Make test_matches.sh into a series of TAP testcases

Use temporary filesystems / memory disks instead of a hardcoded path
which doesn't exist on test systems

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division

1 files changed, 98 insertions, 71 deletions

diff --git a/tools/regression/mac/mac_bsdextended/test_matches.sh b/tools/regression/mac/mac_bsdextended/test_matches.sh
index 99d6b62..4f47910 100644
--- a/tools/regression/mac/mac_bsdextended/test_matches.sh
+++ b/tools/regression/mac/mac_bsdextended/test_matches.sh
@@ -10,158 +10,185 @@ uidoutrange="daemon"
 gidinrange="nobody" # We expect $uidinrange in this group
 gidoutrange="daemon" # We expect $uidinrange in this group
 
-playground="/stuff/nobody/" # Must not be on root fs
-
 #
 # Setup
 #
-rm -f $playground/test*
+
+: ${TMPDIR=/tmp}
+if [ $(id -u) -ne 0 ]; then
+	echo "1..0 # SKIP test must be run as root"
+	exit 0
+fi
+if ! playground=$(mktemp -d $TMPDIR/tmp.XXXXXXX); then
+	echo "1..0 # SKIP failed to create temporary directory"
+	exit 0
+fi
+trap "rmdir $playground" EXIT INT TERM
+if ! mdmfs -s 25m md $playground; then
+	echo "1..0 # SKIP failed to mount md device"
+	exit 0
+fi
+chmod a+rwx $playground
+md_device=$(mount -p | grep "$playground" | awk '{ gsub(/^\/dev\//, "", $1); print $1 }')
+trap "umount -f $playground; mdconfig -d -u $md_device; rmdir $playground" EXIT INT TERM
+if [ -z "$md_device" ]; then
+	mount -p | grep $playground
+	echo "1..0 # md device not properly attached to the system"
+fi
+
 ugidfw remove 1
 
 file1=$playground/test-$uidinrange
 file2=$playground/test-$uidoutrange
-cat <<EOF> $playground/test-script.pl
-if (open(F, ">" . shift)) { exit 0; } else { exit 1; }
+cat > $playground/test-script.sh <<'EOF'
+#!/bin/sh
+: > $1
 EOF
-command1="perl $playground/test-script.pl $file1"
-command2="perl $playground/test-script.pl $file2"
+if [ $? -ne 0 ]; then
+	echo "1..0 # SKIP failed to create test script"
+	exit 0
+fi
+echo "1..30"
+
+command1="sh $playground/test-script.sh $file1"
+command2="sh $playground/test-script.sh $file2"
 
-echo -n "$uidinrange file: "
-su -m $uidinrange -c "$command1 && echo good"
+echo "# $uidinrange file:"
+su -m $uidinrange -c "if $command1; then echo ok; else echo not ok; fi"
 chown "$uidinrange":"$gidinrange" $file1
 chmod a+w $file1
 
-echo -n "$uidoutrange file: "
-$command2 && echo good
+echo "# $uidoutrange file:"
+if $command2; then echo ok; else echo not ok; fi
 chown "$uidoutrange":"$gidoutrange" $file2
 chmod a+w $file2
 
 #
 # No rules
 #
-echo -n "no rules $uidinrange: "
-su -fm $uidinrange -c "$command1 && echo good"
-echo -n "no rules $uidoutrange: "
-su -fm $uidoutrange -c "$command1 && echo good"
+echo "# no rules $uidinrange:"
+su -fm $uidinrange -c "if $command1; then echo ok; else echo not ok; fi"
+echo "# no rules $uidoutrange:"
+su -fm $uidoutrange -c "if $command1; then echo ok; else echo not ok; fi"
 
 #
 # Subject Match on uid
 #
 ugidfw set 1 subject uid $uidrange object mode rasx
-echo -n "subject uid in range: "
-su -fm $uidinrange -c "$command1 || echo good"
-echo -n "subject uid out range: "
-su -fm $uidoutrange -c "$command1 && echo good"
+echo "# subject uid in range:"
+su -fm $uidinrange -c "if $command1; then echo not ok; else echo ok; fi"
+echo "# subject uid out range:"
+su -fm $uidoutrange -c "if $command1; then echo ok; else echo not ok; fi"
 
 #
 # Subject Match on gid
 #
 ugidfw set 1 subject gid $gidrange object mode rasx
-echo -n "subject gid in range: "
-su -fm $uidinrange -c "$command1 || echo good"
-echo -n "subject gid out range: "
-su -fm $uidoutrange -c "$command1 && echo good"
+echo "# subject gid in range:"
+su -fm $uidinrange -c "if $command1; then echo not ok; else echo ok; fi"
+echo "# subject gid out range:"
+su -fm $uidoutrange -c "if $command1; then echo ok; else echo not ok; fi"
 
 #
 # Subject Match on jail
 #
-echo -n "subject matching jailid: "
 rm -f $playground/test-jail
-jailid=`jail -i / localhost 127.0.0.1 /usr/sbin/daemon -f /bin/sh -c "(sleep 3; touch $playground/test-jail) &"`
+echo "# subject matching jailid:"
+jailid=`jail -i / localhost 127.0.0.1 /usr/sbin/daemon -f /bin/sh -c "(sleep 5; touch $playground/test-jail) &"`
 ugidfw set 1 subject jailid $jailid object mode rasx
-sleep 6
-if [ ! -f $playground/test-jail ] ; then echo good ; fi
+sleep 10
+if [ -f $playground/test-jail ]; then echo not ok; else echo ok; fi
 
-echo -n "subject nonmatching jailid: "
 rm -f $playground/test-jail
-jailid=`jail -i / localhost 127.0.0.1 /usr/sbin/daemon -f /bin/sh -c "(sleep 3; touch $playground/test-jail) &"`
-sleep 6
-if [ -f $playground/test-jail ] ; then echo good ; fi
+echo "# subject nonmatching jailid:"
+jailid=`jail -i / localhost 127.0.0.1 /usr/sbin/daemon -f /bin/sh -c "(sleep 5; touch $playground/test-jail) &"`
+sleep 10
+if [ -f $playground/test-jail ]; then echo ok; else echo not ok; fi
 
 #
 # Object uid
 #
 ugidfw set 1 subject object uid $uidrange mode rasx
-echo -n "object uid in range: "
-su -fm $uidinrange -c "$command1 || echo good"
-echo -n "object uid out range: "
-su -fm $uidinrange -c "$command2 && echo good"
+echo "# object uid in range:"
+su -fm $uidinrange -c "if $command1; then echo not ok; else echo ok; fi"
+echo "# object uid out range:"
+su -fm $uidinrange -c "if $command2; then echo ok; else echo not ok; fi"
 ugidfw set 1 subject object uid $uidrange mode rasx
-echo -n "object uid in range (differennt subject): "
-su -fm $uidoutrange -c "$command1 || echo good"
-echo -n "object uid out range (differennt subject): "
-su -fm $uidoutrange -c "$command2 && echo good"
+echo "# object uid in range (differennt subject):"
+su -fm $uidoutrange -c "if $command1; then echo not ok; else echo ok; fi"
+echo "# object uid out range (differennt subject):"
+su -fm $uidoutrange -c "if $command2; then echo ok; else echo not ok; fi"
 
 #
 # Object gid
 #
 ugidfw set 1 subject object gid $uidrange mode rasx
-echo -n "object gid in range: "
-su -fm $uidinrange -c "$command1 || echo good"
-echo -n "object gid out range: "
-su -fm $uidinrange -c "$command2 && echo good"
-echo -n "object gid in range (differennt subject): "
-su -fm $uidoutrange -c "$command1 || echo good"
-echo -n "object gid out range (differennt subject): "
-su -fm $uidoutrange -c "$command2 && echo good"
+echo "# object gid in range:"
+su -fm $uidinrange -c "if $command1; then echo not ok; else echo ok; fi"
+echo "# object gid out range:"
+su -fm $uidinrange -c "if $command2; then echo ok; else echo not ok; fi"
+echo "# object gid in range (different subject):"
+su -fm $uidoutrange -c "if $command1; then echo not ok; else echo ok; fi"
+echo "# object gid out range (different subject):"
+su -fm $uidoutrange -c "if $command2; then echo ok; else echo not ok; fi"
 
 #
 # Object filesys
 #
 ugidfw set 1 subject uid $uidrange object filesys / mode rasx
-echo -n "object out of filesys: "
-su -fm $uidinrange -c "$command1 && echo good"
+echo "# object out of filesys:"
+su -fm $uidinrange -c "if $command1; then echo ok; else echo not ok; fi"
 ugidfw set 1 subject uid $uidrange object filesys $playground mode rasx
-echo -n "object in filesys: "
-su -fm $uidinrange -c "$command1 || echo good"
+echo "# object in filesys:"
+su -fm $uidinrange -c "if $command1; then echo not ok; else echo ok; fi"
 
 #
 # Object suid
 #
 ugidfw set 1 subject uid $uidrange object suid mode rasx
-echo -n "object notsuid: "
-su -fm $uidinrange -c "$command1 && echo good"
+echo "# object notsuid:"
+su -fm $uidinrange -c "if $command1; then echo ok; else echo not ok; fi"
 chmod u+s $file1
-echo -n "object suid: "
-su -fm $uidinrange -c "$command1 || echo good"
+echo "# object suid:"
+su -fm $uidinrange -c "if $command1; then echo not ok; else echo ok; fi"
 chmod u-s $file1
 
 #
 # Object sgid
 #
 ugidfw set 1 subject uid $uidrange object sgid mode rasx
-echo -n "object notsgid: "
-su -fm $uidinrange -c "$command1 && echo good"
+echo "# object notsgid:"
+su -fm $uidinrange -c "if $command1; then echo ok; else echo not ok; fi"
 chmod g+s $file1
-echo -n "object sgid: "
-su -fm $uidinrange -c "$command1 || echo good"
+echo "# object sgid:"
+su -fm $uidinrange -c "if $command1; then echo not ok; else echo ok; fi"
 chmod g-s $file1
 
 #
 # Object uid matches subject
 #
 ugidfw set 1 subject uid $uidrange object uid_of_subject mode rasx
-echo -n "object uid notmatches subject: "
-su -fm $uidinrange -c "$command2 && echo good"
-echo -n "object uid matches subject: "
-su -fm $uidinrange -c "$command1 || echo good"
+echo "# object uid notmatches subject:"
+su -fm $uidinrange -c "if $command2; then echo ok; else echo not ok; fi"
+echo "# object uid matches subject:"
+su -fm $uidinrange -c "if $command1; then echo not ok; else echo ok; fi"
 
 #
 # Object gid matches subject
 #
 ugidfw set 1 subject uid $uidrange object gid_of_subject mode rasx
-echo -n "object gid notmatches subject: "
-su -fm $uidinrange -c "$command2 && echo good"
-echo -n "object gid matches subject: "
-su -fm $uidinrange -c "$command1 || echo good"
+echo "# object gid notmatches subject:"
+su -fm $uidinrange -c "if $command2; then echo ok; else echo not ok; fi"
+echo "# object gid matches subject:"
+su -fm $uidinrange -c "if $command1; then echo not ok; else echo ok; fi"
 
 #
 # Object type
 #
 ugidfw set 1 subject uid $uidrange object type dbclsp mode rasx
-echo -n "object not type: "
-su -fm $uidinrange -c "$command1 && echo good"
+echo "# object not type:"
+su -fm $uidinrange -c "if $command1; then echo ok; else echo not ok; fi"
 ugidfw set 1 subject uid $uidrange object type r mode rasx
-echo -n "object type: "
-su -fm $uidinrange -c "$command1 || echo good"
+echo "# object type:"
+su -fm $uidinrange -c "if $command1; then echo not ok; else echo ok; fi"