1197436Strasz# Copyright (c) 2008, 2009 Edward Tomasz Napiera��a <trasz@FreeBSD.org> 2197436Strasz# All rights reserved. 3197436Strasz# 4197436Strasz# Redistribution and use in source and binary forms, with or without 5197436Strasz# modification, are permitted provided that the following conditions 6197436Strasz# are met: 7197436Strasz# 1. Redistributions of source code must retain the above copyright 8197436Strasz# notice, this list of conditions and the following disclaimer. 9197436Strasz# 2. Redistributions in binary form must reproduce the above copyright 10197436Strasz# notice, this list of conditions and the following disclaimer in the 11197436Strasz# documentation and/or other materials provided with the distribution. 12197436Strasz# 13197436Strasz# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 14197436Strasz# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 15197436Strasz# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 16197436Strasz# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 17197436Strasz# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 18197436Strasz# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 19197436Strasz# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 20197436Strasz# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 21197436Strasz# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 22197436Strasz# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 23197436Strasz# SUCH DAMAGE. 24197436Strasz# 25197436Strasz# $FreeBSD$ 26197436Strasz# 27197436Strasz 28197436Strasz# This is a tools-level test intended to verify that cp(1) and mv(1) 29197436Strasz# do the right thing with respect to ACLs. Run it as root using 30197436Strasz# ACL-enabled kernel: 31197436Strasz# 32197436Strasz# /usr/src/tools/regression/acltools/run /usr/src/tools/regression/acltools/tools-nfs4.test 33197436Strasz# 34197436Strasz# You need to have three subdirectories, named nfs4, posix and none, 35197436Strasz# with filesystems with NFSv4 ACLs, POSIX.1e ACLs and no ACLs enabled, 36197436Strasz# respectively, mounted on them, in your current directory. 37197436Strasz# 38197436Strasz# WARNING: Creates files in unsafe way. 39197436Strasz 40197436Strasz$ whoami 41197436Strasz> root 42197436Strasz$ umask 022 43197436Strasz 44197436Strasz$ touch nfs4/xxx 45197436Strasz$ getfacl -nq nfs4/xxx 46288314Sngie> owner@:rw-p--aARWcCos:-------:allow 47288314Sngie> group@:r-----a-R-c--s:-------:allow 48288314Sngie> everyone@:r-----a-R-c--s:-------:allow 49197436Strasz 50197436Strasz$ touch posix/xxx 51197436Strasz$ getfacl -nq posix/xxx 52197436Strasz> user::rw- 53197436Strasz> group::r-- 54197436Strasz> other::r-- 55197436Strasz 56201048Strasz# mv with POSIX.1e ACLs. 57201048Strasz$ rm -f posix/xxx 58201048Strasz$ rm -f posix/yyy 59201048Strasz$ touch posix/xxx 60201048Strasz$ chmod 456 posix/xxx 61197436Strasz$ ls -l posix/xxx | cut -d' ' -f1 62197436Strasz> -r--r-xrw- 63197436Strasz$ setfacl -m u:42:x,g:43:w posix/xxx 64197436Strasz$ mv posix/xxx posix/yyy 65197436Strasz$ getfacl -nq posix/yyy 66197436Strasz> user::r-- 67197436Strasz> user:42:--x 68197436Strasz> group::r-x 69197436Strasz> group:43:-w- 70197436Strasz> mask::rwx 71197436Strasz> other::rw- 72201048Strasz$ ls -l posix/yyy | cut -d' ' -f1 73201048Strasz> -r--rwxrw-+ 74197436Strasz 75201048Strasz# mv from POSIX.1e to none. 76201048Strasz$ rm -f posix/xxx 77201048Strasz$ rm -f none/xxx 78201048Strasz$ touch posix/xxx 79201048Strasz$ chmod 345 posix/xxx 80201048Strasz$ setfacl -m u:42:x,g:43:w posix/xxx 81201048Strasz$ ls -l posix/xxx | cut -d' ' -f1 82201048Strasz> --wxrwxr-x+ 83201048Strasz$ mv posix/xxx none/xxx 84201048Strasz> mv: failed to set acl entries for none/xxx: Operation not supported 85201048Strasz$ ls -l none/xxx | cut -d' ' -f1 86201048Strasz> --wxrwxr-x 87201048Strasz 88197436Strasz# mv from POSIX.1e to NFSv4. 89201048Strasz$ rm -f posix/xxx 90197436Strasz$ rm -f nfs4/xxx 91201048Strasz$ touch posix/xxx 92201048Strasz$ chmod 456 posix/xxx 93201048Strasz$ setfacl -m u:42:x,g:43:w posix/xxx 94201048Strasz$ ls -l posix/xxx | cut -d' ' -f1 95201048Strasz> -r--rwxrw-+ 96197436Strasz$ mv posix/yyy nfs4/xxx 97197436Strasz> mv: failed to set acl entries for nfs4/xxx: Invalid argument 98197436Strasz$ getfacl -nq nfs4/xxx 99288314Sngie> owner@:-wxp----------:-------:deny 100288314Sngie> owner@:r-----aARWcCos:-------:allow 101288314Sngie> group@:rwxp--a-R-c--s:-------:allow 102288314Sngie> everyone@:rw-p--a-R-c--s:-------:allow 103201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 104201048Strasz> -r--rwxrw- 105197436Strasz 106197436Strasz# mv with NFSv4 ACLs. 107201048Strasz$ rm -f nfs4/xxx 108201048Strasz$ rm -f nfs4/yyy 109201048Strasz$ touch nfs4/xxx 110197436Strasz$ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx 111197436Strasz$ mv nfs4/xxx nfs4/yyy 112197436Strasz$ getfacl -nq nfs4/yyy 113288314Sngie> user:42:--x-----------:-------:allow 114288314Sngie> group:43:-w------------:-------:allow 115288314Sngie> owner@:rw-p--aARWcCos:-------:allow 116288314Sngie> group@:r-----a-R-c--s:-------:allow 117288314Sngie> everyone@:r-----a-R-c--s:-------:allow 118201048Strasz$ ls -l nfs4/yyy | cut -d' ' -f1 119201048Strasz> -rw-r--r--+ 120197436Strasz 121201048Strasz# mv from NFSv4 to POSIX.1e without any ACLs. 122201048Strasz$ rm -f nfs4/xxx 123197436Strasz$ rm -f posix/xxx 124201048Strasz$ touch nfs4/xxx 125201048Strasz$ chmod 456 nfs4/xxx 126201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 127201048Strasz> -r--r-xrw- 128201048Strasz$ mv nfs4/xxx posix/xxx 129197436Strasz$ ls -l posix/xxx | cut -d' ' -f1 130201048Strasz> -r--r-xrw- 131197436Strasz 132201048Strasz# mv from NFSv4 to none. 133201048Strasz$ rm -f nfs4/xxx 134201048Strasz$ rm -f none/xxx 135201048Strasz$ touch nfs4/xxx 136201048Strasz$ chmod 345 nfs4/xxx 137201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 138201048Strasz> --wxr--r-x 139201048Strasz$ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx 140201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 141201048Strasz> --wxr--r-x+ 142201048Strasz$ mv nfs4/xxx none/xxx 143197436Strasz> mv: failed to set acl entries for none/xxx: Operation not supported 144197436Strasz$ ls -l none/xxx | cut -d' ' -f1 145201048Strasz> --wxr--r-x 146197436Strasz 147201048Strasz# mv from NFSv4 to POSIX.1e. 148201048Strasz$ rm -f nfs4/xxx 149201048Strasz$ rm -f posix/xxx 150201048Strasz$ touch nfs4/xxx 151201048Strasz$ chmod 345 nfs4/xxx 152201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 153201048Strasz> --wxr--r-x 154201048Strasz$ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx 155201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 156201048Strasz> --wxr--r-x+ 157201048Strasz$ mv nfs4/xxx posix/xxx 158201048Strasz> mv: failed to set acl entries for posix/xxx: Invalid argument 159201048Strasz$ ls -l posix/xxx | cut -d' ' -f1 160201048Strasz> --wxr--r-x 161201048Strasz 162197436Strasz# cp with POSIX.1e ACLs. 163197436Strasz$ rm -f posix/xxx 164201048Strasz$ rm -f posix/yyy 165197436Strasz$ touch posix/xxx 166197436Strasz$ setfacl -m u:42:x,g:43:w posix/xxx 167201048Strasz$ ls -l posix/xxx | cut -d' ' -f1 168201048Strasz> -rw-rwxr--+ 169201048Strasz$ cp posix/xxx posix/yyy 170201048Strasz$ ls -l posix/yyy | cut -d' ' -f1 171201048Strasz> -rw-r-xr-- 172201048Strasz 173201048Strasz# cp -p with POSIX.1e ACLs. 174201048Strasz$ rm -f posix/xxx 175201048Strasz$ rm -f posix/yyy 176201048Strasz$ touch posix/xxx 177201048Strasz$ setfacl -m u:42:x,g:43:w posix/xxx 178197436Strasz$ getfacl -nq posix/xxx 179197436Strasz> user::rw- 180197436Strasz> user:42:--x 181197436Strasz> group::r-- 182197436Strasz> group:43:-w- 183197436Strasz> mask::rwx 184197436Strasz> other::r-- 185201048Strasz$ ls -l posix/xxx | cut -d' ' -f1 186201048Strasz> -rw-rwxr--+ 187197436Strasz$ cp -p posix/xxx posix/yyy 188197436Strasz$ getfacl -nq posix/yyy 189197436Strasz> user::rw- 190197436Strasz> user:42:--x 191197436Strasz> group::r-- 192197436Strasz> group:43:-w- 193197436Strasz> mask::rwx 194197436Strasz> other::r-- 195201048Strasz$ ls -l posix/yyy | cut -d' ' -f1 196201048Strasz> -rw-rwxr--+ 197197436Strasz 198201048Strasz# cp from POSIX.1e to none. 199201048Strasz$ rm -f posix/xxx 200201048Strasz$ rm -f none/xxx 201201048Strasz$ touch posix/xxx 202201048Strasz$ setfacl -m u:42:x,g:43:w posix/xxx 203201048Strasz$ ls -l posix/xxx | cut -d' ' -f1 204201048Strasz> -rw-rwxr--+ 205201048Strasz$ cp posix/xxx none/xxx 206201048Strasz$ ls -l none/xxx | cut -d' ' -f1 207201048Strasz> -rw-r-xr-- 208201048Strasz 209201048Strasz# cp -p from POSIX.1e to none. 210201048Strasz$ rm -f posix/xxx 211201048Strasz$ rm -f none/xxx 212201048Strasz$ touch posix/xxx 213201048Strasz$ setfacl -m u:42:x,g:43:w posix/xxx 214201048Strasz$ ls -l posix/xxx | cut -d' ' -f1 215201048Strasz> -rw-rwxr--+ 216201048Strasz$ cp -p posix/xxx none/xxx 217201048Strasz> cp: failed to set acl entries for none/xxx: Operation not supported 218201048Strasz$ ls -l none/xxx | cut -d' ' -f1 219201048Strasz> -rw-rwxr-- 220201048Strasz 221201048Strasz# cp from POSIX.1e to NFSv4. 222201048Strasz$ rm -f posix/xxx 223197436Strasz$ rm -f nfs4/xxx 224201048Strasz$ touch posix/xxx 225201048Strasz$ setfacl -m u:42:x,g:43:w posix/xxx 226201048Strasz$ ls -l posix/xxx | cut -d' ' -f1 227201048Strasz> -rw-rwxr--+ 228201048Strasz$ cp posix/xxx nfs4/xxx 229201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 230201048Strasz> -rw-r-xr-- 231201048Strasz 232201048Strasz# cp -p from POSIX.1e to NFSv4. 233201048Strasz$ rm -f posix/xxx 234201048Strasz$ rm -f nfs4/xxx 235201048Strasz$ touch posix/xxx 236201048Strasz$ setfacl -m u:42:x,g:43:w posix/xxx 237201048Strasz$ ls -l posix/xxx | cut -d' ' -f1 238201048Strasz> -rw-rwxr--+ 239197436Strasz$ cp -p posix/xxx nfs4/xxx 240197436Strasz> cp: failed to set acl entries for nfs4/xxx: Invalid argument 241197436Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 242197436Strasz> -rw-rwxr-- 243197436Strasz 244197436Strasz# cp with NFSv4 ACLs. 245201048Strasz$ rm -f nfs4/xxx 246201048Strasz$ rm -f nfs4/yyy 247201048Strasz$ touch nfs4/xxx 248201048Strasz$ chmod 543 nfs4/xxx 249197436Strasz$ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx 250201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 251201048Strasz> -r-xr---wx+ 252201048Strasz$ cp nfs4/xxx nfs4/yyy 253201048Strasz$ ls -l nfs4/yyy | cut -d' ' -f1 254201048Strasz> -r-xr----x 255201048Strasz 256201048Strasz# cp -p with NFSv4 ACLs. 257201048Strasz$ rm -f nfs4/xxx 258197436Strasz$ rm -f nfs4/yyy 259201048Strasz$ touch nfs4/xxx 260201048Strasz$ chmod 543 nfs4/xxx 261201048Strasz$ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx 262197436Strasz$ cp -p nfs4/xxx nfs4/yyy 263197436Strasz$ getfacl -nq nfs4/yyy 264288314Sngie> user:42:--x-----------:-------:allow 265288314Sngie> group:43:-w------------:-------:allow 266288314Sngie> owner@:--x-----------:-------:allow 267288314Sngie> owner@:-w-p----------:-------:deny 268288314Sngie> group@:-wxp----------:-------:deny 269288314Sngie> owner@:r-x---aARWcCos:-------:allow 270288314Sngie> group@:r-----a-R-c--s:-------:allow 271288314Sngie> everyone@:-wxp--a-R-c--s:-------:allow 272201048Strasz$ ls -l nfs4/yyy | cut -d' ' -f1 273201048Strasz> -r-xr---wx+ 274197436Strasz 275201048Strasz# cp from NFSv4 to none. 276201048Strasz$ rm -f nfs4/xxx 277201048Strasz$ rm -f none/xxx 278201048Strasz$ touch nfs4/xxx 279201048Strasz$ chmod 543 nfs4/xxx 280201048Strasz$ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx 281201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 282201048Strasz> -r-xr---wx+ 283201048Strasz$ cp nfs4/xxx none/xxx 284201048Strasz$ ls -l none/xxx | cut -d' ' -f1 285201048Strasz> -r-xr----x 286201048Strasz 287201048Strasz# cp -p from NFSv4 to none. 288201048Strasz$ rm -f nfs4/xxx 289201048Strasz$ rm -f none/xxx 290201048Strasz$ touch nfs4/xxx 291201048Strasz$ chmod 543 nfs4/xxx 292201048Strasz$ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx 293201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 294201048Strasz> -r-xr---wx+ 295201048Strasz$ cp -p nfs4/xxx none/xxx 296201048Strasz> cp: failed to set acl entries for none/xxx: Operation not supported 297201048Strasz$ ls -l none/xxx | cut -d' ' -f1 298201048Strasz> -r-xr---wx 299201048Strasz 300197436Strasz# cp from NFSv4 to POSIX.1e. 301201048Strasz$ rm -f nfs4/xxx 302197436Strasz$ rm -f posix/xxx 303201048Strasz$ touch nfs4/xxx 304201048Strasz$ chmod 543 nfs4/xxx 305201048Strasz$ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx 306201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 307201048Strasz> -r-xr---wx+ 308201048Strasz$ cp nfs4/xxx posix/xxx 309201048Strasz$ ls -l posix/xxx | cut -d' ' -f1 310201048Strasz> -r-xr----x 311201048Strasz 312201048Strasz# cp -p from NFSv4 to POSIX.1e. 313201048Strasz$ rm -f nfs4/xxx 314201048Strasz$ rm -f posix/xxx 315201048Strasz$ touch nfs4/xxx 316201048Strasz$ chmod 543 nfs4/xxx 317201048Strasz$ setfacl -a0 u:42:x:allow,g:43:w:allow nfs4/xxx 318201048Strasz$ ls -l nfs4/xxx | cut -d' ' -f1 319201048Strasz> -r-xr---wx+ 320197436Strasz$ cp -p nfs4/xxx posix/xxx 321197436Strasz> cp: failed to set acl entries for posix/xxx: Invalid argument 322197436Strasz$ ls -l posix/xxx | cut -d' ' -f1 323201048Strasz> -r-xr---wx 324