diff --git a/tests/sys/cddl/zfs/tests/delegate/delegate_common.kshlib b/tests/sys/cddl/zfs/tests/delegate/delegate_common.kshlib index 5b7a19e84c5b..58179d6366c1 100644 --- a/tests/sys/cddl/zfs/tests/delegate/delegate_common.kshlib +++ b/tests/sys/cddl/zfs/tests/delegate/delegate_common.kshlib @@ -159,11 +159,9 @@ function user_run { typeset user=$1 typeset group=$($GROUPS $user) - shift - eval \$RUNWATTR -u \$user -g \$group \"$@\" > /dev/null 2>&1 - return $? + sudo -u $user -g $group $@ } function common_perm @@ -251,7 +249,7 @@ function check_fs_perm ret=$? ;; promote) - verify_fs_promote $user $perm $fs + verify_promote $user $perm $fs ret=$? ;; canmount) @@ -336,7 +334,7 @@ function check_vol_perm ret=$? ;; promote) - verify_vol_promote $user $perm $vol + verify_promote $user $perm $vol ret=$? ;; volsize) @@ -358,6 +356,8 @@ function check_vol_perm function setup_unallow_testenv { + typeset dtst + log_must restore_root_datasets log_must $ZFS create $SUBFS @@ -403,8 +403,9 @@ function verify_send typeset bak_user=$TMPDIR/bak.$user.$stamp typeset bak_root=$TMPDIR/bak.root.$stamp - user_run $user eval "$ZFS send $snap > $bak_user" + user_run $user $ZFS send $snap > $bak_user log_must eval "$ZFS send $snap > $bak_root" + log_must $ZFS destroy $snap if [[ $(checksum $bak_user) == $(checksum $bak_root) ]]; then ret=0 @@ -422,6 +423,7 @@ function verify_fs_receive typeset perm=$2 typeset fs=$3 + typeset dtst typeset oldval typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') typeset newfs=$fs/newfs.$stamp @@ -444,27 +446,27 @@ function verify_fs_receive log_must eval "$ZFS send $dtstsnap > $bak_root" log_must $ZFS destroy -rf $dtst - user_run $user eval "$ZFS receive $dtst < $bak_root" + user_run $user $ZFS receive $dtst < $bak_root if datasetexists $dtstsnap ; then return 1 fi log_must $ZFS allow $user create $fs - user_run $user eval "$ZFS receive $dtst < $bak_root" + user_run $user $ZFS receive $dtst < $bak_root log_must $ZFS unallow $user create $fs if datasetexists $dtstsnap ; then return 1 fi log_must $ZFS allow $user mount $fs - user_run $user eval "$ZFS receive $dtst < $bak_root" + user_run $user $ZFS receive $dtst < $bak_root log_must $ZFS unallow $user mount $fs if datasetexists $dtstsnap ; then return 1 fi log_must $ZFS allow $user mount,create $fs - user_run $user eval "$ZFS receive $dtst < $bak_root" + user_run $user $ZFS receive $dtst < $bak_root log_must $ZFS unallow $user mount,create $fs if ! datasetexists $dtstsnap ; then return 1 @@ -500,6 +502,7 @@ function verify_userprop if [[ $stamp != $(get_prop "$user:ts" $dtst) ]]; then return 1 fi + log_must $ZFS inherit "$user:ts" $dtst return 0 } @@ -581,7 +584,6 @@ function verify_fs_create typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') typeset newfs=$fs/nfs.$stamp typeset newvol=$fs/nvol.$stamp - typeset check_refrev=false user_run $user $ZFS create $newfs if datasetexists $newfs ; then @@ -594,9 +596,6 @@ function verify_fs_create if ! datasetexists $newfs ; then return 1 fi - if support_refrev $newfs; then - check_refrev=true - fi log_must $ZFS destroy $newfs if is_global_zone ; then @@ -635,26 +634,20 @@ function verify_fs_create return 1 fi - if [[ $check_refrev == true ]]; then - log_must $ZFS allow $user refreservation $fs - user_run $user $ZFS create -V 150m $newvol - log_must $ZFS unallow $user refreservation $fs - if datasetexists $newvol ; then - return 1 - fi + log_must $ZFS allow $user refreservation $fs + user_run $user $ZFS create -V 150m $newvol + log_must $ZFS unallow $user refreservation $fs + if datasetexists $newvol ; then + return 1 fi log_must $ZFS allow $user mount $fs log_must $ZFS allow $user reservation $fs - if [[ $check_refrev == true ]]; then - log_must $ZFS allow $user refreservation $fs - fi + log_must $ZFS allow $user refreservation $fs user_run $user $ZFS create -V 150m $newvol log_must $ZFS unallow $user mount $fs log_must $ZFS unallow $user reservation $fs - if [[ $check_refrev == true ]]; then - log_must $ZFS unallow $user refreservation $fs - fi + log_must $ZFS unallow $user refreservation $fs if ! datasetexists $newvol ; then return 1 fi @@ -708,13 +701,6 @@ function verify_fs_snapshot log_must $ZFS umount $fs fi user_run $user $ZFS snapshot $snap - if datasetexists $snap ; then - return 1 - fi - - log_must $ZFS allow $user mount $fs - user_run $user $ZFS snapshot $snap - log_must $ZFS unallow $user mount $fs if ! datasetexists $snap ; then return 1 fi @@ -724,31 +710,20 @@ function verify_fs_snapshot log_must $ZFS mount $fs fi user_run $user $ZFS snapshot $snap - if datasetexists $snap ; then - return 1 - fi - - log_must $ZFS allow $user mount $fs - user_run $user $ZFS snapshot $snap - log_must $ZFS unallow $user mount $fs if ! datasetexists $snap ; then return 1 fi log_must $ZFS destroy $snap - typeset snapdir=${mntpt}/$(get_snapdir_name)/snap.$stamp - user_run $user $MKDIR $snapdir - if datasetexists $snap ; then - return 1 - fi - - log_must $ZFS allow $user mount $fs - user_run $user $MKDIR $snapdir - log_must $ZFS unallow $user mount $fs - if ! datasetexists $snap ; then - return 1 - fi - log_must $ZFS destroy $snap + # TODO + # FreeBSD does not yet support creating snapshots with mkdir. + # See tests/sys/cddl/zfs/tests/snapshot/snapshot_015_pos.ksh + # typeset snapdir=${mntpt}/$(get_snapdir_name)/snap.$stamp + # user_run $user $MKDIR $snapdir + # if ! datasetexists $snap ; then + # return 1 + # fi + # log_must $ZFS destroy $snap return 0 } @@ -773,23 +748,14 @@ function verify_fs_rollback log_must $TOUCH $mntpt/testfile.$stamp user_run $user $ZFS rollback -R $snap - $SLEEP 10 - if is_global_zone ; then - if [[ $oldval == $(datasetcksum $fs) ]]; then - return 1 - fi - else - # datasetcksum can not be used in local zone - if [[ ! -e $mntpt/testfile.$stamp ]]; then - return 1 - fi + if [[ -e $mntpt/testfile.$stamp ]]; then + return 1 fi # rollback on mounted fs has to be with mount permission log_must $ZFS allow $user mount $fs user_run $user $ZFS rollback -R $snap log_must $ZFS unallow $user mount $fs - $SLEEP 10 if is_global_zone ; then if [[ $oldval != $(datasetcksum $fs) ]]; then return 1 @@ -1083,7 +1049,7 @@ function verify_fs_mountpoint return 0 } -function verify_fs_promote +function verify_promote { typeset user=$1 typeset perm=$2 @@ -1102,13 +1068,14 @@ function verify_fs_promote typeset clone_orig=$(get_prop origin $clone) user_run $user $ZFS promote $fs - # promote should fail if original fs does not have - # promote permission + # promote should fail if original fs does not have mount and promote + # permissions if [[ $fs_orig != $(get_prop origin $fs) || \ $clone_orig != $(get_prop origin $clone) ]]; then return 1 fi + # promote should fail if original fs does not have mount permission log_must $ZFS allow $user promote $clone user_run $user $ZFS promote $fs log_must $ZFS unallow $user promote $clone @@ -1117,6 +1084,7 @@ function verify_fs_promote return 1 fi + # promote should fail if original fs does not have promote permission log_must $ZFS allow $user mount $fs user_run $user $ZFS promote $fs log_must $ZFS unallow $user mount $fs @@ -1503,16 +1471,10 @@ function verify_vol_snapshot typeset snap=$vol@snap.$stamp user_run $user $ZFS snapshot $snap - if datasetexists $snap ; then - return 1 - fi - - log_must $ZFS allow $user mount $vol - user_run $user $ZFS snapshot $snap - log_must $ZFS unallow $user mount $vol if ! datasetexists $snap ; then return 1 fi + log_must $ZFS destroy $snap return 0 } @@ -1535,16 +1497,6 @@ function verify_vol_rollback bs=512 count=1 user_run $user $ZFS rollback -R $snap - $SLEEP 10 - if [[ $oldval == $(datasetcksum $vol) ]]; then - return 1 - fi - - # rollback on volume has to be with mount permission - log_must $ZFS allow $user mount $vol - user_run $user $ZFS rollback -R $snap - $SLEEP 10 - log_must $ZFS unallow $user mount $vol if [[ $oldval != $(datasetcksum $vol) ]]; then return 1 fi @@ -1645,130 +1597,6 @@ function verify_vol_rename return 0 } -function verify_vol_promote -{ - typeset user=$1 - typeset perm=$2 - typeset vol=$3 - - typeset stamp=${perm}.${user}.$($DATE +'%F-%R:%S') - typeset basevol=${vol%/*} - typeset snap=$vol@snap.$stamp - typeset clone=$basevol/cvol.$stamp - - log_must $ZFS snapshot $snap - log_must $ZFS clone $snap $clone - log_must $ZFS promote $clone - - typeset vol_orig=$(get_prop origin $vol) - typeset clone_orig=$(get_prop origin $clone) - - # promote should fail if $vol and $clone - # miss either mount or promote permission - # case 1 - user_run $user $ZFS promote $vol - if [[ $vol_orig != $(get_prop origin $vol) || \ - $clone_orig != $(get_prop origin $clone) ]]; - then - return 1 - fi - - # promote should fail if $vol and $clone - # miss either mount or promote permission - # case 2 - log_must $ZFS allow $user promote $clone - user_run $user $ZFS promote $vol - log_must $ZFS unallow $user promote $clone - if [[ $vol_orig != $(get_prop origin $vol) || \ - $clone_orig != $(get_prop origin $clone) ]]; - then - return 1 - fi - - # promote should fail if $vol and $clone - # miss either mount or promote permission - # case 3 - log_must $ZFS allow $user mount $vol - user_run $user $ZFS promote $vol - log_must $ZFS unallow $user mount $vol - if [[ $vol_orig != $(get_prop origin $vol) || \ - $clone_orig != $(get_prop origin $clone) ]]; - then - return 1 - fi - - # promote should fail if $vol and $clone - # miss either mount or promote permission - # case 4 - log_must $ZFS allow $user mount $clone - user_run $user $ZFS promote $vol - log_must $ZFS unallow $user mount $clone - if [[ $vol_orig != $(get_prop origin $vol) || \ - $clone_orig != $(get_prop origin $clone) ]]; - then - return 1 - fi - - # promote should fail if $vol and $clone - # miss either mount or promote permission - # case 5 - log_must $ZFS allow $user promote $clone - log_must $ZFS allow $user mount $vol - user_run $user $ZFS promote $vol - log_must $ZFS unallow $user promote $clone - log_must $ZFS unallow $user mount $vol - if [[ $vol_orig != $(get_prop origin $vol) || \ - $clone_orig != $(get_prop origin $clone) ]]; - then - return 1 - fi - - # promote should fail if $vol and $clone - # miss either mount or promote permission - # case 6 - log_must $ZFS allow $user promote $clone - log_must $ZFS allow $user mount $clone - user_run $user $ZFS promote $vol - log_must $ZFS unallow $user promote $clone - log_must $ZFS unallow $user mount $vol - if [[ $vol_orig != $(get_prop origin $vol) || \ - $clone_orig != $(get_prop origin $clone) ]]; - then - return 1 - fi - - # promote should fail if $vol and $clone - # miss either mount or promote permission - # case 7 - log_must $ZFS allow $user mount $vol - log_must $ZFS allow $user mount $clone - user_run $user $ZFS promote $vol - log_must $ZFS unallow $user mount $vol - log_must $ZFS unallow $user mount $clone - if [[ $vol_orig != $(get_prop origin $vol) || \ - $clone_orig != $(get_prop origin $clone) ]]; - then - return 1 - fi - - # promote only succeeds when $vol and $clone - # have both mount and promote permission - # case 8 - log_must $ZFS allow $user promote $clone - log_must $ZFS allow $user mount $vol - log_must $ZFS allow $user mount $clone - user_run $user $ZFS promote $vol - log_must $ZFS unallow $user promote $clone - log_must $ZFS unallow $user mount $vol - log_must $ZFS unallow $user mount $clone - if [[ $snap != $(get_prop origin $clone) || \ - $clone_orig != $(get_prop origin $vol) ]]; then - return 1 - fi - - return 0 -} - function verify_vol_volsize { typeset user=$1 @@ -1779,17 +1607,9 @@ function verify_vol_volsize oldval=$(get_prop volsize $vol) (( newval = oldval * 2 )) - typeset check_refrev=false - if support_refrev $vol; then - check_refrev=true - fi typeset reserv_size - if [[ $check_refrev == true ]]; then - reserv_size=$(get_prop refreservation $vol) - else - reserv_size=$(get_prop reservation $vol) - fi + reserv_size=$(get_prop refreservation $vol) if [[ "0" == $reserv_size ]]; then # sparse volume @@ -1803,20 +1623,16 @@ function verify_vol_volsize # normal volume, reservation permission # is required user_run $user $ZFS set volsize=$newval $vol - if [[ $newval == $(get_prop volsize $vol) ]]; + zfs get -p volsize $vol + if [[ $newval != $(get_prop volsize $vol) ]]; then return 1 fi - log_must $ZFS allow $user reservation $vol - if [[ $check_refrev == true ]]; then - log_must $ZFS allow $user refreservation $vol - fi + log_must $ZFS allow $user refreservation $vol user_run $user $ZFS set volsize=$newval $vol log_must $ZFS unallow $user reservation $vol - if [[ $check_refrev == true ]]; then - log_must $ZFS unallow $user refreservation $vol - fi + log_must $ZFS unallow $user refreservation $vol if [[ $oldval == $(get_prop volsize $vol) ]]; then return 1 @@ -1888,15 +1704,3 @@ function verify_allow return 0 } - -function support_refrev -{ - typeset dataset=$1 - - $ZFS get refreservation $dataset > /dev/null 2>&1 - if (( $? != 0 )); then - return 1 - fi - - return 0 -} diff --git a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_001_pos.ksh b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_001_pos.ksh index fdc9b7f00119..f572d037fee2 100644 --- a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_001_pos.ksh +++ b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_001_pos.ksh @@ -67,8 +67,6 @@ function cleanup if [[ $group_added == "TRUE" ]] ; then del_group everyone fi - - restore_root_datasets } log_assert "everyone' is interpreted as a keyword even if a user " \ @@ -111,7 +109,6 @@ for dtst in $DATASETS ; do log_must $ZFS allow everyone $perms $dtst log_must verify_perm $dtst $perms $EVERYONE done -log_must restore_root_datasets if [[ $group_added == "TRUE" ]]; then log_must $GROUPDEL everyone fi diff --git a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_002_pos.ksh b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_002_pos.ksh index ed1648c447a8..da769473dee2 100644 --- a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_002_pos.ksh +++ b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_002_pos.ksh @@ -65,8 +65,6 @@ function cleanup if $ID $STAFF_GROUP > /dev/null 2>&1; then log_must del_user $STAFF_GROUP fi - - restore_root_datasets } log_assert " is interpreted as user if possible, then as group." diff --git a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_003_pos.ksh b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_003_pos.ksh index 6bc558ae9d59..efd31c3857b9 100644 --- a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_003_pos.ksh +++ b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_003_pos.ksh @@ -60,7 +60,6 @@ verify_runnable "both" log_assert "Verify option '-l' only allow permission to the dataset itself." -log_onexit restore_root_datasets childfs=$ROOT_TESTFS/childfs @@ -74,10 +73,6 @@ else allow,userprop" fi -if check_version "5.10" ; then - perms="${perms},send" -fi - log_must $ZFS create $childfs for dtst in $DATASETS ; do @@ -113,6 +108,4 @@ for dtst in $DATASETS ; do fi done -log_must restore_root_datasets - log_pass "Verify option '-l' only allow permission to the dataset itself pass." diff --git a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_007_pos.ksh b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_007_pos.ksh index 00d6d8b0210a..7f4d70e02a01 100644 --- a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_007_pos.ksh +++ b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_007_pos.ksh @@ -65,7 +65,6 @@ verify_runnable "both" log_assert "Verify permission set can be masked on descendent dataset." -log_onexit restore_root_datasets typeset perms1="snapshot,reservation,compression" eval set -A dataset $DATASETS diff --git a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_010_pos.ksh b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_010_pos.ksh index f03e559bc6d4..6c000c1ea586 100644 --- a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_010_pos.ksh +++ b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_010_pos.ksh @@ -60,7 +60,6 @@ verify_runnable "both" log_assert "Verify privileged user has correct permissions once which was "\ "delegated to him in datasets" -log_onexit restore_root_datasets # # Results in Results in @@ -79,7 +78,6 @@ set -A perms create true false \ compression true true \ canmount true false \ atime true false \ - devices true false \ exec true false \ volsize false true \ setuid true false \ @@ -92,16 +90,14 @@ set -A perms create true false \ clone true true \ rename true true \ promote true true \ - zoned true false \ - shareiscsi true true \ - xattr true false \ receive true false \ destroy true true -if is_global_zone; then - typeset -i n=${#perms[@]} - perms[((n))]="sharenfs"; perms[((n+1))]="true"; perms[((n+2))]="false" - perms[((n+3))]="share"; perms[((n+4))]="true"; perms[((n+5))]="false" -fi + # TODO: shareiscsi is not yet supported on FreeBSD + # shareiscsi true true +# the sharenfs test is Solaris-specific. TODO: port it to FreeBSD. +#typeset -i n=${#perms[@]} +#perms[((n))]="sharenfs"; perms[((n+1))]="true"; perms[((n+2))]="false" +#perms[((n+3))]="share"; perms[((n+4))]="true"; perms[((n+5))]="false" for dtst in $DATASETS; do typeset -i k=1 diff --git a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_012_neg.ksh b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_012_neg.ksh index 6a25ab10529d..37feb0180b08 100644 --- a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_012_neg.ksh +++ b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_012_neg.ksh @@ -56,24 +56,16 @@ # ################################################################################ -verify_runnable "global" - -function cleanup -{ - log_must $ZPOOL set delegation=on $TESTPOOL - log_must restore_root_datasets -} - log_assert "Verify privileged user can not use permissions properly when " \ "delegation property is set off" -log_onexit cleanup - set -A perms create snapshot mount send allow quota reservation \ recordsize mountpoint checksum compression canmount atime \ devices exec volsize setuid readonly snapdir userprop \ aclmode aclinherit rollback clone rename promote \ - zoned shareiscsi xattr receive destroy sharenfs share + xattr receive destroy +# TODO: add sharenfs and share after the Solarisisms have been removed from +# those tests log_must $ZPOOL set delegation=off $TESTPOOL diff --git a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_test.sh b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_test.sh index d30eaa73ae3d..601705d354be 100755 --- a/tests/sys/cddl/zfs/tests/delegate/zfs_allow_test.sh +++ b/tests/sys/cddl/zfs/tests/delegate/zfs_allow_test.sh @@ -30,7 +30,7 @@ atf_test_case zfs_allow_001_pos cleanup zfs_allow_001_pos_head() { atf_set "descr" "everyone' is interpreted as a keyword even if a useror group named 'everyone' exists." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_allow_001_pos_body() { @@ -56,7 +56,7 @@ atf_test_case zfs_allow_002_pos cleanup zfs_allow_002_pos_head() { atf_set "descr" " is interpreted as user if possible, then as group." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_allow_002_pos_body() { @@ -82,7 +82,7 @@ atf_test_case zfs_allow_003_pos cleanup zfs_allow_003_pos_head() { atf_set "descr" "Verify option '-l' only allow permission to the dataset itself." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_allow_003_pos_body() { @@ -108,7 +108,7 @@ atf_test_case zfs_allow_004_pos cleanup zfs_allow_004_pos_head() { atf_set "descr" "Verify option '-d' allow permission to the descendent datasets." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_allow_004_pos_body() { @@ -134,7 +134,7 @@ atf_test_case zfs_allow_005_pos cleanup zfs_allow_005_pos_head() { atf_set "descr" "Verify option '-c' will be granted locally to the creator." - atf_set "require.progs" zfs svcs runwattr + atf_set "require.progs" zfs sudo } zfs_allow_005_pos_body() { @@ -160,7 +160,7 @@ atf_test_case zfs_allow_006_pos cleanup zfs_allow_006_pos_head() { atf_set "descr" "Changing permissions in a set will change what is allowedwherever the set is used." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_allow_006_pos_body() { @@ -186,7 +186,7 @@ atf_test_case zfs_allow_007_pos cleanup zfs_allow_007_pos_head() { atf_set "descr" "Verify permission set can be masked on descendent dataset." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_allow_007_pos_body() { @@ -212,7 +212,7 @@ atf_test_case zfs_allow_008_pos cleanup zfs_allow_008_pos_head() { atf_set "descr" "Verify non-root user can allow permissions." - atf_set "require.progs" zfs svcs runwattr + atf_set "require.progs" zfs sudo } zfs_allow_008_pos_body() { @@ -238,7 +238,7 @@ atf_test_case zfs_allow_009_neg cleanup zfs_allow_009_neg_head() { atf_set "descr" "Verify invalid arguments are handled correctly." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_allow_009_neg_body() { @@ -263,8 +263,8 @@ zfs_allow_009_neg_cleanup() atf_test_case zfs_allow_010_pos cleanup zfs_allow_010_pos_head() { - atf_set "descr" "Verify privileged user has correct permissions once which wasdelegated to him in datasets" - atf_set "require.progs" zfs svcs + atf_set "descr" "Verify privileged user has correct permissions once which was delegated to him in datasets" + atf_set "require.progs" zfs sudo } zfs_allow_010_pos_body() { @@ -289,8 +289,8 @@ zfs_allow_010_pos_cleanup() atf_test_case zfs_allow_011_neg cleanup zfs_allow_011_neg_head() { - atf_set "descr" "Verify zpool subcmds and system readonly properties can't bedelegated." - atf_set "require.progs" zfs svcs + atf_set "descr" "Verify zpool subcmds and system readonly properties can't be delegated." + atf_set "require.progs" zfs sudo } zfs_allow_011_neg_body() { @@ -315,8 +315,8 @@ zfs_allow_011_neg_cleanup() atf_test_case zfs_allow_012_neg cleanup zfs_allow_012_neg_head() { - atf_set "descr" "Verify privileged user can not use permissions properly whendelegation property is set off" - atf_set "require.progs" zfs zpool svcs + atf_set "descr" "Verify privileged user can not use permissions properly when delegation property is set off" + atf_set "require.progs" zfs sudo } zfs_allow_012_neg_body() { diff --git a/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_007_neg.ksh b/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_007_neg.ksh index cf5d132687cb..53457eeafde9 100644 --- a/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_007_neg.ksh +++ b/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_007_neg.ksh @@ -62,7 +62,7 @@ log_assert "zfs unallow won't remove those permissions which inherited from " \ "its parent dataset." log_onexit restore_root_datasets -perm1="atime,devices"; perm2="compression,checksum" +perm1="atime"; perm2="compression,checksum" log_must $ZFS create $SUBFS log_must $ZFS allow $STAFF1 $perm1 $ROOT_TESTFS log_must $ZFS allow $STAFF1 $perm2 $SUBFS diff --git a/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_test.sh b/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_test.sh index 5de6a9ad47ac..4c91fc2d802b 100755 --- a/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_test.sh +++ b/tests/sys/cddl/zfs/tests/delegate/zfs_unallow_test.sh @@ -30,7 +30,7 @@ atf_test_case zfs_unallow_001_pos cleanup zfs_unallow_001_pos_head() { atf_set "descr" "Verify '-l' only removed the local permissions." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_unallow_001_pos_body() { @@ -56,7 +56,7 @@ atf_test_case zfs_unallow_002_pos cleanup zfs_unallow_002_pos_head() { atf_set "descr" "Verify '-d' only removed the descendent permissions." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_unallow_002_pos_body() { @@ -82,7 +82,7 @@ atf_test_case zfs_unallow_003_pos cleanup zfs_unallow_003_pos_head() { atf_set "descr" "Verify options '-r' and '-l'+'-d' will unallow permission tothis dataset and the descendent datasets." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_unallow_003_pos_body() { @@ -108,7 +108,7 @@ atf_test_case zfs_unallow_004_pos cleanup zfs_unallow_004_pos_head() { atf_set "descr" "Verify '-s' will remove permissions from the named set." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_unallow_004_pos_body() { @@ -134,7 +134,7 @@ atf_test_case zfs_unallow_005_pos cleanup zfs_unallow_005_pos_head() { atf_set "descr" "Verify option '-c' will remove the created permission set." - atf_set "require.progs" zfs svcs runwattr + atf_set "require.progs" zfs sudo } zfs_unallow_005_pos_body() { @@ -160,7 +160,7 @@ atf_test_case zfs_unallow_006_pos cleanup zfs_unallow_006_pos_head() { atf_set "descr" "Verify option '-u', '-g' and '-e' only removed the specified typepermissions set." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_unallow_006_pos_body() { @@ -186,7 +186,7 @@ atf_test_case zfs_unallow_007_neg cleanup zfs_unallow_007_neg_head() { atf_set "descr" "zfs unallow won't remove those permissions which inherited fromits parent dataset." - atf_set "require.progs" zfs svcs + atf_set "require.progs" zfs sudo } zfs_unallow_007_neg_body() { @@ -212,7 +212,7 @@ atf_test_case zfs_unallow_008_neg cleanup zfs_unallow_008_neg_head() { atf_set "descr" "zfs unallow can handle invalid arguments." - atf_set "require.progs" zfs svcs runwattr + atf_set "require.progs" zfs sudo } zfs_unallow_008_neg_body() {