Change ZFS behaviour to match UFS: when moving (rename(2)) a subdirectory

from one parent directory to another, in addition to the usual access checks
one also needs write access to the subdirectory being moved.

Approved by:    rwatson (mentor), pjd

sys/cddl/contrib/opensolaris/uts/common/fs/zfs/zfs_acl.c

@@ -1580,7 +1580,14 @@ zfs_zaccess_rename(znode_t *sdzp, znode_t *szp, znode_t *tdzp,
 	/*
 	 * Rename permissions are combination of delete permission +
 	 * add file/subdir permission.
+	 *
+	 * BSD operating systems also require write permission
+	 * on the directory being moved.
 	 */
+	if (ZTOV(szp)->v_type == VDIR) {
+		if (error = zfs_zaccess(szp, ACE_WRITE_DATA, cr))
+			return (error);
+	}
 
 	/*
 	 * first make sure we do the delete portion.

tools/regression/fstest/tests/rename/21.t

@@ -0,0 +1,38 @@
+#!/bin/sh
+# $FreeBSD$
+
+desc="write access to subdirectory is required to move it to another directory"
+
+dir=`dirname $0`
+. ${dir}/../misc.sh
+
+echo "1..12"
+
+n0=`namegen`
+n1=`namegen`
+n2=`namegen`
+n3=`namegen`
+
+expect 0 mkdir ${n2} 0777
+expect 0 mkdir ${n3} 0777
+cdir=`pwd`
+
+# Check that write permission on containing directory (${n2}) is not enough
+# to move subdirectory (${n0}) from that directory.
+expect 0 mkdir ${n2}/${n0} 0700
+expect EACCES -u  65534 -g 65534 rename ${n2}/${n0} ${n3}/${n0}
+
+expect 0 rmdir ${n2}/${n0}
+expect ENOENT rmdir ${n2}/${n0}
+
+# Check that write permission on containing directory (${n2}) is enough
+# to move file (${n0}) from that directory.
+expect 0 create ${n2}/${n0} 0755
+expect 0 -u  65534 -g 65534 rename ${n2}/${n0} ${n3}/${n0}
+
+expect 0 unlink ${n3}/${n0}
+expect ENOENT unlink ${n2}/${n0}
+
+expect 0 rmdir ${n3}
+expect 0 rmdir ${n2}
+