178 lines
8.2 KiB
Bash
Executable File
178 lines
8.2 KiB
Bash
Executable File
#!/bin/bash
|
|
# this script tests fperm and dperm configuration options
|
|
|
|
|
|
. `dirname $0`/../testenv.sh
|
|
|
|
CONFDIR=$TESTDIR/tools/cgconfigparser/cgconfigparser_conf_files
|
|
|
|
# permissions test
|
|
function check_perm()
|
|
{
|
|
STEP=$1
|
|
FILENAME=$2
|
|
EXPECTED_PERM=$3
|
|
EXPECTED_UID=$4
|
|
EXPECTED_GID=$5
|
|
REAL_PERM=`stat -c "%a" $FILENAME`
|
|
REAL_UID=`stat -c "%U" $FILENAME`
|
|
REAL_GID=`stat -c "%G" $FILENAME`
|
|
if [ "$EXPECTED_PERM" != "$REAL_PERM" ]; then
|
|
die "$STEP: Wrong permissions of $FILENAME,"\
|
|
" expected $EXPECTED_PERM, actual $REAL_PERM"
|
|
fi
|
|
if [ "$EXPECTED_UID" != "$REAL_UID" ]; then
|
|
die "$STEP: Wrong uid of $FILENAME,"\
|
|
" expected $EXPECTED_UID, actual $REAL_UID"
|
|
fi
|
|
if [ "$EXPECTED_GID" != "$REAL_GID" ]; then
|
|
die "$STEP: Wrong gid of $FILENAME,"\
|
|
" expected $EXPECTED_GID, actual $REAL_GID"
|
|
fi
|
|
}
|
|
|
|
# all mount points are in /$TMP/cgroups
|
|
mkdir /$TMP/cgroups/ 2>/dev/null
|
|
|
|
# STEP1: simple config file without default section
|
|
$TOOLSDIR/cgconfigparser -l `prepare_config $CONFDIR/permissions.conf` || \
|
|
die "STEP1: cgconfigparser -l $CONFDIR/permissions.conf failed"
|
|
check_perm "STEP1" "/$TMP/cgroups/cpu/daemons/www" 770 root root
|
|
check_perm "STEP1" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 666 root root
|
|
check_perm "STEP1" "/$TMP/cgroups/cpu/daemons/www/tasks" 640 root nobody
|
|
|
|
check_perm "STEP1" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
|
|
check_perm "STEP1" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
|
|
check_perm "STEP1" "/$TMP/cgroups/cpu/daemons/ftp/tasks" 264 root nobody
|
|
|
|
$TOOLSDIR/cgclear || die "STEP1: cgclear failed"
|
|
|
|
# STEP2: config file with one default section
|
|
$TOOLSDIR/cgconfigparser -l `prepare_config $CONFDIR/permissions_default1.conf` || \
|
|
die "STEP2: cgconfigparser -l $CONFDIR/permissions_default1.conf failed"
|
|
|
|
check_perm "STEP2" "/$TMP/cgroups/cpu/daemons/www" 757 nobody nobody
|
|
check_perm "STEP2" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 646 nobody nobody
|
|
check_perm "STEP2" "/$TMP/cgroups/cpu/daemons/www/tasks" 646 nobody nobody
|
|
|
|
check_perm "STEP2" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
|
|
check_perm "STEP2" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
|
|
check_perm "STEP2" "/$TMP/cgroups/cpu/daemons/ftp/tasks" 264 root root
|
|
|
|
check_perm "STEP2" "/$TMP/cgroups/cpu/daemons/ssh" 757 root nobody
|
|
check_perm "STEP2" "/$TMP/cgroups/cpu/daemons/ssh/cpu.shares" 426 root nobody
|
|
check_perm "STEP2" "/$TMP/cgroups/cpu/daemons/ssh/tasks" 264 root nobody
|
|
|
|
$TOOLSDIR/cgclear || die "cgclear failed"
|
|
|
|
# STEP3: config file with two default sections - the last wins
|
|
$TOOLSDIR/cgconfigparser -l `prepare_config $CONFDIR/permissions_default2.conf` || \
|
|
die "STEP3: cgconfigparser -l $CONFDIR/permissions_default2.conf failed"
|
|
|
|
check_perm "STEP3" "/$TMP/cgroups/cpu/daemons/www" 757 nobody nobody
|
|
check_perm "STEP3" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 646 nobody nobody
|
|
check_perm "STEP3" "/$TMP/cgroups/cpu/daemons/www/tasks" 646 nobody nobody
|
|
|
|
check_perm "STEP3" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
|
|
check_perm "STEP3" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
|
|
check_perm "STEP3" "/$TMP/cgroups/cpu/daemons/ftp/tasks" 264 root root
|
|
|
|
check_perm "STEP3" "/$TMP/cgroups/cpu/daemons/ssh" 757 root nobody
|
|
check_perm "STEP3" "/$TMP/cgroups/cpu/daemons/ssh/cpu.shares" 426 root nobody
|
|
check_perm "STEP3" "/$TMP/cgroups/cpu/daemons/ssh/tasks" 264 root nobody
|
|
|
|
$TOOLSDIR/cgclear || die "cgclear failed"
|
|
|
|
# STEP4: config file with one default section, now with SUID and SGID bits
|
|
$TOOLSDIR/cgconfigparser -l `prepare_config $CONFDIR/permissions_default3.conf` || \
|
|
die "STEP4: cgconfigparser -l $CONFDIR/permissions_default3.conf failed"
|
|
|
|
check_perm "STEP4" "/$TMP/cgroups/cpu/daemons/www" 2757 nobody nobody
|
|
check_perm "STEP4" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 7646 nobody nobody
|
|
check_perm "STEP4" "/$TMP/cgroups/cpu/daemons/www/tasks" 1646 nobody nobody
|
|
|
|
check_perm "STEP4" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
|
|
check_perm "STEP4" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
|
|
check_perm "STEP4" "/$TMP/cgroups/cpu/daemons/ftp/tasks" 264 root root
|
|
|
|
check_perm "STEP4" "/$TMP/cgroups/cpu/daemons/ssh" 2757 root nobody
|
|
check_perm "STEP4" "/$TMP/cgroups/cpu/daemons/ssh/cpu.shares" 426 root nobody
|
|
check_perm "STEP4" "/$TMP/cgroups/cpu/daemons/ssh/tasks" 264 root nobody
|
|
|
|
$TOOLSDIR/cgclear || die "cgclear failed"
|
|
|
|
# STEP5: config file without default section, but with -a -t params
|
|
$TOOLSDIR/cgconfigparser -l `prepare_config $CONFDIR/permissions_default4.conf` -t nobody:nobody -a nobody:nobody -d 757 -f 757 || \
|
|
die "STEP5: cgconfigparser -l $CONFDIR/permissions_default4.conf failed"
|
|
|
|
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/www" 757 nobody nobody
|
|
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 646 nobody nobody
|
|
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/www/tasks" 644 nobody nobody
|
|
|
|
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
|
|
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
|
|
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/ftp/tasks" 264 root root
|
|
|
|
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/ssh" 757 root nobody
|
|
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/ssh/cpu.shares" 426 root nobody
|
|
check_perm "STEP5" "/$TMP/cgroups/cpu/daemons/ssh/tasks" 264 root nobody
|
|
|
|
$TOOLSDIR/cgclear || die "cgclear failed"
|
|
|
|
# STEP6: config file without default section, but with -a -t params and sticky bit
|
|
$TOOLSDIR/cgconfigparser -l `prepare_config $CONFDIR/permissions_default4.conf` -t nobody:nobody -a nobody:nobody -d 2757 -f 7757 || \
|
|
die "STEP6: cgconfigparser -l $CONFDIR/permissions_default4.conf failed"
|
|
|
|
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/www" 2757 nobody nobody
|
|
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 7646 nobody nobody
|
|
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/www/tasks" 644 nobody nobody
|
|
|
|
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
|
|
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
|
|
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/ftp/tasks" 264 root root
|
|
|
|
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/ssh" 2757 root nobody
|
|
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/ssh/cpu.shares" 426 root nobody
|
|
check_perm "STEP6" "/$TMP/cgroups/cpu/daemons/ssh/tasks" 264 root nobody
|
|
|
|
$TOOLSDIR/cgclear || die "cgclear failed"
|
|
|
|
# STEP7: config file without default section, but with only -d params (=-f is taken from umask)
|
|
$TOOLSDIR/cgconfigparser -l `prepare_config $CONFDIR/permissions_default4.conf` -t nobody:nobody -a nobody:nobody -d 757 || \
|
|
die "STEP7: cgconfigparser -l $CONFDIR/permissions_default4.conf failed"
|
|
|
|
check_perm "STEP7" "/$TMP/cgroups/cpu/daemons/www" 757 nobody nobody
|
|
check_perm "STEP7" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 644 nobody nobody
|
|
check_perm "STEP7" "/$TMP/cgroups/cpu/daemons/www/tasks" 644 nobody nobody
|
|
|
|
check_perm "STEP7" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
|
|
check_perm "STEP7" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
|
|
check_perm "STEP7" "/$TMP/cgroups/cpu/daemons/ftp/tasks" 264 root root
|
|
|
|
check_perm "STEP7" "/$TMP/cgroups/cpu/daemons/ssh" 757 root nobody
|
|
check_perm "STEP7" "/$TMP/cgroups/cpu/daemons/ssh/cpu.shares" 426 root nobody
|
|
check_perm "STEP7" "/$TMP/cgroups/cpu/daemons/ssh/tasks" 264 root nobody
|
|
|
|
$TOOLSDIR/cgclear || die "cgclear failed"
|
|
|
|
# STEP8: config file without default section, but with -f, -d and -t
|
|
$TOOLSDIR/cgconfigparser -l `prepare_config $CONFDIR/permissions_default4.conf` -t nobody:nobody -a nobody:nobody -d 757 -f 757 -s 7247 || \
|
|
die "STEP8: cgconfigparser -l $CONFDIR/permissions_default4.conf failed"
|
|
|
|
check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/www" 757 nobody nobody
|
|
check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/www/cpu.shares" 646 nobody nobody
|
|
check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/www/tasks" 7246 nobody nobody
|
|
|
|
check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ftp" 742 root root
|
|
check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ftp/cpu.shares" 426 root root
|
|
check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ftp/tasks" 264 root root
|
|
|
|
check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ssh" 757 root nobody
|
|
check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ssh/cpu.shares" 426 root nobody
|
|
check_perm "STEP8" "/$TMP/cgroups/cpu/daemons/ssh/tasks" 264 root nobody
|
|
|
|
$TOOLSDIR/cgclear || die "cgclear failed"
|
|
|
|
cleanup
|
|
exit 0
|