diff options
author | Niels de Vos <ndevos@redhat.com> | 2014-12-26 12:57:48 +0100 |
---|---|---|
committer | Vijay Bellur <vbellur@redhat.com> | 2015-01-06 03:24:24 -0800 |
commit | 64954eb3c58f4ef077e54e8a3726fd2d27419b12 (patch) | |
tree | 52cd5a39bbfda7442a5f0955ac2800b74a45b58a /tests/bugs/snapshot/bug-1167580-set-proper-uid-and-gid-during-nfs-access.t | |
parent | c4ab37c02e9edc23d0637e23d6f2b42d0827dad2 (diff) |
tests: move all test-cases into component subdirectories
There are around 300 regression tests, 250 being in tests/bugs. Running
partial set of tests/bugs is not easy because this is a flat directory
with almost all tests inside.
It would be valuable to make partial test/bugs easier, and allow the use
of mulitple build hosts for a single commit, each running a subset of
the tests for a quicker result.
Additional changes made:
- correct the include path for *.rc shell libraries and *.py utils
- make the testcases pass checkpatch
- arequal-checksum in afr/self-heal.t was never executed, now it is
- include.rc now complains loudly if it fails to find env.rc
Change-Id: I26ffd067e9853d3be1fd63b2f37d8aa0fd1b4fea
BUG: 1178685
Reported-by: Emmanuel Dreyfus <manu@netbsd.org>
Reported-by: Atin Mukherjee <amukherj@redhat.com>
URL: http://www.gluster.org/pipermail/gluster-devel/2014-December/043414.html
Signed-off-by: Niels de Vos <ndevos@redhat.com>
Reviewed-on: http://review.gluster.org/9353
Reviewed-by: Kaleb KEITHLEY <kkeithle@redhat.com>
Reviewed-by: Emmanuel Dreyfus <manu@netbsd.org>
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Vijay Bellur <vbellur@redhat.com>
Diffstat (limited to 'tests/bugs/snapshot/bug-1167580-set-proper-uid-and-gid-during-nfs-access.t')
-rw-r--r-- | tests/bugs/snapshot/bug-1167580-set-proper-uid-and-gid-during-nfs-access.t | 201 |
1 files changed, 201 insertions, 0 deletions
diff --git a/tests/bugs/snapshot/bug-1167580-set-proper-uid-and-gid-during-nfs-access.t b/tests/bugs/snapshot/bug-1167580-set-proper-uid-and-gid-during-nfs-access.t new file mode 100644 index 00000000000..b15d3a85151 --- /dev/null +++ b/tests/bugs/snapshot/bug-1167580-set-proper-uid-and-gid-during-nfs-access.t @@ -0,0 +1,201 @@ +#!/bin/bash +. $(dirname $0)/../../include.rc +. $(dirname $0)/../../nfs.rc +. $(dirname $0)/../../volume.rc +. $(dirname $0)/../../snapshot.rc + +# This function returns a value "Y" if user can execute +# the given command. Else it will return "N" +# @arg-1 : Name of the user +# @arg-2 : Path of the file +# @arg-3 : command to be executed +function check_if_permitted () { + local usr=$1 + local path=$2 + local cmd=$3 + local var + local ret + var=$(su - $usr -c "$cmd $path") + ret=$? + + if [ "$cmd" == "cat" ] + then + if [ "$var" == "Test" ] + then + echo "Y" + else + echo "N" + fi + else + if [ "$ret" == "0" ] + then + echo "Y" + else + echo "N" + fi + fi +} + +# Create a directory in /tmp to specify which directory to make +# as home directory for user +home_dir=$(cat /dev/urandom | tr -dc 'a-zA-Z' | fold -w 8 | head -n 1) +home_dir="/tmp/bug-1167580-$home_dir" +mkdir $home_dir + +function get_new_user() { + local temp=$(cat /dev/urandom | tr -dc 'a-zA-Z' | fold -w 8 | head -n 1) + id $temp + if [ "$?" == "0" ] + then + get_new_user + else + echo $temp + fi +} + +function create_user() { + local user=$1 + local group=$2 + + if [ "$group" == "" ] + then + useradd -d $home_dir/$user $user + else + useradd -d $home_dir/$user -G $group $user + fi + + return $? +} + +cleanup; + +TEST setup_lvm 1 +TEST glusterd + +TEST $CLI volume create $V0 $H0:$L1 +TEST $CLI volume start $V0 + +# Mount the volume as both fuse and nfs mount +EXPECT_WITHIN $NFS_EXPORT_TIMEOUT "1" is_nfs_export_available +TEST glusterfs -s $H0 --volfile-id $V0 $M0 +TEST mount_nfs $H0:/$V0 $N0 nolock + +# Create 2 user +user1=$(get_new_user) +create_user $user1 +user2=$(get_new_user) +create_user $user2 + +# create a file for which only user1 has access +echo "Test" > $M0/README +chown $user1 $M0/README +chmod 700 $M0/README + +# enable uss and take a snapshot +TEST $CLI volume set $V0 uss enable +TEST $CLI snapshot config activate-on-create on +TEST $CLI snapshot create snap1 $V0 + +# try to access the file using user1 account. +# It should succeed with both normal mount and snapshot world. +# There is time delay in which snapd might not have got the notification +# from glusterd about snapshot create hence using "EXPECT_WITHIN" +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "Y" check_if_permitted $user1 $M0/README cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "Y" check_if_permitted $user1 $N0/README cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "Y" check_if_permitted $user1 $M0/.snaps/snap1/README cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "Y" check_if_permitted $user1 $N0/.snaps/snap1/README cat + + +# try to access the file using user2 account +# It should fail from both normal mount and snapshot world +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user2 $M0/README cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user2 $N0/README cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user2 $M0/.snaps/snap1/README cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user2 $N0/.snaps/snap1/README cat + +# We need to test another scenario where user belonging to one group +# tries to access files from user belonging to another group +# instead of using the already created users and making the test case look complex +# I thought of using two different users. + +# The test case written below does the following things +# 1) Create 2 users (user{3,4}), belonging to 2 different groups (group{3,4}) +# 2) Take a snapshot "snap2" +# 3) Create a file for which only users belonging to group3 have +# permission to read +# 4) Test various combinations of Read-Write, Fuse-NFS mount, User{3,4,5} +# from both normal mount, and USS world. + +echo "Test" > $M0/file3 + +chmod 740 $M0/file3 + +group3=$(get_new_user) +groupadd $group3 + +group4=$(get_new_user) +groupadd $group4 + +user3=$(get_new_user) +create_user $user3 $group3 + +user4=$(get_new_user) +create_user $user4 $group4 + +user5=$(get_new_user) +create_user $user5 + +chgrp $group3 $M0/file3 + +TEST $CLI snapshot create snap2 $V0 + +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "Y" check_if_permitted $user3 $M0/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "Y" check_if_permitted $user3 $M0/.snaps/snap2/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user3 $M0/file3 "echo Hello >" +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user3 $M0/.snaps/snap2/file3 "echo Hello >" +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "Y" check_if_permitted $user3 $N0/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "Y" check_if_permitted $user3 $N0/.snaps/snap2/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user3 $N0/file3 "echo Hello >" +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user3 $N0/.snaps/snap2/file3 "echo Hello >" + + +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user4 $M0/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user4 $M0/.snaps/snap2/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user4 $M0/file3 "echo Hello >" +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user4 $M0/.snaps/snap2/file3 "echo Hello >" +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user4 $N0/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user4 $N0/.snaps/snap2/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user4 $N0/file3 "echo Hello >" +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user4 $N0/.snaps/snap2/file3 "echo Hello >" + +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user5 $M0/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user5 $M0/.snaps/snap2/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user5 $M0/file3 "echo Hello >" +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user5 $M0/.snaps/snap2/file3 "echo Hello >" +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user5 $N0/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user5 $N0/.snaps/snap2/file3 cat +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user5 $N0/file3 "echo Hello >" +EXPECT_WITHIN $PROCESS_UP_TIMEOUT "N" check_if_permitted $user5 $N0/.snaps/snap2/file3 "echo Hello >" + +# cleanup +/usr/sbin/userdel -f -r $user1 +/usr/sbin/userdel -f -r $user2 +/usr/sbin/userdel -f -r $user3 +/usr/sbin/userdel -f -r $user4 +/usr/sbin/userdel -f -r $user5 + +#cleanup all the home directory which is created as part of this test case +if [ -d "$home_dir" ] +then + rm -rf $home_dir +fi + + +groupdel $group3 +groupdel $group4 + +TEST $CLI snapshot delete all + +cleanup; + + |