<EOF
+d1:
+ flags:a
+ owner:rwpxd-----------::mask
+ group:r--x------------::mask
+ other:r--x------------::mask
+ user:101:rw--------------:fd:deny
+ user:102:rw--------------:f:deny
+ user:103:rw--------------:d:deny
+ group:101:rw--------------:fdi:deny
+ owner@:rwpxd-----------::allow
+ everyone@:r--x------------::allow
+EOF
+
+ncheck "mkdir d1/d2"
+ncheck "touch d1/d3"
+
+# Mode bits derived from inherited ACEs
+check "getrichacl --numeric --raw d1/d2" <<EOF
+d1/d2:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:fda:deny
+ user:102:rw--------------:fia:deny
+ user:103:rw--------------:da:deny
+ group:101:rw--------------:fda:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d3" <<EOF
+d1/d3:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:a:deny
+ user:102:rw--------------:a:deny
+ group:101:rw--------------:a:deny
+EOF
+
+ncheck "mkdir d1/d2/d4"
+ncheck "touch d1/d2/d4/d5"
+
+# Protected files
+ncheck "mkdir d1/d6"
+ncheck "touch d1/d7"
+
+check "getrichacl --numeric --raw d1/d2/d4" <<EOF
+d1/d2/d4:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:fda:deny
+ user:102:rw--------------:fia:deny
+ user:103:rw--------------:da:deny
+ group:101:rw--------------:fda:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d2/d4/d5" <<EOF
+d1/d2/d4/d5:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:a:deny
+ user:102:rw--------------:a:deny
+ group:101:rw--------------:a:deny
+EOF
+
+# Clear protected flag from all the ACLs
+ncheck "setrichacl --modify flags:a d1/d2"
+ncheck "setrichacl --modify flags:a d1/d3"
+ncheck "setrichacl --modify flags:a d1/d2/d4"
+ncheck "setrichacl --modify flags:a d1/d2/d4/d5"
+
+ncheck "getrichacl --numeric d1 | sed -e 's/:fd:deny/:fd:allow/' > acl.txt"
+check "cat acl.txt" <<EOF
+d1:
+ flags:a
+ user:101:rw-----------:fd:allow
+ user:102:rw-----------:f:deny
+ user:103:rw-----------:d:deny
+ group:101:rw-----------:fdi:deny
+ owner@:rwpxd--------::allow
+ everyone@:r--x---------::allow
+EOF
+
+ncheck "setrichacl --set-file acl.txt d1"
+
+check "getrichacl --numeric --raw d1" <<EOF
+d1:
+ flags:a
+ owner:rwpxd-----------::mask
+ group:rw-x------------::mask
+ other:r--x------------::mask
+ user:101:rw--------------:fd:allow
+ user:102:rw--------------:f:deny
+ user:103:rw--------------:d:deny
+ group:101:rw--------------:fdi:deny
+ owner@:rwpxd-----------::allow
+ everyone@:r--x------------::allow
+EOF
+
+check "getrichacl --numeric --raw d1/d2" <<EOF
+d1/d2:
+ flags:a
+ owner:rw--------------::mask
+ group:rw--------------::mask
+ other:----------------::mask
+ user:101:rw--------------:fda:allow
+ user:102:rw--------------:fia:deny
+ user:103:rw--------------:da:deny
+ group:101:rw--------------:fda:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d3" <<EOF
+d1/d3:
+ flags:a
+ owner:rw--------------::mask
+ group:rw--------------::mask
+ other:----------------::mask
+ user:101:rw--------------:a:allow
+ user:102:rw--------------:a:deny
+ group:101:rw--------------:a:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d2/d4" <<EOF
+d1/d2/d4:
+ flags:a
+ owner:rw--------------::mask
+ group:rw--------------::mask
+ other:----------------::mask
+ user:101:rw--------------:fda:allow
+ user:102:rw--------------:fia:deny
+ user:103:rw--------------:da:deny
+ group:101:rw--------------:fda:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d2/d4/d5" <<EOF
+d1/d2/d4/d5:
+ flags:a
+ owner:rw--------------::mask
+ group:rw--------------::mask
+ other:----------------::mask
+ user:101:rw--------------:a:allow
+ user:102:rw--------------:a:deny
+ group:101:rw--------------:a:deny
+EOF
+
+# No automatic inheritance for protected files
+check "getrichacl --numeric --raw d1/d6" <<EOF
+d1/d6:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:fda:deny
+ user:102:rw--------------:fia:deny
+ user:103:rw--------------:da:deny
+ group:101:rw--------------:fda:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d7" <<EOF
+d1/d7:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:a:deny
+ user:102:rw--------------:a:deny
+ group:101:rw--------------:a:deny
+EOF
diff --git a/richacl/basic b/richacl/basic
new file mode 100755
index 0000000..88e378b
--- /dev/null
+++ b/richacl/basic
@@ -0,0 +1,97 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_richacls
+require_getfattr
+use_testdir
+
+umask 022
+
+ncheck "touch x"
+ncheck "setrichacl --set 'everyone@:rwp::allow' x"
+check "ls -l x | sed -e 's/[. ].*//'" <<EOF
+-rw-rw-rw-
+EOF
+
+check "getrichacl x" <<EOF
+x:
+ everyone@:rwp----------::allow
+EOF
+
+ncheck 'chmod 664 x'
+check "ls -l x | sed -e 's/[. ].*//'" <<EOF
+-rw-rw-r--
+EOF
+
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+# Note that unlike how the test cases look at first sight, we do *not* require
+# a richacl-enabled version of ls here ...
+
+ncheck "mkdir sub"
+ncheck "setrichacl --set 'everyone@:rwpxd:fd:allow' sub"
+check "ls -dl sub | sed -e 's/[.+ ].*/+/'" <<EOF
+drwxrwxrwx+
+EOF
+
+#check 'getfattr sub | grep -e system\.richacl' <<EOF
+check 'getfattr -m system\.richacl sub' <<EOF
+# file: sub
+system.richacl
+EOF
+
+ncheck "chmod 775 sub"
+check "ls -dl sub | sed -e 's/[.+ ].*/+/'" <<EOF
+drwxrwxr-x+
+EOF
+
+check 'getfattr -m system\.richacl sub' <<EOF
+# file: sub
+system.richacl
+EOF
+
+check "getrichacl sub" <<EOF
+sub:
+ owner@:rwpxd--------::allow
+ group@:rwpxd--------::allow
+ everyone@:rwpxd--------:fdi:allow
+ everyone@:r--x---------::allow
+EOF
+
+ncheck "touch sub/f"
+check "ls -l sub/f | sed -e 's/[. ].*//'" <<EOF
+-rw-rw-rw-
+EOF
+
+check "getrichacl sub/f" <<EOF
+sub/f:
+ everyone@:rwp----------::allow
+EOF
+
+ncheck "mkdir sub/sub2"
+check "ls -dl sub/sub2 | sed -e 's/[.+ ].*/+/'" <<EOF
+drwxrwxrwx+
+EOF
+
+check "getrichacl sub/sub2" <<EOF
+sub/sub2:
+ everyone@:rwpxd--------:fd:allow
+EOF
+
+ncheck "mkdir -m 750 sub/sub3"
+check "ls -dl sub/sub3 | sed -e 's/[.+ ].*/+/'" <<EOF
+drwxr-x---+
+EOF
+
+check "getrichacl sub/sub3" <<EOF
+sub/sub3:
+ owner@:rwpxd--------::allow
+ group@:r--x---------::allow
+ everyone@:rwpxd--------:fdi:allow
+EOF
diff --git a/richacl/chmod b/richacl/chmod
new file mode 100755
index 0000000..0020f36
--- /dev/null
+++ b/richacl/chmod
@@ -0,0 +1,40 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+export LC_ALL=C
+
+# Create file as root
+ncheck "touch a"
+
+# We cannot set the acl as another user
+runas -u 99 -g 99
+check "setrichacl --set 'u:99:rwc::allow' a || echo status: \$?" <<EOF
+a: Operation not permitted
+status: 1
+EOF
+
+# We cannot chmod as another user
+check "chmod 666 a || echo status: \$?" <<EOF
+chmod: changing permissions of 'a': Operation not permitted
+status: 1
+EOF
+
+# Give user 99 the write_acl permission
+runas
+ncheck "setrichacl --set 'u:99:rwpC::allow' a"
+
+# Now user 99 can setrichacl and chmod ...
+runas -u 99 -g 99
+ncheck "setrichacl --set 'u:99:rwpC::allow' a"
+ncheck "chmod 666 a"
+
+# ... but chmod disables the write_acl permission
+check "setrichacl --set 'u:99:rwpC::allow' a || echo status: \$?" <<EOF
+a: Operation not permitted
+status: 1
+EOF
diff --git a/richacl/chown b/richacl/chown
new file mode 100755
index 0000000..b8ae1d3
--- /dev/null
+++ b/richacl/chown
@@ -0,0 +1,42 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+export LC_ALL=C
+
+# Create file as root
+ncheck "touch a"
+
+# Chown and chgrp with no take ownership permission fails
+runas -u 99 -g 99
+check "chown 99 a || echo status: \$?" <<EOF
+chown: changing ownership of 'a': Operation not permitted
+status: 1
+EOF
+check "chgrp 99 a || echo status: \$?" <<EOF
+chgrp: changing group of 'a': Operation not permitted
+status: 1
+EOF
+
+# Add the take_ownership permission
+runas
+ncheck "setrichacl --set 'u:99:rwpo::allow' a"
+
+# Chown and chgrp to a user or group the process is not in fails
+runas -u 99 -g 99
+check "chown 100 a || echo status: \$?" <<EOF
+chown: changing ownership of 'a': Operation not permitted
+status: 1
+EOF
+check "chgrp 100 a || echo status: \$?" <<EOF
+chgrp: changing group of 'a': Operation not permitted
+status: 1
+EOF
+
+# Chown and chgrp to a user and group the process is in succeeds
+ncheck "chown 99 a"
+ncheck "chgrp 99 a"
diff --git a/richacl/create b/richacl/create
new file mode 100755
index 0000000..f10f05c
--- /dev/null
+++ b/richacl/create
@@ -0,0 +1,36 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+export LC_ALL=C
+
+# Create directories as root with different permissions
+ncheck "mkdir d1 d2 d3"
+ncheck "setrichacl --set 'u:99:wx::allow' d2"
+ncheck "setrichacl --set 'u:99:px::allow' d3"
+
+runas -u 99 -g 99
+
+# Cannot create files or directories without permissions
+check "touch d1/f || :" <<EOF
+touch: cannot touch 'd1/f': Permission denied
+EOF
+check "mkdir d1/d || :" <<EOF
+mkdir: cannot create directory 'd1/d': Permission denied
+EOF
+
+# Can create files with add_file (w) permission
+ncheck "touch d2/f"
+check "mkdir d2/d || :" <<EOF
+mkdir: cannot create directory 'd2/d': Permission denied
+EOF
+
+# Can create directories with add_subdirectory (p) permission
+check "touch d3/f || :" <<EOF
+touch: cannot touch 'd3/f': Permission denied
+EOF
+ncheck "mkdir d3/d"
diff --git a/richacl/ctime b/richacl/ctime
new file mode 100755
index 0000000..98b8782
--- /dev/null
+++ b/richacl/ctime
@@ -0,0 +1,35 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+export LC_ALL=C
+
+ncheck "touch a"
+
+# Without write access, the ctime cannot be changed
+runas -u 99 -g 99
+check "touch a || :" <<EOF
+touch: cannot touch 'a': Permission denied
+EOF
+
+runas
+ncheck "setrichacl --set 'u:99:rw::allow' a"
+
+# With write access, the ctime can be set to the current time, but not to
+# any other time
+runas -u 99 -g 99
+ncheck "touch a"
+check "touch -d '1 hour ago' a || :" <<EOF
+touch: setting times of 'a': Operation not permitted
+EOF
+
+runas
+ncheck "setrichacl --set 'u:99:rwA::allow' a"
+
+# With set_attributes access, the ctime can be set to an arbitrary time
+runas -u 99 -g 99
+ncheck "touch -d '1 hour ago' a"
diff --git a/richacl/delete b/richacl/delete
new file mode 100755
index 0000000..9537d33
--- /dev/null
+++ b/richacl/delete
@@ -0,0 +1,89 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+umask 022
+export LC_ALL=C
+
+ncheck "chmod go+w ."
+ncheck "mkdir d1 d2 d3 d4 d5 d6 d7"
+ncheck "touch d1/f d1/g d2/f d3/f d4/f d5/f d6/f d7/f d7/g d7/h"
+ncheck "chmod o+w d1/g"
+ncheck "chown 99 d2"
+ncheck "chgrp 99 d3"
+ncheck "chmod g+w d3"
+ncheck "setrichacl --set 'u:99:wx::allow' d4"
+ncheck "setrichacl --set 'u:99:d::allow' d5"
+ncheck "setrichacl --set 'u:99:xd::allow' d6"
+ncheck "setrichacl --set 'u:99:D::allow' d7/f d7/g d7/h"
+ncheck "chmod 664 d7/g"
+
+ncheck "mkdir s2 s3 s4 s5 s6 s7"
+ncheck "chmod +t s2 s3 s4 s5 s6 s7"
+ncheck "touch s2/f s3/f s4/f s5/f s6/f s7/f s7/g s7/h"
+ncheck "chown 99 s2"
+ncheck "chgrp 99 s3"
+ncheck "chmod g+w s3"
+ncheck "setrichacl --set 'u:99:wx::allow' s4"
+ncheck "setrichacl --set 'u:99:d::allow' s5"
+ncheck "setrichacl --set 'u:99:xd::allow' s6"
+ncheck "setrichacl --set 'u:99:D::allow' s7/f s7/g s7/h"
+ncheck "chmod 664 s7/g"
+
+runas -u 99 -g 99
+
+# Cannot delete files with no or only with write permissions on the directory
+check "rm -f d1/f d1/g || :" <<EOF
+rm: cannot remove 'd1/f': Permission denied
+rm: cannot remove 'd1/g': Permission denied
+EOF
+
+# Can delete files in directories we own
+ncheck "rm -f d2/f s2/f"
+
+# Can delete files in non-sticky directories we have write access to
+check "rm -f d3/f s3/f || :" <<EOF
+rm: cannot remove 's3/f': Operation not permitted
+EOF
+
+# "Write_data/execute" access does not include delete_child access, so deleting
+# is not allowed:
+check "rm -f d4/f s4/f || :" <<EOF
+rm: cannot remove 'd4/f': Permission denied
+rm: cannot remove 's4/f': Permission denied
+EOF
+
+# "Delete_child" access alone also is not sufficient
+check "rm -f d5/f s5/f || :" <<EOF
+rm: cannot remove 'd5/f': Permission denied
+rm: cannot remove 's5/f': Permission denied
+EOF
+
+# "Execute/delete_child" access is sufficient for non-sticky directories
+check "rm -f d6/f s6/f || :" <<EOF
+rm: cannot remove 's6/f': Operation not permitted
+EOF
+
+# "Delete" access on the child is sufficient, even in sticky directories.
+check "rm -f d7/f s7/f || :" <<EOF
+EOF
+
+# Regression: Delete access must not override add_file / add_subdirectory
+# access.
+ncheck "touch h"
+check "mv h d7/h || :" <<EOF
+mv: cannot move 'h' to 'd7/h': Permission denied
+EOF
+check "mv h s7/h || :" <<EOF
+mv: cannot move 'h' to 's7/h': Permission denied
+EOF
+
+# A chmod turns off the "delete" permission
+check "rm -f d7/g s7/g || :" <<EOF
+rm: cannot remove 'd7/g': Permission denied
+rm: cannot remove 's7/g': Permission denied
+EOF
diff --git a/richacl/setrichacl-modify b/richacl/setrichacl-modify
new file mode 100755
index 0000000..2723bd5
--- /dev/null
+++ b/richacl/setrichacl-modify
@@ -0,0 +1,57 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_richacls
+use_testdir
+
+umask 022
+
+ncheck "touch f"
+ncheck "setrichacl --set 'flags:a u:101:w::deny u:101:rw::allow u:101:w:a:deny u:101:rw:a:allow' f"
+ncheck "setrichacl --modify 'u:202:w::deny' f"
+check "getrichacl --numeric f" <<EOF
+f:
+ flags:a
+ user:101:-w-----------::deny
+ user:202:-w-----------::deny
+ user:101:rw-----------::allow
+ user:101:-w-----------:a:deny
+ user:101:rw-----------:a:allow
+EOF
+
+ncheck "setrichacl --set 'flags:a u:101:w::deny u:101:rw::allow u:101:w:a:deny u:101:rw:a:allow' f"
+ncheck "setrichacl --modify 'u:202:rw::allow' f"
+check "getrichacl --numeric f" <<EOF
+f:
+ flags:a
+ user:101:-w-----------::deny
+ user:101:rw-----------::allow
+ user:202:rw-----------::allow
+ user:101:-w-----------:a:deny
+ user:101:rw-----------:a:allow
+EOF
+
+ncheck "setrichacl --set 'flags:a u:101:w::deny u:101:rw::allow u:101:w:a:deny u:101:rw:a:allow' f"
+ncheck "setrichacl --modify 'u:202:w:a:deny' f"
+check "getrichacl --numeric f" <<EOF
+f:
+ flags:a
+ user:101:-w-----------::deny
+ user:101:rw-----------::allow
+ user:101:-w-----------:a:deny
+ user:202:-w-----------:a:deny
+ user:101:rw-----------:a:allow
+EOF
+
+ncheck "setrichacl --set 'flags:a u:101:w::deny u:101:rw::allow u:101:w:a:deny u:101:rw:a:allow' f"
+ncheck "setrichacl --modify 'u:202:rw:a:allow' f"
+check "getrichacl --numeric f" <<EOF
+f:
+ flags:a
+ user:101:-w-----------::deny
+ user:101:rw-----------::allow
+ user:101:-w-----------:a:deny
+ user:101:rw-----------:a:allow
+ user:202:rw-----------:a:allow
+EOF
diff --git a/richacl/test-lib.sh b/richacl/test-lib.sh
new file mode 100644
index 0000000..8705e50
--- /dev/null
+++ b/richacl/test-lib.sh
@@ -0,0 +1,154 @@
+# Library for simple test scripts
+# Copyright (C) 2009, 2011-2013 Free Software Foundation, Inc.
+#
+# Copying and distribution of this file, with or without modification,
+# in any medium, are permitted without royalty provided the copyright
+# notice and this notice are preserved.
+
+use_testdir() {
+ testdir=$PWD/testdir.`basename $0`
+ if [ -e "$testdir" ]; then
+ chmod -R u+rwx "$testdir" 2>/dev/null
+ rm -rf "$testdir" || exit 2
+ fi
+ mkdir "$testdir" || exit 2
+ cd "$testdir"
+}
+
+require_runas() {
+ if ! $here/src/runas -u 99 -g 99 true ; then
+ echo "This test must be run as root" >&2
+ exit 77
+ fi
+}
+
+require_richacls() {
+ if [ -e $here/src/require-richacls ]; then
+ $here/src/require-richacls || exit $?
+ fi
+ if ! type -f getrichacl setrichacl > /dev/null; then
+ echo "This test requires the getrichacl and setrichacl utilities" >&2
+ exit 77
+ fi
+}
+
+require_getfattr() {
+ if ! type -f getfattr > /dev/null ; then
+ echo "This test requires the getfattr utility" >&2
+ exit 77
+ fi
+}
+
+_RUNAS=
+runas() {
+ _start_test -1 runas "$*"
+ if [ $# = 0 ]; then
+ _RUNAS=
+ else
+ _RUNAS="$here/src/runas $* --"
+ fi
+ echo "ok"
+}
+
+if diff -u -L expected -L got /dev/null /dev/null 2> /dev/null; then
+ eval '_compare() {
+ diff -u -L expected -L got "$1" "$2"
+ }'
+else
+ eval '_compare() {
+ echo "expected:"
+ cat "$1"
+ echo "got:"
+ cat "$2"
+ }'
+fi
+
+_check() {
+ local frame=$1
+ shift
+ _start_test "$frame" "$*"
+ expected=`cat`
+ if got=`set +x; eval "$_RUNAS $*" 3>&2 </dev/null 2>&1` && \
+ test "$expected" = "$got" ; then
+ echo "ok"
+ checks_succeeded="$checks_succeeded + 1"
+ else
+ echo "FAILED"
+ if test "$expected" != "$got" ; then
+ echo "$expected" > expected~
+ echo "$got" > got~
+ _compare expected~ got~
+ rm -f expected~ got~
+ fi
+ checks_failed="$checks_failed + 1"
+ fi
+}
+
+check() {
+ _check 0 "$@"
+}
+
+ncheck() {
+ _check 0 "$@" < /dev/null
+}
+
+parent_check() {
+ _check 1 "$@"
+}
+
+parent_ncheck() {
+ _check 1 "$@" < /dev/null
+}
+
+cleanup() {
+ status=$?
+ checks_succeeded=`expr $checks_succeeded`
+ checks_failed=`expr $checks_failed`
+ checks_total=`expr $checks_succeeded + $checks_failed`
+ if test $checks_total -gt 0 ; then
+ if test $checks_failed -gt 0 && test $status -eq 0 ; then
+ status=1
+ fi
+ echo "$checks_total tests ($checks_succeeded passed," \
+ "$checks_failed failed)"
+ fi
+ if test $status = 0 -a -n "$testdir"; then
+ chmod -R u+rwx "$testdir" 2>/dev/null
+ cd / && rm -rf "$testdir"
+ fi
+ exit $status
+}
+
+if test -z "`echo -n`"; then
+ if eval 'test -n "${BASH_LINENO[0]}" 2>/dev/null'; then
+ eval '
+ _start_test() {
+ local frame=$1
+ shift
+ printf "[${BASH_LINENO[2+frame]}] $* -- "
+ }'
+ else
+ eval '
+ _start_test() {
+ shift
+ printf "* $* -- "
+ }'
+ fi
+else
+ eval '
+ _start_test() {
+ shift
+ printf "* $*\\n"
+ }'
+fi
+
+if ! type cat > /dev/null 2> /dev/null; then
+ echo "This test requires the cat utility" >&2
+ exit 77
+fi
+
+export PATH=$here/src:$PATH
+
+checks_succeeded=0
+checks_failed=0
+trap cleanup 0
diff --git a/richacl/write-vs-append b/richacl/write-vs-append
new file mode 100755
index 0000000..3e8c156
--- /dev/null
+++ b/richacl/write-vs-append
@@ -0,0 +1,54 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+export LC_ALL=C
+
+ncheck "touch a b c d e f"
+ncheck "setrichacl --set 'owner@:rwp::allow' a"
+ncheck "setrichacl --set 'owner@:rwp::allow u:99:w::allow' b"
+ncheck "setrichacl --set 'owner@:rwp::allow u:99:p::allow' c"
+ncheck "setrichacl --set 'owner@:rwp::allow u:99:wp::allow' d"
+ncheck "setrichacl --set 'u:99:a::deny owner@:rwp::allow u:99:w::allow' e"
+ncheck "setrichacl --set 'u:99:w::deny owner@:rwp::allow u:99:p::allow' f"
+
+runas -u 99 -g 99
+check "sh -c 'echo a > a' || :" <<EOF
+sh: a: Permission denied
+EOF
+ncheck "sh -c 'echo b > b' || :"
+check "sh -c 'echo c > c' || :" <<EOF
+sh: c: Permission denied
+EOF
+ncheck "sh -c 'echo d > d' || :"
+ncheck "sh -c 'echo e > e' || :"
+check "sh -c 'echo f > f' || :" <<EOF
+sh: f: Permission denied
+EOF
+
+check "sh -c 'echo A >> a' || :" <<EOF
+sh: a: Permission denied
+EOF
+check "sh -c 'echo B >> b' || :" <<EOF
+sh: b: Permission denied
+EOF
+ncheck "sh -c 'echo C >> c' || :"
+ncheck "sh -c 'echo D >> d' || :"
+check "sh -c 'echo E >> e' || :" <<EOF
+sh: e: Permission denied
+EOF
+ncheck "sh -c 'echo F >> f' || :"
+
+runas
+check "cat a b c d e f" <<EOF
+b
+C
+d
+D
+e
+F
+EOF
diff --git a/tests/generic/338 b/tests/generic/338
new file mode 100755
index 0000000..5037f8e
--- /dev/null
+++ b/tests/generic/338
@@ -0,0 +1,67 @@
+#! /bin/bash
+# FS QA Test 338
+#
+# Richacl tests
+#
+#-----------------------------------------------------------------------
+# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it would be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+#-----------------------------------------------------------------------
+
+seq=`basename $0`
+seqres=$RESULT_DIR/$seq
+echo "QA output created by $seq"
+
+here=`pwd`
+tmp=/tmp/$$
+status=1 # failure is the default!
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+_cleanup()
+{
+ cd /
+ rm -f $tmp.*
+}
+
+# get standard environment, filters and checks
+. ./common/rc
+. ./common/filter
+
+# remove previous $seqres.full before test
+rm -f $seqres.full
+
+# Modify as appropriate.
+_supported_fs generic
+_supported_os Linux
+_setup_scratch_richacl
+
+doit() {
+ local file=$1 status
+ echo "*** ${file##*/} ***"
+ "$@"
+ status=$?
+ echo
+ return $status
+}
+
+cd $SCRATCH_MNT
+
+file=$here/richacl/$(echo $0 | sed -e 's,.*/[0-9][0-9][0-9]-,,')
+doit "$file" | tee -a $seqres.full >$tmp.${file##*/}
+if [ ${PIPESTATUS[0]} -eq 0 ]; then
+ status=0
+else
+ cat $tmp.${file##*/}
+fi
diff --git a/tests/generic/339-apply-masks b/tests/generic/339-apply-masks
new file mode 120000
index 0000000..4b74f22
--- /dev/null
+++ b/tests/generic/339-apply-masks
@@ -0,0 +1 @@
+338
\ No newline at end of file
diff --git a/tests/generic/340-auto-inheritance b/tests/generic/340-auto-inheritance
new file mode 120000
index 0000000..4b74f22
--- /dev/null
+++ b/tests/generic/340-auto-inheritance
@@ -0,0 +1 @@
+338
\ No newline at end of file
diff --git a/tests/generic/341-basic b/tests/generic/341-basic
new file mode 120000
index 0000000..4b74f22
--- /dev/null
+++ b/tests/generic/341-basic
@@ -0,0 +1 @@
+338
\ No newline at end of file
diff --git a/tests/generic/342-chmod b/tests/generic/342-chmod
new file mode 120000
index 0000000..4b74f22
--- /dev/null
+++ b/tests/generic/342-chmod
@@ -0,0 +1 @@
+338
\ No newline at end of file
diff --git a/tests/generic/343-chown b/tests/generic/343-chown
new file mode 120000
index 0000000..4b74f22
--- /dev/null
+++ b/tests/generic/343-chown
@@ -0,0 +1 @@
+338
\ No newline at end of file
diff --git a/tests/generic/344-create b/tests/generic/344-create
new file mode 120000
index 0000000..4b74f22
--- /dev/null
+++ b/tests/generic/344-create
@@ -0,0 +1 @@
+338
\ No newline at end of file
diff --git a/tests/generic/345-ctime b/tests/generic/345-ctime
new file mode 120000
index 0000000..4b74f22
--- /dev/null
+++ b/tests/generic/345-ctime
@@ -0,0 +1 @@
+338
\ No newline at end of file
diff --git a/tests/generic/346-delete b/tests/generic/346-delete
new file mode 120000
index 0000000..4b74f22
--- /dev/null
+++ b/tests/generic/346-delete
@@ -0,0 +1 @@
+338
\ No newline at end of file
diff --git a/tests/generic/347-setrichacl-modify b/tests/generic/347-setrichacl-modify
new file mode 120000
index 0000000..4b74f22
--- /dev/null
+++ b/tests/generic/347-setrichacl-modify
@@ -0,0 +1 @@
+338
\ No newline at end of file
diff --git a/tests/generic/348-write-vs-append b/tests/generic/348-write-vs-append
new file mode 120000
index 0000000..4b74f22
--- /dev/null
+++ b/tests/generic/348-write-vs-append
@@ -0,0 +1 @@
+338
\ No newline at end of file
diff --git a/tests/generic/group b/tests/generic/group
index 727648c..d65341f 100644
--- a/tests/generic/group
+++ b/tests/generic/group
@@ -340,3 +340,13 @@
335 auto quick metadata
336 auto quick metadata
337 auto quick metadata
+339-apply-masks richacl auto
+340-auto-inheritance richacl auto
+341-basic richacl auto
+342-chmod richacl auto
+343-chown richacl auto
+344-create richacl auto
+345-ctime richacl auto
+346-delete richacl auto
+347-setrichacl-modify richacl auto
+348-write-vs-append richacl auto
--
2.5.0
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [XFSTESTS v4 4/4] generic/338: Add richacl tests
2016-03-09 12:06 [XFSTESTS v4 0/4] Richacl tests Andreas Gruenbacher
` (3 preceding siblings ...)
2016-03-09 12:06 ` [XFSTESTS v4 4/4] Add richacl tests Andreas Gruenbacher
@ 2016-03-09 12:06 ` Andreas Gruenbacher
2016-03-14 22:24 ` [XFSTESTS v4 0/4] Richacl tests Dave Chinner
5 siblings, 0 replies; 10+ messages in thread
From: Andreas Gruenbacher @ 2016-03-09 12:06 UTC (permalink / raw)
To: xfs; +Cc: Andreas Gruenbacher
Add the Rich Access Control List tests from the richacl package as
generic/338. The new test requires SCRATCH_DEV and SCRATCH_MNT to be
set. It tries to create and mount a scratch filesystem with richacl
support before running the tests; if that fails, the richacl tests will
be skipped.
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
---
Makefile | 2 +-
common/rc | 32 ++++++++
richacl/Makefile | 23 ++++++
richacl/apply-masks | 163 +++++++++++++++++++++++++++++++++++++++
richacl/auto-inheritance | 191 ++++++++++++++++++++++++++++++++++++++++++++++
richacl/basic | 97 +++++++++++++++++++++++
richacl/chmod | 40 ++++++++++
richacl/chown | 42 ++++++++++
richacl/create | 36 +++++++++
richacl/ctime | 35 +++++++++
richacl/delete | 89 +++++++++++++++++++++
richacl/setrichacl-modify | 57 ++++++++++++++
richacl/test-lib.sh | 154 +++++++++++++++++++++++++++++++++++++
richacl/write-vs-append | 54 +++++++++++++
tests/generic/338 | 78 +++++++++++++++++++
tests/generic/group | 1 +
16 files changed, 1093 insertions(+), 1 deletion(-)
create mode 100644 richacl/Makefile
create mode 100755 richacl/apply-masks
create mode 100755 richacl/auto-inheritance
create mode 100755 richacl/basic
create mode 100755 richacl/chmod
create mode 100755 richacl/chown
create mode 100755 richacl/create
create mode 100755 richacl/ctime
create mode 100755 richacl/delete
create mode 100755 richacl/setrichacl-modify
create mode 100644 richacl/test-lib.sh
create mode 100755 richacl/write-vs-append
create mode 100755 tests/generic/338
diff --git a/Makefile b/Makefile
index 30d8747..3eec26f 100644
--- a/Makefile
+++ b/Makefile
@@ -57,7 +57,7 @@ TOOL_SUBDIRS += dmapi
endif
export TESTS_DIR = tests
-SUBDIRS = $(LIB_SUBDIRS) $(TOOL_SUBDIRS) $(TESTS_DIR)
+SUBDIRS = $(LIB_SUBDIRS) $(TOOL_SUBDIRS) $(TESTS_DIR) richacl
default: include/builddefs $(DMAPI_MAKEFILE)
ifeq ($(HAVE_BUILDDEFS), no)
diff --git a/common/rc b/common/rc
index 16f5a43..61e85ad 100644
--- a/common/rc
+++ b/common/rc
@@ -1908,6 +1908,38 @@ _require_xfs_db_command()
_notrun "xfs_db $command support is missing"
}
+_require_scratch_richacl_xfs()
+{
+ _scratch_mkfs_xfs_supported -m richacl=1 >/dev/null 2>&1 \
+ || _notrun "mkfs.xfs doesn't have richacl feature"
+
+ _scratch_mkfs_xfs -m richacl=1 >/dev/null 2>&1
+ _scratch_mount >/dev/null 2>&1 \
+ || _notrun "kernel doesn't support richacl feature"
+ _scratch_unmount
+}
+
+__require_scratch_richacl()
+{
+ _scratch_mkfs -O richacl >/dev/null 2>&1 \
+ || _notrun "can't mkfs $FSTYP with option -O richacl"
+ _scratch_mount >/dev/null 2>&1 \
+ || _notrun "kernel doesn't support richacl feature on $FSTYP"
+ _scratch_unmount
+}
+
+_require_scratch_richacl()
+{
+ case "$FSTYP" in
+ xfs) _require_scratch_richacl_xfs
+ ;;
+ ext4) __require_scratch_richacl
+ ;;
+ *) _notrun "this test requires richacl support on \$SCRATCH_DEV"
+ ;;
+ esac
+}
+
# check that kernel and filesystem support direct I/O
_require_odirect()
{
diff --git a/richacl/Makefile b/richacl/Makefile
new file mode 100644
index 0000000..8d19d1a
--- /dev/null
+++ b/richacl/Makefile
@@ -0,0 +1,23 @@
+#
+# Copyright (C) 2015 Red Hat, Inc.
+#
+
+TESTS = apply-masks basic chmod chown create delete setrichacl-modify \
+ write-vs-append ctime auto-inheritance
+
+LSRCFILES = test-lib.sh $(TESTS)
+
+TOPDIR = ..
+include $(TOPDIR)/include/builddefs
+
+TARGET_DIR = $(PKG_LIB_DIR)/richacl
+
+include $(BUILDRULES)
+
+install:
+ $(INSTALL) -m 755 -d $(TARGET_DIR)
+ $(INSTALL) -m 755 $(TESTS) $(TARGET_DIR)
+ $(INSTALL) -m 644 test-lib.sh $(TARGET_DIR)
+
+# Nothing.
+install-dev install-lib:
diff --git a/richacl/apply-masks b/richacl/apply-masks
new file mode 100755
index 0000000..8d3493d
--- /dev/null
+++ b/richacl/apply-masks
@@ -0,0 +1,163 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_richacls
+use_testdir
+
+ncheck "touch x"
+ncheck "setrichacl --set 'owner@:rwp::allow group@:rwp::allow everyone@:r::allow' x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'everyone@:wp::allow owner@:r::allow group@:r::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'everyone@:wp::deny owner@:rwp::allow group@:rwp::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'owner@:rwCo::allow' x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rw-------Co--::allow
+EOF
+
+ncheck "setrichacl --set 'owner@:rwpCo::allow' x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+EOF
+
+ncheck "chmod 644 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:rwp::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:rwp----------::allow
+ group@:r------------::deny
+ everyone@:r------------::allow
+EOF
+
+ncheck "chmod 644 x"
+check "getrichacl --numeric-ids x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:r------------::allow
+ group@:r------------::deny
+ everyone@:r------------::allow
+EOF
+
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:rwp----------::allow
+ group@:r------------::deny
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:rwp::allow everyone@:r::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:r::allow everyone@:rwp::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ user:77:rwp----------::allow
+ owner@:rwp----------::allow
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:wp::deny everyone@:rwp::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:-wp----------::deny
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:rwp::allow u:77:wp::deny everyone@:rwp::allow' x"
+ncheck "chmod 664 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ user:77:rwp----------::allow
+ user:77:-wp----------::deny
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+ncheck "setrichacl --set 'everyone@:rwp::allow' x"
+ncheck "chmod 066 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::deny
+ everyone@:rwp----------::allow
+EOF
+
+ncheck "chmod 006 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::deny
+ group@:rwp----------::deny
+ everyone@:rwp----------::allow
+EOF
+
+ncheck "chmod 606 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::deny
+ everyone@:rwp----------::allow
+EOF
+
+ncheck "setrichacl --set 'u:77:rwp::allow everyone@:rwp::allow' x"
+ncheck "chmod 606 x"
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::deny
+ everyone@:rwp----------::allow
+EOF
+
+ncheck "chmod 646 x"
+check "getrichacl x" <<EOF
+x:
+ user:77:r------------::allow
+ owner@:rwp----------::allow
+ group@:-wp----------::deny
+ user:77:-wp----------::deny
+ everyone@:rwp----------::allow
+EOF
diff --git a/richacl/auto-inheritance b/richacl/auto-inheritance
new file mode 100755
index 0000000..4642125
--- /dev/null
+++ b/richacl/auto-inheritance
@@ -0,0 +1,191 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_richacls
+use_testdir
+
+umask 022
+
+ncheck "mkdir d1"
+ncheck "setrichacl --modify u:101:rw:fd:deny d1"
+ncheck "setrichacl --modify u:102:rw:f:deny d1"
+ncheck "setrichacl --modify u:103:rw:d:deny d1"
+ncheck "setrichacl --modify g:101:rw:fdi:deny d1"
+
+ncheck "setrichacl --modify flags:a d1"
+
+check "getrichacl --numeric --raw d1" <<EOF
+d1:
+ flags:a
+ owner:rwpxd-----------::mask
+ group:r--x------------::mask
+ other:r--x------------::mask
+ user:101:rw--------------:fd:deny
+ user:102:rw--------------:f:deny
+ user:103:rw--------------:d:deny
+ group:101:rw--------------:fdi:deny
+ owner@:rwpxd-----------::allow
+ everyone@:r--x------------::allow
+EOF
+
+ncheck "mkdir d1/d2"
+ncheck "touch d1/d3"
+
+# Mode bits derived from inherited ACEs
+check "getrichacl --numeric --raw d1/d2" <<EOF
+d1/d2:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:fda:deny
+ user:102:rw--------------:fia:deny
+ user:103:rw--------------:da:deny
+ group:101:rw--------------:fda:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d3" <<EOF
+d1/d3:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:a:deny
+ user:102:rw--------------:a:deny
+ group:101:rw--------------:a:deny
+EOF
+
+ncheck "mkdir d1/d2/d4"
+ncheck "touch d1/d2/d4/d5"
+
+# Protected files
+ncheck "mkdir d1/d6"
+ncheck "touch d1/d7"
+
+check "getrichacl --numeric --raw d1/d2/d4" <<EOF
+d1/d2/d4:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:fda:deny
+ user:102:rw--------------:fia:deny
+ user:103:rw--------------:da:deny
+ group:101:rw--------------:fda:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d2/d4/d5" <<EOF
+d1/d2/d4/d5:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:a:deny
+ user:102:rw--------------:a:deny
+ group:101:rw--------------:a:deny
+EOF
+
+# Clear protected flag from all the ACLs
+ncheck "setrichacl --modify flags:a d1/d2"
+ncheck "setrichacl --modify flags:a d1/d3"
+ncheck "setrichacl --modify flags:a d1/d2/d4"
+ncheck "setrichacl --modify flags:a d1/d2/d4/d5"
+
+ncheck "getrichacl --numeric d1 | sed -e 's/:fd:deny/:fd:allow/' > acl.txt"
+check "cat acl.txt" <<EOF
+d1:
+ flags:a
+ user:101:rw-----------:fd:allow
+ user:102:rw-----------:f:deny
+ user:103:rw-----------:d:deny
+ group:101:rw-----------:fdi:deny
+ owner@:rwpxd--------::allow
+ everyone@:r--x---------::allow
+EOF
+
+ncheck "setrichacl --set-file acl.txt d1"
+
+check "getrichacl --numeric --raw d1" <<EOF
+d1:
+ flags:a
+ owner:rwpxd-----------::mask
+ group:rw-x------------::mask
+ other:r--x------------::mask
+ user:101:rw--------------:fd:allow
+ user:102:rw--------------:f:deny
+ user:103:rw--------------:d:deny
+ group:101:rw--------------:fdi:deny
+ owner@:rwpxd-----------::allow
+ everyone@:r--x------------::allow
+EOF
+
+check "getrichacl --numeric --raw d1/d2" <<EOF
+d1/d2:
+ flags:a
+ owner:rw--------------::mask
+ group:rw--------------::mask
+ other:----------------::mask
+ user:101:rw--------------:fda:allow
+ user:102:rw--------------:fia:deny
+ user:103:rw--------------:da:deny
+ group:101:rw--------------:fda:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d3" <<EOF
+d1/d3:
+ flags:a
+ owner:rw--------------::mask
+ group:rw--------------::mask
+ other:----------------::mask
+ user:101:rw--------------:a:allow
+ user:102:rw--------------:a:deny
+ group:101:rw--------------:a:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d2/d4" <<EOF
+d1/d2/d4:
+ flags:a
+ owner:rw--------------::mask
+ group:rw--------------::mask
+ other:----------------::mask
+ user:101:rw--------------:fda:allow
+ user:102:rw--------------:fia:deny
+ user:103:rw--------------:da:deny
+ group:101:rw--------------:fda:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d2/d4/d5" <<EOF
+d1/d2/d4/d5:
+ flags:a
+ owner:rw--------------::mask
+ group:rw--------------::mask
+ other:----------------::mask
+ user:101:rw--------------:a:allow
+ user:102:rw--------------:a:deny
+ group:101:rw--------------:a:deny
+EOF
+
+# No automatic inheritance for protected files
+check "getrichacl --numeric --raw d1/d6" <<EOF
+d1/d6:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:fda:deny
+ user:102:rw--------------:fia:deny
+ user:103:rw--------------:da:deny
+ group:101:rw--------------:fda:deny
+EOF
+
+check "getrichacl --numeric --raw d1/d7" <<EOF
+d1/d7:
+ flags:map
+ owner:----------------::mask
+ group:----------------::mask
+ other:----------------::mask
+ user:101:rw--------------:a:deny
+ user:102:rw--------------:a:deny
+ group:101:rw--------------:a:deny
+EOF
diff --git a/richacl/basic b/richacl/basic
new file mode 100755
index 0000000..88e378b
--- /dev/null
+++ b/richacl/basic
@@ -0,0 +1,97 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_richacls
+require_getfattr
+use_testdir
+
+umask 022
+
+ncheck "touch x"
+ncheck "setrichacl --set 'everyone@:rwp::allow' x"
+check "ls -l x | sed -e 's/[. ].*//'" <<EOF
+-rw-rw-rw-
+EOF
+
+check "getrichacl x" <<EOF
+x:
+ everyone@:rwp----------::allow
+EOF
+
+ncheck 'chmod 664 x'
+check "ls -l x | sed -e 's/[. ].*//'" <<EOF
+-rw-rw-r--
+EOF
+
+check "getrichacl x" <<EOF
+x:
+ owner@:rwp----------::allow
+ group@:rwp----------::allow
+ everyone@:r------------::allow
+EOF
+
+# Note that unlike how the test cases look at first sight, we do *not* require
+# a richacl-enabled version of ls here ...
+
+ncheck "mkdir sub"
+ncheck "setrichacl --set 'everyone@:rwpxd:fd:allow' sub"
+check "ls -dl sub | sed -e 's/[.+ ].*/+/'" <<EOF
+drwxrwxrwx+
+EOF
+
+#check 'getfattr sub | grep -e system\.richacl' <<EOF
+check 'getfattr -m system\.richacl sub' <<EOF
+# file: sub
+system.richacl
+EOF
+
+ncheck "chmod 775 sub"
+check "ls -dl sub | sed -e 's/[.+ ].*/+/'" <<EOF
+drwxrwxr-x+
+EOF
+
+check 'getfattr -m system\.richacl sub' <<EOF
+# file: sub
+system.richacl
+EOF
+
+check "getrichacl sub" <<EOF
+sub:
+ owner@:rwpxd--------::allow
+ group@:rwpxd--------::allow
+ everyone@:rwpxd--------:fdi:allow
+ everyone@:r--x---------::allow
+EOF
+
+ncheck "touch sub/f"
+check "ls -l sub/f | sed -e 's/[. ].*//'" <<EOF
+-rw-rw-rw-
+EOF
+
+check "getrichacl sub/f" <<EOF
+sub/f:
+ everyone@:rwp----------::allow
+EOF
+
+ncheck "mkdir sub/sub2"
+check "ls -dl sub/sub2 | sed -e 's/[.+ ].*/+/'" <<EOF
+drwxrwxrwx+
+EOF
+
+check "getrichacl sub/sub2" <<EOF
+sub/sub2:
+ everyone@:rwpxd--------:fd:allow
+EOF
+
+ncheck "mkdir -m 750 sub/sub3"
+check "ls -dl sub/sub3 | sed -e 's/[.+ ].*/+/'" <<EOF
+drwxr-x---+
+EOF
+
+check "getrichacl sub/sub3" <<EOF
+sub/sub3:
+ owner@:rwpxd--------::allow
+ group@:r--x---------::allow
+ everyone@:rwpxd--------:fdi:allow
+EOF
diff --git a/richacl/chmod b/richacl/chmod
new file mode 100755
index 0000000..0020f36
--- /dev/null
+++ b/richacl/chmod
@@ -0,0 +1,40 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+export LC_ALL=C
+
+# Create file as root
+ncheck "touch a"
+
+# We cannot set the acl as another user
+runas -u 99 -g 99
+check "setrichacl --set 'u:99:rwc::allow' a || echo status: \$?" <<EOF
+a: Operation not permitted
+status: 1
+EOF
+
+# We cannot chmod as another user
+check "chmod 666 a || echo status: \$?" <<EOF
+chmod: changing permissions of 'a': Operation not permitted
+status: 1
+EOF
+
+# Give user 99 the write_acl permission
+runas
+ncheck "setrichacl --set 'u:99:rwpC::allow' a"
+
+# Now user 99 can setrichacl and chmod ...
+runas -u 99 -g 99
+ncheck "setrichacl --set 'u:99:rwpC::allow' a"
+ncheck "chmod 666 a"
+
+# ... but chmod disables the write_acl permission
+check "setrichacl --set 'u:99:rwpC::allow' a || echo status: \$?" <<EOF
+a: Operation not permitted
+status: 1
+EOF
diff --git a/richacl/chown b/richacl/chown
new file mode 100755
index 0000000..b8ae1d3
--- /dev/null
+++ b/richacl/chown
@@ -0,0 +1,42 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+export LC_ALL=C
+
+# Create file as root
+ncheck "touch a"
+
+# Chown and chgrp with no take ownership permission fails
+runas -u 99 -g 99
+check "chown 99 a || echo status: \$?" <<EOF
+chown: changing ownership of 'a': Operation not permitted
+status: 1
+EOF
+check "chgrp 99 a || echo status: \$?" <<EOF
+chgrp: changing group of 'a': Operation not permitted
+status: 1
+EOF
+
+# Add the take_ownership permission
+runas
+ncheck "setrichacl --set 'u:99:rwpo::allow' a"
+
+# Chown and chgrp to a user or group the process is not in fails
+runas -u 99 -g 99
+check "chown 100 a || echo status: \$?" <<EOF
+chown: changing ownership of 'a': Operation not permitted
+status: 1
+EOF
+check "chgrp 100 a || echo status: \$?" <<EOF
+chgrp: changing group of 'a': Operation not permitted
+status: 1
+EOF
+
+# Chown and chgrp to a user and group the process is in succeeds
+ncheck "chown 99 a"
+ncheck "chgrp 99 a"
diff --git a/richacl/create b/richacl/create
new file mode 100755
index 0000000..f10f05c
--- /dev/null
+++ b/richacl/create
@@ -0,0 +1,36 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+export LC_ALL=C
+
+# Create directories as root with different permissions
+ncheck "mkdir d1 d2 d3"
+ncheck "setrichacl --set 'u:99:wx::allow' d2"
+ncheck "setrichacl --set 'u:99:px::allow' d3"
+
+runas -u 99 -g 99
+
+# Cannot create files or directories without permissions
+check "touch d1/f || :" <<EOF
+touch: cannot touch 'd1/f': Permission denied
+EOF
+check "mkdir d1/d || :" <<EOF
+mkdir: cannot create directory 'd1/d': Permission denied
+EOF
+
+# Can create files with add_file (w) permission
+ncheck "touch d2/f"
+check "mkdir d2/d || :" <<EOF
+mkdir: cannot create directory 'd2/d': Permission denied
+EOF
+
+# Can create directories with add_subdirectory (p) permission
+check "touch d3/f || :" <<EOF
+touch: cannot touch 'd3/f': Permission denied
+EOF
+ncheck "mkdir d3/d"
diff --git a/richacl/ctime b/richacl/ctime
new file mode 100755
index 0000000..98b8782
--- /dev/null
+++ b/richacl/ctime
@@ -0,0 +1,35 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+export LC_ALL=C
+
+ncheck "touch a"
+
+# Without write access, the ctime cannot be changed
+runas -u 99 -g 99
+check "touch a || :" <<EOF
+touch: cannot touch 'a': Permission denied
+EOF
+
+runas
+ncheck "setrichacl --set 'u:99:rw::allow' a"
+
+# With write access, the ctime can be set to the current time, but not to
+# any other time
+runas -u 99 -g 99
+ncheck "touch a"
+check "touch -d '1 hour ago' a || :" <<EOF
+touch: setting times of 'a': Operation not permitted
+EOF
+
+runas
+ncheck "setrichacl --set 'u:99:rwA::allow' a"
+
+# With set_attributes access, the ctime can be set to an arbitrary time
+runas -u 99 -g 99
+ncheck "touch -d '1 hour ago' a"
diff --git a/richacl/delete b/richacl/delete
new file mode 100755
index 0000000..9537d33
--- /dev/null
+++ b/richacl/delete
@@ -0,0 +1,89 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+umask 022
+export LC_ALL=C
+
+ncheck "chmod go+w ."
+ncheck "mkdir d1 d2 d3 d4 d5 d6 d7"
+ncheck "touch d1/f d1/g d2/f d3/f d4/f d5/f d6/f d7/f d7/g d7/h"
+ncheck "chmod o+w d1/g"
+ncheck "chown 99 d2"
+ncheck "chgrp 99 d3"
+ncheck "chmod g+w d3"
+ncheck "setrichacl --set 'u:99:wx::allow' d4"
+ncheck "setrichacl --set 'u:99:d::allow' d5"
+ncheck "setrichacl --set 'u:99:xd::allow' d6"
+ncheck "setrichacl --set 'u:99:D::allow' d7/f d7/g d7/h"
+ncheck "chmod 664 d7/g"
+
+ncheck "mkdir s2 s3 s4 s5 s6 s7"
+ncheck "chmod +t s2 s3 s4 s5 s6 s7"
+ncheck "touch s2/f s3/f s4/f s5/f s6/f s7/f s7/g s7/h"
+ncheck "chown 99 s2"
+ncheck "chgrp 99 s3"
+ncheck "chmod g+w s3"
+ncheck "setrichacl --set 'u:99:wx::allow' s4"
+ncheck "setrichacl --set 'u:99:d::allow' s5"
+ncheck "setrichacl --set 'u:99:xd::allow' s6"
+ncheck "setrichacl --set 'u:99:D::allow' s7/f s7/g s7/h"
+ncheck "chmod 664 s7/g"
+
+runas -u 99 -g 99
+
+# Cannot delete files with no or only with write permissions on the directory
+check "rm -f d1/f d1/g || :" <<EOF
+rm: cannot remove 'd1/f': Permission denied
+rm: cannot remove 'd1/g': Permission denied
+EOF
+
+# Can delete files in directories we own
+ncheck "rm -f d2/f s2/f"
+
+# Can delete files in non-sticky directories we have write access to
+check "rm -f d3/f s3/f || :" <<EOF
+rm: cannot remove 's3/f': Operation not permitted
+EOF
+
+# "Write_data/execute" access does not include delete_child access, so deleting
+# is not allowed:
+check "rm -f d4/f s4/f || :" <<EOF
+rm: cannot remove 'd4/f': Permission denied
+rm: cannot remove 's4/f': Permission denied
+EOF
+
+# "Delete_child" access alone also is not sufficient
+check "rm -f d5/f s5/f || :" <<EOF
+rm: cannot remove 'd5/f': Permission denied
+rm: cannot remove 's5/f': Permission denied
+EOF
+
+# "Execute/delete_child" access is sufficient for non-sticky directories
+check "rm -f d6/f s6/f || :" <<EOF
+rm: cannot remove 's6/f': Operation not permitted
+EOF
+
+# "Delete" access on the child is sufficient, even in sticky directories.
+check "rm -f d7/f s7/f || :" <<EOF
+EOF
+
+# Regression: Delete access must not override add_file / add_subdirectory
+# access.
+ncheck "touch h"
+check "mv h d7/h || :" <<EOF
+mv: cannot move 'h' to 'd7/h': Permission denied
+EOF
+check "mv h s7/h || :" <<EOF
+mv: cannot move 'h' to 's7/h': Permission denied
+EOF
+
+# A chmod turns off the "delete" permission
+check "rm -f d7/g s7/g || :" <<EOF
+rm: cannot remove 'd7/g': Permission denied
+rm: cannot remove 's7/g': Permission denied
+EOF
diff --git a/richacl/setrichacl-modify b/richacl/setrichacl-modify
new file mode 100755
index 0000000..2723bd5
--- /dev/null
+++ b/richacl/setrichacl-modify
@@ -0,0 +1,57 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_richacls
+use_testdir
+
+umask 022
+
+ncheck "touch f"
+ncheck "setrichacl --set 'flags:a u:101:w::deny u:101:rw::allow u:101:w:a:deny u:101:rw:a:allow' f"
+ncheck "setrichacl --modify 'u:202:w::deny' f"
+check "getrichacl --numeric f" <<EOF
+f:
+ flags:a
+ user:101:-w-----------::deny
+ user:202:-w-----------::deny
+ user:101:rw-----------::allow
+ user:101:-w-----------:a:deny
+ user:101:rw-----------:a:allow
+EOF
+
+ncheck "setrichacl --set 'flags:a u:101:w::deny u:101:rw::allow u:101:w:a:deny u:101:rw:a:allow' f"
+ncheck "setrichacl --modify 'u:202:rw::allow' f"
+check "getrichacl --numeric f" <<EOF
+f:
+ flags:a
+ user:101:-w-----------::deny
+ user:101:rw-----------::allow
+ user:202:rw-----------::allow
+ user:101:-w-----------:a:deny
+ user:101:rw-----------:a:allow
+EOF
+
+ncheck "setrichacl --set 'flags:a u:101:w::deny u:101:rw::allow u:101:w:a:deny u:101:rw:a:allow' f"
+ncheck "setrichacl --modify 'u:202:w:a:deny' f"
+check "getrichacl --numeric f" <<EOF
+f:
+ flags:a
+ user:101:-w-----------::deny
+ user:101:rw-----------::allow
+ user:101:-w-----------:a:deny
+ user:202:-w-----------:a:deny
+ user:101:rw-----------:a:allow
+EOF
+
+ncheck "setrichacl --set 'flags:a u:101:w::deny u:101:rw::allow u:101:w:a:deny u:101:rw:a:allow' f"
+ncheck "setrichacl --modify 'u:202:rw:a:allow' f"
+check "getrichacl --numeric f" <<EOF
+f:
+ flags:a
+ user:101:-w-----------::deny
+ user:101:rw-----------::allow
+ user:101:-w-----------:a:deny
+ user:101:rw-----------:a:allow
+ user:202:rw-----------:a:allow
+EOF
diff --git a/richacl/test-lib.sh b/richacl/test-lib.sh
new file mode 100644
index 0000000..8705e50
--- /dev/null
+++ b/richacl/test-lib.sh
@@ -0,0 +1,154 @@
+# Library for simple test scripts
+# Copyright (C) 2009, 2011-2013 Free Software Foundation, Inc.
+#
+# Copying and distribution of this file, with or without modification,
+# in any medium, are permitted without royalty provided the copyright
+# notice and this notice are preserved.
+
+use_testdir() {
+ testdir=$PWD/testdir.`basename $0`
+ if [ -e "$testdir" ]; then
+ chmod -R u+rwx "$testdir" 2>/dev/null
+ rm -rf "$testdir" || exit 2
+ fi
+ mkdir "$testdir" || exit 2
+ cd "$testdir"
+}
+
+require_runas() {
+ if ! $here/src/runas -u 99 -g 99 true ; then
+ echo "This test must be run as root" >&2
+ exit 77
+ fi
+}
+
+require_richacls() {
+ if [ -e $here/src/require-richacls ]; then
+ $here/src/require-richacls || exit $?
+ fi
+ if ! type -f getrichacl setrichacl > /dev/null; then
+ echo "This test requires the getrichacl and setrichacl utilities" >&2
+ exit 77
+ fi
+}
+
+require_getfattr() {
+ if ! type -f getfattr > /dev/null ; then
+ echo "This test requires the getfattr utility" >&2
+ exit 77
+ fi
+}
+
+_RUNAS=
+runas() {
+ _start_test -1 runas "$*"
+ if [ $# = 0 ]; then
+ _RUNAS=
+ else
+ _RUNAS="$here/src/runas $* --"
+ fi
+ echo "ok"
+}
+
+if diff -u -L expected -L got /dev/null /dev/null 2> /dev/null; then
+ eval '_compare() {
+ diff -u -L expected -L got "$1" "$2"
+ }'
+else
+ eval '_compare() {
+ echo "expected:"
+ cat "$1"
+ echo "got:"
+ cat "$2"
+ }'
+fi
+
+_check() {
+ local frame=$1
+ shift
+ _start_test "$frame" "$*"
+ expected=`cat`
+ if got=`set +x; eval "$_RUNAS $*" 3>&2 </dev/null 2>&1` && \
+ test "$expected" = "$got" ; then
+ echo "ok"
+ checks_succeeded="$checks_succeeded + 1"
+ else
+ echo "FAILED"
+ if test "$expected" != "$got" ; then
+ echo "$expected" > expected~
+ echo "$got" > got~
+ _compare expected~ got~
+ rm -f expected~ got~
+ fi
+ checks_failed="$checks_failed + 1"
+ fi
+}
+
+check() {
+ _check 0 "$@"
+}
+
+ncheck() {
+ _check 0 "$@" < /dev/null
+}
+
+parent_check() {
+ _check 1 "$@"
+}
+
+parent_ncheck() {
+ _check 1 "$@" < /dev/null
+}
+
+cleanup() {
+ status=$?
+ checks_succeeded=`expr $checks_succeeded`
+ checks_failed=`expr $checks_failed`
+ checks_total=`expr $checks_succeeded + $checks_failed`
+ if test $checks_total -gt 0 ; then
+ if test $checks_failed -gt 0 && test $status -eq 0 ; then
+ status=1
+ fi
+ echo "$checks_total tests ($checks_succeeded passed," \
+ "$checks_failed failed)"
+ fi
+ if test $status = 0 -a -n "$testdir"; then
+ chmod -R u+rwx "$testdir" 2>/dev/null
+ cd / && rm -rf "$testdir"
+ fi
+ exit $status
+}
+
+if test -z "`echo -n`"; then
+ if eval 'test -n "${BASH_LINENO[0]}" 2>/dev/null'; then
+ eval '
+ _start_test() {
+ local frame=$1
+ shift
+ printf "[${BASH_LINENO[2+frame]}] $* -- "
+ }'
+ else
+ eval '
+ _start_test() {
+ shift
+ printf "* $* -- "
+ }'
+ fi
+else
+ eval '
+ _start_test() {
+ shift
+ printf "* $*\\n"
+ }'
+fi
+
+if ! type cat > /dev/null 2> /dev/null; then
+ echo "This test requires the cat utility" >&2
+ exit 77
+fi
+
+export PATH=$here/src:$PATH
+
+checks_succeeded=0
+checks_failed=0
+trap cleanup 0
diff --git a/richacl/write-vs-append b/richacl/write-vs-append
new file mode 100755
index 0000000..3e8c156
--- /dev/null
+++ b/richacl/write-vs-append
@@ -0,0 +1,54 @@
+#! /bin/bash
+
+. ${0%/*}/test-lib.sh
+
+require_runas
+require_richacls
+use_testdir
+
+export LC_ALL=C
+
+ncheck "touch a b c d e f"
+ncheck "setrichacl --set 'owner@:rwp::allow' a"
+ncheck "setrichacl --set 'owner@:rwp::allow u:99:w::allow' b"
+ncheck "setrichacl --set 'owner@:rwp::allow u:99:p::allow' c"
+ncheck "setrichacl --set 'owner@:rwp::allow u:99:wp::allow' d"
+ncheck "setrichacl --set 'u:99:a::deny owner@:rwp::allow u:99:w::allow' e"
+ncheck "setrichacl --set 'u:99:w::deny owner@:rwp::allow u:99:p::allow' f"
+
+runas -u 99 -g 99
+check "sh -c 'echo a > a' || :" <<EOF
+sh: a: Permission denied
+EOF
+ncheck "sh -c 'echo b > b' || :"
+check "sh -c 'echo c > c' || :" <<EOF
+sh: c: Permission denied
+EOF
+ncheck "sh -c 'echo d > d' || :"
+ncheck "sh -c 'echo e > e' || :"
+check "sh -c 'echo f > f' || :" <<EOF
+sh: f: Permission denied
+EOF
+
+check "sh -c 'echo A >> a' || :" <<EOF
+sh: a: Permission denied
+EOF
+check "sh -c 'echo B >> b' || :" <<EOF
+sh: b: Permission denied
+EOF
+ncheck "sh -c 'echo C >> c' || :"
+ncheck "sh -c 'echo D >> d' || :"
+check "sh -c 'echo E >> e' || :" <<EOF
+sh: e: Permission denied
+EOF
+ncheck "sh -c 'echo F >> f' || :"
+
+runas
+check "cat a b c d e f" <<EOF
+b
+C
+d
+D
+e
+F
+EOF
diff --git a/tests/generic/338 b/tests/generic/338
new file mode 100755
index 0000000..44bb102
--- /dev/null
+++ b/tests/generic/338
@@ -0,0 +1,78 @@
+#! /bin/bash
+# FS QA Test 338
+#
+# Richacl tests
+#
+#-----------------------------------------------------------------------
+# Copyright (c) 2016 Red Hat, Inc. All Rights Reserved.
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation.
+#
+# This program is distributed in the hope that it would be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write the Free Software Foundation,
+# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
+#-----------------------------------------------------------------------
+
+seq=`basename $0`
+seqres=$RESULT_DIR/$seq
+echo "QA output created by $seq"
+
+here=`pwd`
+tmp=/tmp/$$
+status=1 # failure is the default!
+trap "_cleanup; exit \$status" 0 1 2 3 15
+
+_cleanup()
+{
+ cd /
+ rm -f $tmp.*
+}
+
+# get standard environment, filters and checks
+. ./common/rc
+. ./common/filter
+
+# remove previous $seqres.full before test
+rm -f $seqres.full
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs generic
+_supported_os IRIX Linux
+_require_scratch
+
+# require getrichacl and setrichacl
+_require_scratch_richacl
+
+doit() {
+ local file=$1 status
+ echo "*** ${file##*/} ***"
+ "$@"
+ status=$?
+ echo
+ return $status
+}
+
+cd $SCRATCH_MNT
+
+failure=false
+for file in $here/richacl/*; do
+ [ -x "$file" ] || continue
+ _scratch_mount
+ doit "$file" | tee -a $seqres.full >$tmp.${file##*/}
+ if [ ${PIPESTATUS[0]} -ne 0 ]; then
+ cat $tmp.${file##*/}
+ failure=true
+ fi
+ _scratch_unmount
+done
+
+$failure || status=0
diff --git a/tests/generic/group b/tests/generic/group
index 727648c..0388b44 100644
--- a/tests/generic/group
+++ b/tests/generic/group
@@ -340,3 +340,4 @@
335 auto quick metadata
336 auto quick metadata
337 auto quick metadata
+338 richacl auto
--
2.5.0
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [XFSTESTS v4 0/4] Richacl tests
2016-03-09 12:06 [XFSTESTS v4 0/4] Richacl tests Andreas Gruenbacher
` (4 preceding siblings ...)
2016-03-09 12:06 ` [XFSTESTS v4 4/4] generic/338: " Andreas Gruenbacher
@ 2016-03-14 22:24 ` Dave Chinner
2016-03-14 23:23 ` Andreas Gruenbacher
5 siblings, 1 reply; 10+ messages in thread
From: Dave Chinner @ 2016-03-14 22:24 UTC (permalink / raw)
To: Andreas Gruenbacher; +Cc: fstests, xfs
On Wed, Mar 09, 2016 at 01:06:34PM +0100, Andreas Gruenbacher wrote:
> Hello,
>
> here is a new version of the richacl tests.
xfstests patches need to be sent to fstests@vger.kernel.org (added
to CC list), not xfs@oss.sgi.com.
> According to feedback from the
> previous posting (http://oss.sgi.com/archives/xfs/2015-12/msg00316.html), each
> of the richacl tests is not run separately, on a new scratch filesystem.
Oh, my. So, you've taken this one comment:
"The rule of thumb is that there should be one xfs test per
individual regression test. You've got at least 10 separate
regression tests there, so there should be at least 10
xfstests. They should not be aggregated into a single test
- if you need to run them all at once, then that is what the
richacl test group is for..."
And then *implemented your own execution infrastructure* so that the
tests are /listed/ as separate tests in a group file but you still
/run them/ as one test?
I'm almost lost for words.
It seems to me that you've ignored all the comments Eric and I have
made to you about properly integrating the tests into xfstests so
that they are able to be maintained by anyone who works with
xfstests. Instead, you've kept most of the wacky stuff and instead
made the richacl tests even more of a special snowflake than they
were before.
This is not rocket science, Andreas. Both Eric and I have spelt out
exactly how to convert the richacl test scripts to use xfstests
scripts and infrastructure (e.g.
http://oss.sgi.com/archives/xfs/2015-11/msg00506.html), but you seem
to be willfully ignoring the feedback you are being given. i.e.
- the separation of tests between richacl/<test> and
tests/<fs>/<test number> is wrong. Implement the
tests directly inside tests/<fs>/<test number>, using
xfstests infrastructure, please.
- still not using .out files and instead are using your own
internal frankenstein output matching to determine success
or failure. Use the xfstests infrastructure for golden
output matching, please.
- now has weird-ass richacl test execution from generic/338
and execute the tests correctly from the test harness
itself. Again, use the xfstests infrastructure correctly
rather than reinventing your own, please.
Most of this is as simple as copying the execution parts of your
scripts to the xfstests test scripts, and the output parts of the
test scripts into the test.out file. There's no new infrastructure
needed for running tests, no separate richacl/ script directory,
etc.
-Dave.
--
Dave Chinner
david@fromorbit.com
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [XFSTESTS v4 0/4] Richacl tests
2016-03-14 22:24 ` [XFSTESTS v4 0/4] Richacl tests Dave Chinner
@ 2016-03-14 23:23 ` Andreas Gruenbacher
2016-03-15 0:36 ` Eric Sandeen
2016-03-15 3:30 ` Dave Chinner
0 siblings, 2 replies; 10+ messages in thread
From: Andreas Gruenbacher @ 2016-03-14 23:23 UTC (permalink / raw)
To: Dave Chinner; +Cc: fstests, XFS Developers
On Mon, Mar 14, 2016 at 11:24 PM, Dave Chinner <david@fromorbit.com> wrote:
> On Wed, Mar 09, 2016 at 01:06:34PM +0100, Andreas Gruenbacher wrote:
>> Hello,
>>
>> here is a new version of the richacl tests.
>
> xfstests patches need to be sent to fstests@vger.kernel.org (added
> to CC list), not xfs@oss.sgi.com.
Sorry for that.
>> According to feedback from the
>> previous posting (http://oss.sgi.com/archives/xfs/2015-12/msg00316.html), each
>> of the richacl tests is not run separately, on a new scratch filesystem.
>
> Oh, my. So, you've taken this one comment:
>
> "The rule of thumb is that there should be one xfs test per
> individual regression test. You've got at least 10 separate
> regression tests there, so there should be at least 10
> xfstests. They should not be aggregated into a single test
> - if you need to run them all at once, then that is what the
> richacl test group is for..."
>
> And then *implemented your own execution infrastructure* so that the
> tests are /listed/ as separate tests in a group file but you still
> /run them/ as one test?
>
> I'm almost lost for words.
What? Each test runs separately; not sure what makes you think otherwise.
> It seems to me that you've ignored all the comments Eric and I have
> made to you about properly integrating the tests into xfstests so
> that they are able to be maintained by anyone who works with
> xfstests. Instead, you've kept most of the wacky stuff and instead
> made the richacl tests even more of a special snowflake than they
> were before.
>
> This is not rocket science, Andreas. Both Eric and I have spelt out
> exactly how to convert the richacl test scripts to use xfstests
> scripts and infrastructure (e.g.
> http://oss.sgi.com/archives/xfs/2015-11/msg00506.html), but you seem
> to be willfully ignoring the feedback you are being given. i.e.
>
> - the separation of tests between richacl/<test> and
> tests/<fs>/<test number> is wrong. Implement the
> tests directly inside tests/<fs>/<test number>, using
> xfstests infrastructure, please.
>
> - still not using .out files and instead are using your own
> internal frankenstein output matching to determine success
> or failure. Use the xfstests infrastructure for golden
> output matching, please.
>
> - now has weird-ass richacl test execution from generic/338
> and execute the tests correctly from the test harness
> itself. Again, use the xfstests infrastructure correctly
> rather than reinventing your own, please.
>
> Most of this is as simple as copying the execution parts of your
> scripts to the xfstests test scripts, and the output parts of the
> test scripts into the test.out file. There's no new infrastructure
> needed for running tests, no separate richacl/ script directory,
> etc.
I've said again and again that maintaining one set of richacl tests in
xfstests and another in the richacl package is going to really
painful, and that because of that, I'm trying to find a way of using
the same test scripts in both places. That message obviously didn't
get through at all though. That is just sad.
Andreas
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [XFSTESTS v4 0/4] Richacl tests
2016-03-14 23:23 ` Andreas Gruenbacher
@ 2016-03-15 0:36 ` Eric Sandeen
2016-03-15 3:30 ` Dave Chinner
1 sibling, 0 replies; 10+ messages in thread
From: Eric Sandeen @ 2016-03-15 0:36 UTC (permalink / raw)
To: xfs, fstests
On 3/14/16 6:23 PM, Andreas Gruenbacher wrote:
> On Mon, Mar 14, 2016 at 11:24 PM, Dave Chinner <david@fromorbit.com> wrote:
<snip>
>> Most of this is as simple as copying the execution parts of your
>> scripts to the xfstests test scripts, and the output parts of the
>> test scripts into the test.out file. There's no new infrastructure
>> needed for running tests, no separate richacl/ script directory,
>> etc.
>
> I've said again and again that maintaining one set of richacl tests in
> xfstests and another in the richacl package is going to really
> painful, and that because of that, I'm trying to find a way of using
> the same test scripts in both places. That message obviously didn't
> get through at all though. That is just sad.
Andreas, the issue as I see it is that xfstests is a large community
project, with many users who have come to understand its implementation
and its quirks^Wconventions. It is run and maintained by many people;
over 150 authors have committed patches to the codebase. They understand
how it all works together; it is a common language.
The way you are proposing your richacl tests integration is unlike any
other tests in the codebase; you have, to some degree, spliced your own
test harness into xfstests, rather than following the advice of
"When in Rome, do as the Romans do."
This might make your life a little easier if you plan to maintain
a separate repo of tests; in the meantime it makes life harder for the
150+ people who will be running and maintaining xfstests, not your
test repo.
The advantage of xfstests is that is is a common language, warts
and all. It is run by developers and qa groups all over the world.
There is a learning curve, but many people have learned it.
Implementing your tests in this way adds a new and unique learning
curve for all those people, and will make it less likely that others
will share in the maintenance burden for these new tests.
What I would suggest is that if you have tests which test only
richacl userspace functionality, then perhaps you should keep
them private to the richacl package. For tests which test kernel
functionality, make them native to xfstests. This way you will get
good coverage and maintenance help from all the people testing
kernelspace with xfstests, and those hacking on richacls can run the
tests local to it.
This is more or less what e2fsprogs has done, and it seems to work
out ok.
-Eric
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [XFSTESTS v4 0/4] Richacl tests
2016-03-14 23:23 ` Andreas Gruenbacher
2016-03-15 0:36 ` Eric Sandeen
@ 2016-03-15 3:30 ` Dave Chinner
1 sibling, 0 replies; 10+ messages in thread
From: Dave Chinner @ 2016-03-15 3:30 UTC (permalink / raw)
To: Andreas Gruenbacher; +Cc: fstests, XFS Developers
On Tue, Mar 15, 2016 at 12:23:57AM +0100, Andreas Gruenbacher wrote:
> On Mon, Mar 14, 2016 at 11:24 PM, Dave Chinner <david@fromorbit.com> wrote:
> > On Wed, Mar 09, 2016 at 01:06:34PM +0100, Andreas Gruenbacher wrote:
> >> Hello,
> >>
> >> here is a new version of the richacl tests.
> >
> > xfstests patches need to be sent to fstests@vger.kernel.org (added
> > to CC list), not xfs@oss.sgi.com.
>
> Sorry for that.
>
> >> According to feedback from the
> >> previous posting (http://oss.sgi.com/archives/xfs/2015-12/msg00316.html), each
> >> of the richacl tests is not run separately, on a new scratch filesystem.
> >
> > Oh, my. So, you've taken this one comment:
> >
> > "The rule of thumb is that there should be one xfs test per
> > individual regression test. You've got at least 10 separate
> > regression tests there, so there should be at least 10
> > xfstests. They should not be aggregated into a single test
> > - if you need to run them all at once, then that is what the
> > richacl test group is for..."
> >
> > And then *implemented your own execution infrastructure* so that the
> > tests are /listed/ as separate tests in a group file but you still
> > /run them/ as one test?
> >
> > I'm almost lost for words.
>
> What? Each test runs separately; not sure what makes you think otherwise.
You added test generic/338, which is *not included in the group
file* and so is not run by the test harness. then you added
tests generic/339-348, which have a name suffix that matches the
script they are supposed to run located in the richacl/ directory.
tests generic/339-348 do one thing: they execute generic/338,
which then looks at the calling program name (e.g. 339-apply-masks)
strips out the test number to get the script it's supposed to run.
then it runs $here/richacl/apply-masks, captures all the
output and only if the test fails (based on the return value of
the script being run) does it dump the output of the test.
If I renumber tests on commit (which I do regularly), this
magical "run test generic/338" mechanism breaks completely. It's
fragile, unmaintainable and *completely unnecessary*.
> I've said again and again that maintaining one set of richacl tests in
> xfstests and another in the richacl package is going to really
> painful, and that because of that, I'm trying to find a way of using
> the same test scripts in both places. That message obviously didn't
> get through at all though. That is just sad.
Yes, I fully understand that's what you are trying to do. I've
already explained to you why your approached doesn't work for
xfstests, which Eric has further explained in his response.
Once we add a test to xfstests, the author *loses control* of the
test. Nobody "owns" a set of tests - anyone can modify them and we
expect that *everyone* will modify them. e.g. if someone is changing
some generic infrastructure, we don't expect them to have to
understand that there are these magical richacl tests that you can't
move or filter or change in the same way all the other hundreds of
tests can be changed. All the tests need to look the same, run the
same way, and be structured in the same way. Otherwise we are simply
setting ourselve up with a long term maintenance nightmare.
If you really need to keep an identical copy of the tests somewhere
else, then make the xfstests versions the master copy and write your
own harness wrapper around the outside of those scripts. Keeping
tests in standard format in xfstests is far more important to me
than whether they get kept in sync with some other external
package...
Cheers,
Dave.
--
Dave Chinner
david@fromorbit.com
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2016-03-15 3:31 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-03-09 12:06 [XFSTESTS v4 0/4] Richacl tests Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 1/4] Rename output file templates to match TEST.out* Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 2/4] check: Add support for tests without *.out files Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 3/4] xfs/191: Remove obsolete nfs4acl tests Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 4/4] Add richacl tests Andreas Gruenbacher
2016-03-09 12:06 ` [XFSTESTS v4 4/4] generic/338: " Andreas Gruenbacher
2016-03-14 22:24 ` [XFSTESTS v4 0/4] Richacl tests Dave Chinner
2016-03-14 23:23 ` Andreas Gruenbacher
2016-03-15 0:36 ` Eric Sandeen
2016-03-15 3:30 ` Dave Chinner
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox