Permalink
Browse files

Add tests numeric userids and some user namespace preparation

In the future this can also test `zfs mount` and
`zfs create` without mountpoint=legacy

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
  • Loading branch information...
Blub committed Nov 14, 2017
1 parent 49b2ba2 commit cdaf74b90a873c74d81a523e372f9d063e3e2146
@@ -825,7 +825,7 @@ tests = ['upgrade_userobj_001_pos', 'upgrade_projectquota_001_pos']
tags = ['functional', 'upgrade']
[tests/functional/user_namespace]
tests = ['user_namespace_001']
tests = ['user_namespace_001', 'user_namespace_002']
tags = ['functional', 'user_namespace']
[tests/functional/userquota]
@@ -2,7 +2,8 @@ pkgdatadir = $(datadir)/@PACKAGE@/zfs-tests/tests/functional/user_namespace
dist_pkgdata_SCRIPTS = \
setup.ksh \
cleanup.ksh \
user_namespace_001.ksh
user_namespace_001.ksh \
user_namespace_002.ksh
dist_pkgdata_DATA = \
user_namespace_common.kshlib \
@@ -21,3 +21,5 @@
export ROOT_UID=100000
export OTHER_UID=101000
export USER_TESTFS=$TESTPOOL/$TESTFS/user
export USER_TESTDIR=$TESTDIR/user
@@ -0,0 +1,54 @@
#!/bin/ksh -p
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
. $STF_SUITE/tests/functional/user_namespace/user_namespace_common.kshlib
#
#
# DESCRIPTION:
# Test delegated permissions with user namespaces.
#
#
# STRATEGY:
# 1. Create datasets for users.
# 2. Delegate permissions to the unprivileged root user using numeric ids.
# 3. Try to create, mount and destroy datasets
#
verify_runnable "both"
log_assert "Check delegated permissions in user namespaces"
log_must zfs create $USER_TESTFS
log_must chown $ROOT_UID:$ROOT_UID $USER_TESTDIR
log_mustnot user_ns_exec zfs create $USER_TESTFS/subset
typeset perms="create,destroy,mount,mountpoint"
log_must zfs allow -u $ROOT_UID $perms $USER_TESTFS
log_must user_ns_exec zfs create -o mountpoint=legacy $USER_TESTFS/subset
log_must user_ns_exec zfs destroy $USER_TESTFS/subset
log_must zfs unallow -u $ROOT_UID $perms $USER_TESTFS
log_must zfs destroy $USER_TESTFS
log_pass "Check delegated permissions in user namespaces"

0 comments on commit cdaf74b

Please sign in to comment.