3 # Run select tests by setting ONLY, or as arguments to the script.
4 # Skip specific tests by setting EXCEPT.
6 # TODO: support rootsquash test
10 export PATH=$PWD/$SRCDIR:$SRCDIR:$PWD/$SRCDIR/../utils:$PATH:/sbin
13 ALWAYS_EXCEPT=${ALWAYS_EXCEPT:-""}
14 # UPDATE THE COMMENT ABOVE WITH BUG NUMBERS WHEN CHANGING ALWAYS_EXCEPT!
16 [ "$ALWAYS_EXCEPT$EXCEPT" ] && \
17 echo "Skipping tests: `echo $ALWAYS_EXCEPT $EXCEPT`"
27 $LCTL mark "$*" 2> /dev/null || true
32 log "== test $2= `date +%H:%M:%S` ($BEFORE)"
33 export TESTNAME=test_$1
34 test_$1 || error "exit with rc=$?"
36 pass "($((`date +%s` - $BEFORE))s)"
43 for E in $EXCEPT $ALWAYS_EXCEPT; do
53 IFS=abcdefghijklmnopqrstuvwxyz _basetest $1
60 if [ ${!testname}x != x ]; then
65 if [ ${!testname}x != x ]; then
73 if [ ${!testname}x != x ]; then
74 echo "skipping excluded test $1"
78 if [ ${!testname}x != x ]; then
79 echo "skipping excluded test $1 (base $base)"
86 SANITYSECLOG=${SANITYSECLOG:-/tmp/sanity-sec.log}
88 [ "$SANITYSECLOG" ] && rm -f $SANITYSECLOG || true
91 sysctl -w lustre.fail_loc=0
92 log "FAIL: $TESTNAME $@"
93 if [ "$SANITYSECLOG" ]; then
94 echo "FAIL: $TESTNAME $@" >> $SANITYSECLOG
104 mounted_lustre_filesystems() {
105 awk '($3 ~ "lustre" && $1 ~ ":") { print $2 }' /proc/mounts
107 MOUNT="`mounted_lustre_filesystems`"
108 if [ -z "$MOUNT" ]; then
111 MOUNT="`mounted_lustre_filesystems`"
112 [ -z "$MOUNT" ] && error "NAME=$NAME not mounted"
116 [ `echo $MOUNT | wc -w` -gt 1 ] && error "NAME=$NAME mounted more than once"
119 [ -z "`echo $DIR | grep $MOUNT`" ] && echo "$DIR not in $MOUNT" && exit 99
121 if [ -z "`lsmod|grep mdt`" ]; then
122 echo "skipping $TESTNAME (remote MDT)"
126 LPROC=/proc/fs/lustre
127 ENABLE_IDENTITY=/usr/sbin/l_getidentity
128 DISABLE_IDENTITY=NONE
129 LOVNAME=`cat $LPROC/llite/*/lov/common_name | tail -n 1`
130 MDT=$(\ls $LPROC/mdt 2> /dev/null | grep -v num_refs | tail -n 1)
131 TSTDIR="$MOUNT/remote_user_dir"
132 LUSTRE_CONF_DIR=/etc/lustre
133 SETXID_CONF=$LUSTRE_CONF_DIR/setxid.conf
134 SETXID_CONF_BAK=$LUSTRE_CONF_DIR/setxid.conf.bak
135 IDENTITY_UPCALL=$LPROC/mdt/$MDT/identity_upcall
136 IDENTITY_UPCALL_BAK=`more $IDENTITY_UPCALL`
137 IDENTITY_FLUSH=$LPROC/mdt/$MDT/identity_flush
138 ROOTSQUASH_UID=$LPROC/mdt/$MDT/rootsquash_uid
139 ROOTSQUASH_GID=$LPROC/mdt/$MDT/rootsquash_gid
140 NOSQUASH_NIDS=$LPROC/mdt/$MDT/nosquash_nids
141 KRB5_REALM=`cat /etc/krb5.conf |grep default_realm| awk '{ print $3 }'`
142 USER1=`cat /etc/passwd|grep :500:|cut -d: -f1`
143 USER2=`cat /etc/passwd|grep :501:|cut -d: -f1`
147 echo "==========Please add user1 (uid=500)!=========="
148 error "==========Please add user1 (uid=500)!=========="
154 echo "==========Please add user2 (uid=501)!=========="
155 error "==========Please add user2 (uid=501)!=========="
162 if [ -f "$SETXID_CONF" ]
164 mv -f $SETXID_CONF $SETXID_CONF_BAK
166 rm -f $SETXID_CONF_BAK
168 echo $ENABLE_IDENTITY > $IDENTITY_UPCALL
169 echo 1 > $IDENTITY_FLUSH
170 $RUNAS -u 500 ls $DIR
171 $RUNAS -u 501 ls $DIR
175 # run as different user
180 chown $USER1 $DIR/d0 || error
181 $RUNAS -u 500 ls $DIR || error
182 $RUNAS -u 500 touch $DIR/f0 && error
183 $RUNAS -u 500 touch $DIR/d0/f1 || error
184 $RUNAS -u 501 touch $DIR/d0/f2 && error
185 touch $DIR/d0/f3 || error
189 $RUNAS -u 500 touch $DIR/d0/f4 || error
190 $RUNAS -u 501 touch $DIR/d0/f5 && error
191 touch $DIR/d0/f6 || error
195 run_test 0 "uid permission ============================="
202 chown $USER1 $DIR/d1 || error
203 $RUNAS -u 501 -v 500 touch $DIR/d1/f0 && error
204 echo "* 501 setuid" > $SETXID_CONF
205 echo "enable uid 501 setuid"
206 echo 1 > $IDENTITY_FLUSH
207 $RUNAS -u 501 -v 500 touch $DIR/d1/f1 || error
212 $RUNAS -u 501 -g 501 touch $DIR/d1/f2 && error
213 echo "* 501 setuid,setgid" > $SETXID_CONF
214 echo "enable uid 501 setuid,setgid"
215 echo 1 > $IDENTITY_FLUSH
216 $RUNAS -u 501 -g 501 -j 500 touch $DIR/d1/f3 || error
217 $RUNAS -u 501 -v 500 -g 501 -j 500 touch $DIR/d1/f4 || error
221 echo 1 > $IDENTITY_FLUSH
223 run_test 1 "setuid/gid ============================="
225 # lfs getfacl/setfacl
230 echo xxx > $DIR/d2/f0
233 $LFS getfacl $DIR/d2/f0 || error
234 $RUNAS -u 500 cat $DIR/d2/f0 || error
235 $RUNAS -u 500 touch $DIR/d2/f0 && error
237 $LFS setfacl -m u:$USER1:w $DIR/d2/f0 || error
238 $LFS getfacl $DIR/d2/f0 || error
239 echo "set user $USER1 write permission on file $DIR/d2/fo"
240 $RUNAS -u 500 touch $DIR/d2/f0 || error
241 $RUNAS -u 500 cat $DIR/d2/f0 && error
245 run_test 2 "lfs getfacl/setfacl ============================="
249 [ -n "$SEC" ] && echo "ignore rootsquash test for single node" && return
251 $LCTL conf_param $MDT.mdt.nosquash_nids=none
252 while grep LNET_NID_ANY $NOSQUASH_NIDS > /dev/null; do sleep 1; done
253 $LCTL conf_param $MDT.mdt.rootsquash_uid=0
254 while [ "`cat $ROOTSQUASH_UID`" -ne 0 ]; do sleep 1; done
255 $LCTL conf_param $MDT.mdt.rootsquash_gid=0
256 while [ "`cat $ROOTSQUASH_GID`" -ne 0 ]; do sleep 1; done
262 $LCTL conf_param $MDT.mdt.rootsquash_uid=500
263 echo "set rootsquash uid = 500"
264 while [ "`cat $ROOTSQUASH_UID`" -ne 500 ]; do sleep 1; done
265 touch $DIR/f3_0 && error
266 touch $DIR/d3/f3_1 || error
268 $LCTL conf_param $MDT.mdt.rootsquash_uid=0
269 echo "disable rootsquash"
270 while [ "`cat $ROOTSQUASH_UID`" -ne 0 ]; do sleep 1; done
275 $LCTL conf_param $MDT.mdt.rootsquash_uid=500
276 echo "set rootsquash uid = 500"
277 while [ "`cat $ROOTSQUASH_UID`" -ne 500 ]; do sleep 1; done
278 touch $DIR/d3/f3_2 && error
279 $LCTL conf_param $MDT.mdt.rootsquash_gid=501
280 echo "set rootsquash gid = 501"
281 while [ "`cat $ROOTSQUASH_GID`" -ne 501 ]; do sleep 1; done
282 touch $DIR/d3/f3_3 || error
284 $LCTL conf_param $MDT.mdt.nosquash_nids=*
285 echo "add host in rootsquash skip list"
286 while ! grep LNET_NID_ANY $NOSQUASH_NIDS > /dev/null;
289 touch $DIR/f3_4 || error
291 $LCTL conf_param $MDT.mdt.rootsquash_uid=0
292 while [ "`cat $ROOTSQUASH_UID`" -ne 0 ]; do sleep 1; done
293 $LCTL conf_param $MDT.mdt.rootsquash_gid=0
294 while [ "`cat $ROOTSQUASH_GID`" -ne 0 ]; do sleep 1; done
295 $LCTL conf_param $MDT.mdt.nosquash_nids=none
299 run_test 3 "rootsquash ============================="
301 # bug 3285 - supplementary group should always succeed (see do_init_ucred),
302 # NB: the supplementary groups are set for local client only, as for remote
303 # client, the groups of the specified uid on MDT will be obtained by
304 # upcall /sbin/l_getidentity and used.
309 $RUNAS -u 500 -G1,2,500 ls $DIR/d4 || error "setgroups failed"
312 run_test 4 "set supplementary group ==============="
314 log "cleanup: ======================================================"
317 if [ -f "$SETXID_CONF_BAK" ]
319 mv -f $SETXID_CONF_BAK $SETXID_CONF
321 echo $IDENTITY_UPCALL_BAK > $IDENTITY_UPCALL
322 echo 1 > $IDENTITY_FLUSH
323 $RUNAS -u 500 ls $DIR
324 $RUNAS -u 501 ls $DIR
328 if [ "$S_MOUNTED" = "yes" ]; then
329 cleanupall -f || error "cleanup failed"
332 echo '=========================== finished ==============================='