X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=blobdiff_plain;f=src%2Fceph%2Fsrc%2Ftest%2Flibcephfs%2Faccess.cc;fp=src%2Fceph%2Fsrc%2Ftest%2Flibcephfs%2Faccess.cc;h=0000000000000000000000000000000000000000;hb=7da45d65be36d36b880cc55c5036e96c24b53f00;hp=ebdf499aaabb03f2149a03ae899ee67761ba78b8;hpb=691462d09d0987b47e112d6ee8740375df3c51b2;p=stor4nfv.git diff --git a/src/ceph/src/test/libcephfs/access.cc b/src/ceph/src/test/libcephfs/access.cc deleted file mode 100644 index ebdf499..0000000 --- a/src/ceph/src/test/libcephfs/access.cc +++ /dev/null @@ -1,390 +0,0 @@ -// -*- mode:C++; tab-width:8; c-basic-offset:2; indent-tabs-mode:t -*- -// vim: ts=8 sw=2 smarttab -/* - * Ceph - scalable distributed file system - * - * Copyright (C) 2011 New Dream Network - * - * This is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License version 2.1, as published by the Free Software - * Foundation. See file COPYING. - * - */ - -#include "gtest/gtest.h" -#include "common/ceph_argparse.h" -#include "include/buffer.h" -#include "include/stringify.h" -#include "include/cephfs/libcephfs.h" -#include "include/rados/librados.h" -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "json_spirit/json_spirit.h" - -#ifdef __linux__ -#include -#endif - - -rados_t cluster; - -string key; - -int do_mon_command(string s, string *key) -{ - char *outs, *outbuf; - size_t outs_len, outbuf_len; - const char *ss = s.c_str(); - int r = rados_mon_command(cluster, (const char **)&ss, 1, - 0, 0, - &outbuf, &outbuf_len, - &outs, &outs_len); - if (outbuf_len) { - string s(outbuf, outbuf_len); - std::cout << "out: " << s << std::endl; - - // parse out the key - json_spirit::mValue v, k; - json_spirit::read_or_throw(s, v); - k = v.get_array()[0].get_obj().find("key")->second; - *key = k.get_str(); - std::cout << "key: " << *key << std::endl; - free(outbuf); - } else { - return -EINVAL; - } - if (outs_len) { - string s(outs, outs_len); - std::cout << "outs: " << s << std::endl; - free(outs); - } - return r; -} - -string get_unique_dir() -{ - return string("/ceph_test_libcephfs_access.") + stringify(rand()); -} - -TEST(AccessTest, Foo) { - string dir = get_unique_dir(); - string user = "libcephfs_foo_test." + stringify(rand()); - // admin mount to set up test - struct ceph_mount_info *admin; - ASSERT_EQ(0, ceph_create(&admin, NULL)); - ASSERT_EQ(0, ceph_conf_read_file(admin, NULL)); - ASSERT_EQ(0, ceph_conf_parse_env(admin, NULL)); - ASSERT_EQ(0, ceph_mount(admin, "/")); - ASSERT_EQ(0, ceph_mkdir(admin, dir.c_str(), 0755)); - - // create access key - string key; - ASSERT_EQ(0, do_mon_command( - "{\"prefix\": \"auth get-or-create\", \"entity\": \"client." + user + "\", " - "\"caps\": [\"mon\", \"allow *\", \"osd\", \"allow rw\", " - "\"mds\", \"allow rw\"" - "], \"format\": \"json\"}", &key)); - - struct ceph_mount_info *cmount; - ASSERT_EQ(0, ceph_create(&cmount, user.c_str())); - ASSERT_EQ(0, ceph_conf_read_file(cmount, NULL)); - ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL)); - ASSERT_EQ(0, ceph_conf_set(cmount, "key", key.c_str())); - ASSERT_EQ(0, ceph_mount(cmount, "/")); - - ceph_shutdown(cmount); - - // clean up - ASSERT_EQ(0, ceph_rmdir(admin, dir.c_str())); - ceph_shutdown(admin); -} - -TEST(AccessTest, Path) { - string good = get_unique_dir(); - string bad = get_unique_dir(); - string user = "libcephfs_path_test." + stringify(rand()); - struct ceph_mount_info *admin; - ASSERT_EQ(0, ceph_create(&admin, NULL)); - ASSERT_EQ(0, ceph_conf_read_file(admin, NULL)); - ASSERT_EQ(0, ceph_conf_parse_env(admin, NULL)); - ASSERT_EQ(0, ceph_mount(admin, "/")); - ASSERT_EQ(0, ceph_mkdir(admin, good.c_str(), 0755)); - ASSERT_EQ(0, ceph_mkdir(admin, string(good + "/p").c_str(), 0755)); - ASSERT_EQ(0, ceph_mkdir(admin, bad.c_str(), 0755)); - ASSERT_EQ(0, ceph_mkdir(admin, string(bad + "/p").c_str(), 0755)); - int fd = ceph_open(admin, string(good + "/q").c_str(), O_CREAT|O_WRONLY, 0755); - ceph_close(admin, fd); - fd = ceph_open(admin, string(bad + "/q").c_str(), O_CREAT|O_WRONLY, 0755); - ceph_close(admin, fd); - fd = ceph_open(admin, string(bad + "/z").c_str(), O_CREAT|O_WRONLY, 0755); - ceph_write(admin, fd, "TEST FAILED", 11, 0); - ceph_close(admin, fd); - - string key; - ASSERT_EQ(0, do_mon_command( - "{\"prefix\": \"auth get-or-create\", \"entity\": \"client." + user + "\", " - "\"caps\": [\"mon\", \"allow r\", \"osd\", \"allow rwx\", " - "\"mds\", \"allow r, allow rw path=" + good + "\"" - "], \"format\": \"json\"}", &key)); - - struct ceph_mount_info *cmount; - ASSERT_EQ(0, ceph_create(&cmount, user.c_str())); - ASSERT_EQ(0, ceph_conf_read_file(cmount, NULL)); - ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL)); - ASSERT_EQ(0, ceph_conf_set(cmount, "key", key.c_str())); - ASSERT_EQ(0, ceph_mount(cmount, "/")); - - // allowed - ASSERT_GE(ceph_mkdir(cmount, string(good + "/x").c_str(), 0755), 0); - ASSERT_GE(ceph_rmdir(cmount, string(good + "/p").c_str()), 0); - ASSERT_GE(ceph_unlink(cmount, string(good + "/q").c_str()), 0); - fd = ceph_open(cmount, string(good + "/y").c_str(), O_CREAT|O_WRONLY, 0755); - ASSERT_GE(fd, 0); - ceph_write(cmount, fd, "bar", 3, 0); - ceph_close(cmount, fd); - ASSERT_GE(ceph_unlink(cmount, string(good + "/y").c_str()), 0); - ASSERT_GE(ceph_rmdir(cmount, string(good + "/x").c_str()), 0); - - fd = ceph_open(cmount, string(bad + "/z").c_str(), O_RDONLY, 0644); - ASSERT_GE(fd, 0); - ceph_close(cmount, fd); - - // not allowed - ASSERT_LT(ceph_mkdir(cmount, string(bad + "/x").c_str(), 0755), 0); - ASSERT_LT(ceph_rmdir(cmount, string(bad + "/p").c_str()), 0); - ASSERT_LT(ceph_unlink(cmount, string(bad + "/q").c_str()), 0); - fd = ceph_open(cmount, string(bad + "/y").c_str(), O_CREAT|O_WRONLY, 0755); - ASSERT_LT(fd, 0); - - // unlink open file - fd = ceph_open(cmount, string(good + "/unlinkme").c_str(), O_CREAT|O_WRONLY, 0755); - ceph_unlink(cmount, string(good + "/unlinkme").c_str()); - ASSERT_GE(ceph_write(cmount, fd, "foo", 3, 0), 0); - ASSERT_GE(ceph_fchmod(cmount, fd, 0777), 0); - ASSERT_GE(ceph_ftruncate(cmount, fd, 0), 0); - ASSERT_GE(ceph_fsetxattr(cmount, fd, "user.any", "bar", 3, 0), 0); - ceph_close(cmount, fd); - - // rename open file - fd = ceph_open(cmount, string(good + "/renameme").c_str(), O_CREAT|O_WRONLY, 0755); - ASSERT_EQ(ceph_rename(admin, string(good + "/renameme").c_str(), - string(bad + "/asdf").c_str()), 0); - ASSERT_GE(ceph_write(cmount, fd, "foo", 3, 0), 0); - ASSERT_GE(ceph_fchmod(cmount, fd, 0777), -EACCES); - ASSERT_GE(ceph_ftruncate(cmount, fd, 0), -EACCES); - ASSERT_GE(ceph_fsetxattr(cmount, fd, "user.any", "bar", 3, 0), -EACCES); - ceph_close(cmount, fd); - - ceph_shutdown(cmount); - ASSERT_EQ(0, ceph_unlink(admin, string(bad + "/q").c_str())); - ASSERT_EQ(0, ceph_unlink(admin, string(bad + "/z").c_str())); - ASSERT_EQ(0, ceph_rmdir(admin, string(bad + "/p").c_str())); - ASSERT_EQ(0, ceph_unlink(admin, string(bad + "/asdf").c_str())); - ASSERT_EQ(0, ceph_rmdir(admin, good.c_str())); - ASSERT_EQ(0, ceph_rmdir(admin, bad.c_str())); - ceph_shutdown(admin); -} - -TEST(AccessTest, ReadOnly) { - string dir = get_unique_dir(); - string dir2 = get_unique_dir(); - string user = "libcephfs_readonly_test." + stringify(rand()); - struct ceph_mount_info *admin; - ASSERT_EQ(0, ceph_create(&admin, NULL)); - ASSERT_EQ(0, ceph_conf_read_file(admin, NULL)); - ASSERT_EQ(0, ceph_conf_parse_env(admin, NULL)); - ASSERT_EQ(0, ceph_mount(admin, "/")); - ASSERT_EQ(0, ceph_mkdir(admin, dir.c_str(), 0755)); - int fd = ceph_open(admin, string(dir + "/out").c_str(), O_CREAT|O_WRONLY, 0755); - ceph_write(admin, fd, "foo", 3, 0); - ceph_close(admin,fd); - - string key; - ASSERT_EQ(0, do_mon_command( - "{\"prefix\": \"auth get-or-create\", \"entity\": \"client." + user + "\", " - "\"caps\": [\"mon\", \"allow r\", \"osd\", \"allow rw\", " - "\"mds\", \"allow r\"" - "], \"format\": \"json\"}", &key)); - - struct ceph_mount_info *cmount; - ASSERT_EQ(0, ceph_create(&cmount, user.c_str())); - ASSERT_EQ(0, ceph_conf_read_file(cmount, NULL)); - ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL)); - ASSERT_EQ(0, ceph_conf_set(cmount, "key", key.c_str())); - ASSERT_EQ(0, ceph_mount(cmount, "/")); - - // allowed - fd = ceph_open(cmount, string(dir + "/out").c_str(), O_RDONLY, 0644); - ASSERT_GE(fd, 0); - ceph_close(cmount,fd); - - // not allowed - fd = ceph_open(cmount, string(dir + "/bar").c_str(), O_CREAT|O_WRONLY, 0755); - ASSERT_LT(fd, 0); - ASSERT_LT(ceph_mkdir(cmount, dir2.c_str(), 0755), 0); - - ceph_shutdown(cmount); - ASSERT_EQ(0, ceph_unlink(admin, string(dir + "/out").c_str())); - ASSERT_EQ(0, ceph_rmdir(admin, dir.c_str())); - ceph_shutdown(admin); -} - -TEST(AccessTest, User) { - string dir = get_unique_dir(); - string user = "libcephfs_user_test." + stringify(rand()); - - // admin mount to set up test - struct ceph_mount_info *admin; - ASSERT_EQ(0, ceph_create(&admin, NULL)); - ASSERT_EQ(0, ceph_conf_read_file(admin, NULL)); - ASSERT_EQ(0, ceph_conf_parse_env(admin, NULL)); - ASSERT_EQ(0, ceph_conf_set(admin, "client_permissions", "0")); - ASSERT_EQ(0, ceph_mount(admin, "/")); - ASSERT_EQ(0, ceph_mkdir(admin, dir.c_str(), 0755)); - - // create access key - string key; - ASSERT_EQ(0, do_mon_command( - "{\"prefix\": \"auth get-or-create\", \"entity\": \"client." + user + "\", " - "\"caps\": [\"mon\", \"allow *\", \"osd\", \"allow rw\", " - "\"mds\", \"allow rw uid=123 gids=456,789\"" - "], \"format\": \"json\"}", &key)); - - struct ceph_mount_info *cmount; - ASSERT_EQ(0, ceph_create(&cmount, user.c_str())); - ASSERT_EQ(0, ceph_conf_read_file(cmount, NULL)); - ASSERT_EQ(0, ceph_conf_parse_env(cmount, NULL)); - ASSERT_EQ(0, ceph_conf_set(cmount, "key", key.c_str())); - ASSERT_EQ(-EACCES, ceph_mount(cmount, "/")); - ASSERT_EQ(0, ceph_conf_set(cmount, "client_mount_uid", "123")); - ASSERT_EQ(0, ceph_conf_set(cmount, "client_mount_gid", "456")); - ASSERT_EQ(0, ceph_conf_set(cmount, "client_permissions", "0")); - ASSERT_EQ(0, ceph_mount(cmount, "/")); - - // user bits - ASSERT_EQ(0, ceph_chmod(admin, dir.c_str(), 0700)); - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 123, 456)); - ASSERT_EQ(0, ceph_mkdir(cmount, string(dir + "/u1").c_str(), 0755)); - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 1, 456)); - ASSERT_EQ(-EACCES, ceph_mkdir(cmount, string(dir + "/no").c_str(), 0755)); - - // group bits - ASSERT_EQ(0, ceph_chmod(admin, dir.c_str(), 0770)); - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 1, 456)); - ASSERT_EQ(0, ceph_mkdir(cmount, string(dir + "/u2").c_str(), 0755)); - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 1, 2)); - ASSERT_EQ(-EACCES, ceph_mkdir(cmount, string(dir + "/no").c_str(), 0755)); - - // user overrides group - ASSERT_EQ(0, ceph_chmod(admin, dir.c_str(), 0470)); - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 123, 456)); - ASSERT_EQ(-EACCES, ceph_mkdir(cmount, string(dir + "/no").c_str(), 0755)); - - // other - ASSERT_EQ(0, ceph_chmod(admin, dir.c_str(), 0777)); - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 1, 1)); - ASSERT_EQ(0, ceph_mkdir(cmount, string(dir + "/u3").c_str(), 0755)); - ASSERT_EQ(0, ceph_chmod(admin, dir.c_str(), 0770)); - ASSERT_EQ(-EACCES, ceph_mkdir(cmount, string(dir + "/no").c_str(), 0755)); - - // user and group overrides other - ASSERT_EQ(0, ceph_chmod(admin, dir.c_str(), 07)); - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 1, 456)); - ASSERT_EQ(-EACCES, ceph_mkdir(cmount, string(dir + "/no").c_str(), 0755)); - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 123, 1)); - ASSERT_EQ(-EACCES, ceph_mkdir(cmount, string(dir + "/no").c_str(), 0755)); - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 123, 456)); - ASSERT_EQ(-EACCES, ceph_mkdir(cmount, string(dir + "/no").c_str(), 0755)); - - // chown and chgrp - ASSERT_EQ(0, ceph_chmod(admin, dir.c_str(), 0700)); - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 123, 456)); - // FIXME: Re-enable these 789 tests once we can set multiple GIDs via libcephfs/config - // ASSERT_EQ(0, ceph_chown(cmount, dir.c_str(), 123, 789)); - ASSERT_EQ(0, ceph_chown(cmount, dir.c_str(), 123, 456)); - // ASSERT_EQ(0, ceph_chown(cmount, dir.c_str(), -1, 789)); - ASSERT_EQ(0, ceph_chown(cmount, dir.c_str(), -1, 456)); - ASSERT_EQ(-EACCES, ceph_chown(cmount, dir.c_str(), 123, 1)); - ASSERT_EQ(-EACCES, ceph_chown(cmount, dir.c_str(), 1, 456)); - - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 1, 1)); - ASSERT_EQ(-EACCES, ceph_chown(cmount, dir.c_str(), 123, 456)); - ASSERT_EQ(-EACCES, ceph_chown(cmount, dir.c_str(), 123, -1)); - ASSERT_EQ(-EACCES, ceph_chown(cmount, dir.c_str(), -1, 456)); - - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 1, 456)); - ASSERT_EQ(-EACCES, ceph_chown(cmount, dir.c_str(), 123, 456)); - ASSERT_EQ(-EACCES, ceph_chown(cmount, dir.c_str(), 123, -1)); - ASSERT_EQ(-EACCES, ceph_chown(cmount, dir.c_str(), -1, 456)); - - ASSERT_EQ(0, ceph_chown(admin, dir.c_str(), 123, 1)); - ASSERT_EQ(0, ceph_chown(cmount, dir.c_str(), -1, 456)); - // ASSERT_EQ(0, ceph_chown(cmount, dir.c_str(), 123, 789)); - - ceph_shutdown(cmount); - - // clean up - ASSERT_EQ(0, ceph_rmdir(admin, string(dir + "/u1").c_str())); - ASSERT_EQ(0, ceph_rmdir(admin, string(dir + "/u2").c_str())); - ASSERT_EQ(0, ceph_rmdir(admin, string(dir + "/u3").c_str())); - ASSERT_EQ(0, ceph_rmdir(admin, dir.c_str())); - ceph_shutdown(admin); -} - -static int update_root_mode() -{ - struct ceph_mount_info *admin; - int r = ceph_create(&admin, NULL); - if (r < 0) - return r; - ceph_conf_read_file(admin, NULL); - ceph_conf_parse_env(admin, NULL); - ceph_conf_set(admin, "client_permissions", "false"); - r = ceph_mount(admin, "/"); - if (r < 0) - goto out; - r = ceph_chmod(admin, "/", 0777); -out: - ceph_shutdown(admin); - return r; -} - - -int main(int argc, char **argv) -{ - int r = update_root_mode(); - if (r < 0) - exit(1); - - ::testing::InitGoogleTest(&argc, argv); - - srand(getpid()); - - r = rados_create(&cluster, NULL); - if (r < 0) - exit(1); - - r = rados_conf_read_file(cluster, NULL); - if (r < 0) - exit(1); - - rados_conf_parse_env(cluster, NULL); - r = rados_connect(cluster); - if (r < 0) - exit(1); - - r = RUN_ALL_TESTS(); - - rados_shutdown(cluster); - - return r; -}