1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
samba-mirror/source3/script/tests/test_acl_xattr.sh
Andreas Schneider facc2c002c s3:tests: Reformat test_acl_xattr.sh
shfmt -f source3/script/| xargs shfmt -w -p -i 0 -fn

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
2022-05-02 23:15:37 +00:00

157 lines
5.1 KiB
Bash
Executable File

#!/bin/sh
# this tests acl_xattr config parameter "ignore system acl"
if [ $# -lt 6 ]; then
cat <<EOF
Usage: $0 SERVER USERNAME PASSWORD PREFIX SMBCLIENT SMBCACLS
EOF
exit 1
fi
SERVER="$1"
USERNAME="$2"
PASSWORD="$3"
PREFIX="$4"
SMBCLIENT="$5"
SMBCACLS="$6"
shift 6
ADDARGS="$*"
SMBCLIENT="$VALGRIND ${SMBCLIENT} ${ADDARGS}"
SMBCACLS="$VALGRIND ${SMBCACLS} ${ADDARGS}"
incdir=$(dirname $0)/../../../testprogs/blackbox
. $incdir/subunit.sh
setup_remote_file()
{
local share=$1
local fname="$share.$$"
local local_fname=$PREFIX/$fname
touch $local_fname
$SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "rm $fname"
$SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "ls" | grep "$fname" && exit 1
$SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "lcd $PREFIX; put $fname" || exit 1
}
smbcacls_x()
{
local share=$1
local fname="$share.$$"
# skip with SMB1
echo "$ADDARGS" | grep mNT1 && exit 0
$SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD "$fname" -x || exit 1
mxac=$($SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD "$fname" -x | awk '/Maximum access/ {print $3}')
echo "mxac: $mxac"
if test "$mxac" != "0x1f01ff"; then
exit 1
fi
}
nt_affects_posix()
{
local share=$1
local expected=$2
local b4
local af
local fname="$share.$$"
b4=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "posix; getfacl $fname" 2>/dev/null) || exit 1
$SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -a "ACL:$SERVER\force_user:ALLOWED/0x0/READ" 2>/dev/null || exit 1
af=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "posix; getfacl $fname" 2>/dev/null) || exit 1
echo "before: $b4"
echo "after: $af"
echo "${b4}" | grep -q "^# owner:" || exit 1
echo "${af}" | grep -q "^# owner:" || exit 1
if test "$expected" = "true"; then
test "$b4" != "$af"
else
test "$b4" = "$af"
fi
}
nt_affects_chown()
{
local share=$1
local b4_expected
local af_expected
local b4_actual
local af_actual
local fname="$share.$$"
echo -n "determining uid of $USERNAME..."
b4_expected=$(getent passwd $USERNAME) || exit 1
b4_expected=$(echo "$b4_expected" | awk -F: '{print $3}')
echo "$b4_expected"
echo -n "determining uid of force_user..."
af_expected=$(getent passwd force_user) || exit 1
af_expected=$(echo "$af_expected" | awk -F: '{print $3}')
echo "$af_expected"
#basic sanity...
test "$b4_expected != $af_expected" || exit 1
b4_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "posix; getfacl $fname" 2>/dev/null) || exit 1
echo "${b4_actual}" | grep -q "^# owner:" || exit 1
b4_actual=$(echo "$b4_actual" | sed -rn 's/^# owner: (.*)/\1/p')
$SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -a "ACL:$SERVER\force_user:ALLOWED/0x0/FULL" || exit 1
$SMBCACLS //$SERVER/$share $fname -U force_user%$PASSWORD -C force_user 2>/dev/null || exit 1
af_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "posix; getfacl $fname" 2>/dev/null) || exit 1
echo "${af_actual}" | grep -q "^# owner:" || exit 1
af_actual=$(echo "$af_actual" | sed -rn 's/^# owner: (.*)/\1/p')
echo "before: $b4_actual"
echo "after: $af_actual"
test "$b4_expected" = "$b4_actual" && test "$af_expected" = "$af_actual"
}
nt_affects_chgrp()
{
local share=$1
local b4_expected
local af_expected
local b4_actual
local af_actual
local fname="$share.$$"
echo -n "determining gid of domusers..."
b4_expected=$(getent group domusers) || exit 1
b4_expected=$(echo "$b4_expected" | awk -F: '{print $3}')
echo "$b4_expected"
echo -n "determining gid of domadmins..."
af_expected=$(getent group domadmins) || exit 1
af_expected=$(echo "$af_expected" | awk -F: '{print $3}')
echo "$af_expected"
#basic sanity...
test "$b4_expected" != "$af_expected" || exit 1
b4_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "posix; getfacl $fname" 2>/dev/null) || exit 1
echo "${b4_actual}" | grep -q "^# group:" || exit 1
b4_actual=$(echo "$b4_actual" | sed -rn 's/^# group: (.*)/\1/p')
$SMBCACLS //$SERVER/$share $fname -U $USERNAME%$PASSWORD -G domadmins 2>/dev/null || exit 1
af_actual=$($SMBCLIENT //$SERVER/$share -U $USERNAME%$PASSWORD -c "posix; getfacl $fname" 2>/dev/null) || exit 1
echo "${af_actual}" | grep -q "^# group:" || exit 1
af_actual=$(echo "$af_actual" | sed -rn 's/^# group: (.*)/\1/p')
echo "before: $b4_actual"
echo "after: $af_actual"
test "$af_expected" != "$b4_actual" && test "$af_expected" = "$af_actual"
}
testit "setup remote file tmp" setup_remote_file tmp
testit "setup remote file ign_sysacls" setup_remote_file ign_sysacls
testit "smbcacls -x" smbcacls_x tmp
testit "nt_affects_posix tmp" nt_affects_posix tmp "true"
testit "nt_affects_posix ign_sysacls" nt_affects_posix ign_sysacls "false"
testit "setup remote file tmp" setup_remote_file tmp
testit "setup remote file ign_sysacls" setup_remote_file ign_sysacls
testit "nt_affects_chown tmp" nt_affects_chown tmp
testit "nt_affects_chown ign_sysacls" nt_affects_chown ign_sysacls
testit "setup remote file tmp" setup_remote_file tmp
testit "setup remote file ign_sysacls" setup_remote_file ign_sysacls
testit "nt_affects_chgrp tmp" nt_affects_chgrp tmp
testit "nt_affects_chgrp ign_sysacls" nt_affects_chgrp ign_sysacls