def tearDown(self):
# Disable root-squash
ret = set_root_squash(self.mnode,
self.volname,
squash=False,
do_refresh_config=True)
if not ret:
raise ExecutionError("Failed to disable root-squash on nfs "
"ganesha cluster")
g.log.info("root-squash is disabled on volume")
# Unexport volume
unexport_nfs_ganesha_volume(self.mnode, self.volname)
ret = wait_for_nfs_ganesha_volume_to_get_unexported(
self.mnode, self.volname)
if not ret:
raise ExecutionError("Volume %s is not unexported." % self.volname)
g.log.info("Unexporting of volume is successful")
# Unmount and cleanup Volume
ret = self.unmount_volume_and_cleanup_volume(self.mounts)
if ret:
g.log.info("Successfull unmount and cleanup of volume")
else:
raise ExecutionError("Failed to unmount and cleanup volume")
def test_rootsquash_enable(self):
# Start IO on mount point.
self.all_mounts_procs = []
cmd = ("for i in {1..10}; do touch %s/file$i; done" %
self.mounts[0].mountpoint)
proc = g.run_async(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.all_mounts_procs.append(proc)
# Validate IO
ret = validate_io_procs(self.all_mounts_procs, self.mounts)
self.assertTrue(ret, "IO failed on some of the clients")
g.log.info("IO is successful on all mounts")
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successfull in getting stats of files/dirs "
"from mount point")
# Check for owner and group of random file
for mount_obj in self.mounts:
cmd = ("ls -l %s/file5 | awk '{ print $3, $4 }' |sort" %
mount_obj.mountpoint)
ret, out, err = g.run(mount_obj.client_system, cmd)
self.assertFalse(ret, err)
self.assertIn("root root", out, "Owner and group is not ROOT")
g.log.info("Owner and group of file is ROOT")
# Set mount point permission to 777
for mount_obj in self.mounts:
cmd = ("chmod 777 %s" % mount_obj.mountpoint)
ret, _, err = g.run(mount_obj.client_system, cmd)
self.assertFalse(ret, err)
g.log.info("Mount point permission changed to 777")
# Enable root-squash on volume
ret = set_root_squash(self.servers[0], self.volname)
self.assertTrue(ret, "Failed to enable root-squash on volume")
g.log.info("root-squash is enable on the volume")
# Start IO on mount point.
self.all_mounts_procs = []
cmd = ("for i in {1..10}; do touch %s/Squashfile$i; done" %
self.mounts[0].mountpoint)
proc = g.run_async(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.all_mounts_procs.append(proc)
# Validate IO
ret = validate_io_procs(self.all_mounts_procs, self.mounts)
self.assertTrue(ret, "IO failed on some of the clients")
g.log.info("IO is successful on all mounts")
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successfull in getting stats of files/dirs "
"from mount point")
# Check for owner and group of random file
for mount_obj in self.mounts:
cmd = ("ls -l %s/Squashfile5 | awk '{print $3, $4}' | sort" %
mount_obj.mountpoint)
ret, out, err = g.run(mount_obj.client_system, cmd)
self.assertFalse(ret, err)
self.assertIn("nfsnobody nfsnobody", out,
"Owner and group of file is NOT NFSNOBODY")
g.log.info("Owner and group of file is NFSNOBODY")
# Edit file created by root user
for mount_obj in self.mounts:
cmd = ("echo hello > %s/file10" % mount_obj.mountpoint)
ret, _, _ = g.run(mount_obj.client_system, cmd)
self.assertEqual(
ret, 1, "nfsnobody user editing file created by "
"root user should FAIL")
g.log.info("nfsnobody user failed to edit file "
"created by root user")
def test_root_squash_enable(self):
"""
Tests to verify Nfs Ganesha rootsquash functionality when glusterd
service is restarted
Steps:
1. Create some files and dirs inside mount point
2. Set permission as 777 for mount point
3. Enable root-squash on volume
4. Create some more files and dirs
5. Restart glusterd on all the nodes
6. Try to edit file created in step 1
It should not allow to edit the file
7. Try to edit the file created in step 5
It should allow to edit the file
"""
# Start IO on mount point.
cmd = ("for i in {1..10}; do touch %s/file$i; done"
% self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system, cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successful in getting stats of files/dirs "
"from mount point")
# Set mount point permission to 777
ret = set_file_permissions(self.mounts[0].client_system,
self.mounts[0].mountpoint, 777)
self.assertTrue(ret, "Failed to set permission for directory")
g.log.info("Successfully set permissions for directory")
# Enable root-squash on volume
ret = set_root_squash(self.servers[0], self.volname)
self.assertTrue(ret, "Failed to enable root-squash on volume")
g.log.info("root-squash is enable on the volume")
# Start IO on mount point.
cmd = ("for i in {1..10}; do touch %s/Squashfile$i; done"
% self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system, cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successfull in getting stats of files/dirs "
"from mount point")
# Restart glusterd on all servers
ret = restart_glusterd(self.servers)
self.assertTrue(ret, ("Failed to restart glusterd on all servers %s",
self.servers))
g.log.info("Successfully restarted glusterd on all servers %s",
self.servers)
# Check if glusterd is running on all servers
ret = is_glusterd_running(self.servers)
self.assertEqual(ret, 0, ("Failed:Glusterd is not running on all "
"servers %s",
self.servers))
g.log.info("Glusterd is running on all the servers %s", self.servers)
# Checking if peer is connected.
ret = wait_for_peers_to_connect(self.mnode, self.servers)
self.assertTrue(ret, "Failed:Peer is not in connected state.")
g.log.info("Peers are in connected state.")
# Edit file created by root user
for mount_obj in self.mounts:
ret = append_string_to_file(mount_obj.client_system,
"%s/file10" % mount_obj.mountpoint,
'hello')
self.assertFalse(ret, "Unexpected:nfsnobody user editing file "
"created by root user should FAIL")
g.log.info("Successful:nfsnobody user failed to edit file "
"created by root user")
# Edit the file created by nfsnobody user
for mount_obj in self.mounts:
ret = append_string_to_file(mount_obj.client_system,
"%s/Squashfile5"
% mount_obj.mountpoint,
'hello')
self.assertTrue(ret, "Unexpected:nfsnobody user failed to edit "
"the file created by nfsnobody user")
g.log.info("Successful:nfsnobody user successfully edited the "
"file created by nfsnobody user")
def test_root_squash_enable(self):
"""
Tests to verify Nfs Ganesha rootsquash functionality when volume
is restarted
Steps:
1. Create some files and dirs inside mount point
2. Set permission as 777 for mount point
3. Enable root-squash on volume
4. Create some more files and dirs
5. Restart volume
6. Try to edit file created in step 1
It should not allow to edit the file
7. Try to edit the file created in step 5
It should allow to edit the file
"""
# Start IO on mount point.
cmd = ("for i in {1..10}; do touch %s/file$i; done" %
self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successful in getting stats of files/dirs "
"from mount point")
# Set mount point permission to 777
ret = set_file_permissions(self.mounts[0].client_system,
self.mounts[0].mountpoint, 777)
self.assertTrue(ret, "Failed to set permission for directory")
g.log.info("Successfully set permissions for directory")
# Enable root-squash on volume
ret = set_root_squash(self.servers[0], self.volname)
self.assertTrue(ret, "Failed to enable root-squash on volume")
g.log.info("root-squash is enable on the volume")
# Start IO on mount point.
cmd = ("for i in {1..10}; do touch %s/Squashfile$i; done" %
self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successful in getting stats of files/dirs "
"from mount point")
# Stopping volume
ret = volume_stop(self.mnode, self.volname)
self.assertTrue(ret, ("Failed to stop volume %s" % self.volname))
g.log.info("Successful in stopping volume %s" % self.volname)
# Waiting for few seconds for volume unexport. Max wait time is
# 120 seconds.
ret = wait_for_nfs_ganesha_volume_to_get_unexported(
self.mnode, self.volname)
self.assertTrue(ret, ("Failed to unexport volume %s after "
"stopping volume" % self.volname))
g.log.info("Volume is unexported successfully")
# Starting volume
ret = volume_start(self.mnode, self.volname)
self.assertTrue(ret, ("Failed to start volume %s" % self.volname))
g.log.info("Successful in starting volume %s" % self.volname)
# Waiting for few seconds for volume export. Max wait time is
# 120 seconds.
ret = wait_for_nfs_ganesha_volume_to_get_exported(
self.mnode, self.volname)
self.assertTrue(ret, ("Failed to export volume %s after "
"starting volume" % self.volname))
g.log.info("Volume is exported successfully")
# Edit file created by root user
for mount_obj in self.mounts:
ret = append_string_to_file(mount_obj.client_system,
"%s/file10" % mount_obj.mountpoint,
'hello')
self.assertFalse(
ret, "Unexpected:nfsnobody user editing file "
"created by root user should FAIL")
g.log.info("Successful:nfsnobody user failed to edit file "
"created by root user")
# Edit the file created by nfsnobody user
for mount_obj in self.mounts:
ret = append_string_to_file(
mount_obj.client_system,
"%s/Squashfile5" % mount_obj.mountpoint, 'hello')
self.assertTrue(
ret, "Unexpected:nfsnobody user failed to edit "
"the file created by nfsnobody user")
g.log.info("Successful:nfsnobody user successfully edited the "
"file created by nfsnobody user")
def test_root_squash_enable(self):
"""
Tests to verify Nfs Ganesha rootsquash functionality with multi
client
Steps:
1. Create some directories on mount point.
2. Create some files inside those directories
3. Set permission as 777 for mount point
4. Enable root-squash on volume
5. Edit file created by root user from client 2
It should not allow to edit the file
6. Create some directories on mount point.
7. Create some files inside the directories
Files and directories will be created by
nfsnobody user
8. Edit the file created in step 7
It should allow to edit the file
9. Disable root squash
10. Edit the file created at step 7
It should allow to edit the file
"""
# Create Directories on Mount point
cmd = ("for i in {1..10}; do mkdir %s/dir$i; done" %
self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Create files inside directories on mount point.
cmd = ("for i in {1..10}; do touch %s/dir$i/file$i; done" %
self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successful in getting stats of files/dirs "
"from mount point")
# Set mount point permission to 777
ret = set_file_permissions(self.mounts[0].client_system,
self.mounts[0].mountpoint, 777)
self.assertTrue(ret, "Failed to set permission for directory")
g.log.info("Successfully set permissions for directory")
# Enable root-squash on volume
ret = set_root_squash(self.servers[0], self.volname)
self.assertTrue(ret, "Failed to enable root-squash on volume")
g.log.info("root-squash is enable on the volume")
# Edit file created by root user from client 2
ret = append_string_to_file(
self.mounts[1].client_system,
"%s/dir5/file5" % self.mounts[1].mountpoint, 'hello')
self.assertFalse(
ret, "Unexpected:nfsnobody user editing file "
"created by root user should FAIL")
g.log.info("Successful:nfsnobody user failed to edit file "
"created by root user")
# Create Directories on Mount point
cmd = ("for i in {1..10}; do mkdir %s/SquashDir$i; done" %
self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Create files inside directories on mount point
cmd = ("for i in {1..10}; do touch %s/SquashDir$i/Squashfile$i;"
"done" % self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successful in getting stats of files/dirs "
"from mount point")
# Edit the file created by nfsnobody user from client 2
ret = append_string_to_file(
self.mounts[1].client_system,
"%s/SquashDir5/Squashfile5" % self.mounts[1].mountpoint, 'hello')
self.assertTrue(
ret, "Unexpected:nfsnobody user failed to edit "
"the file created by nfsnobody user")
g.log.info("Successful:nfsnobody user successfully edited the "
"file created by nfsnobody user")
# Disable root-squash
ret = set_root_squash(self.servers[0],
self.volname,
squash=False,
do_refresh_config=True)
self.assertTrue(ret, "Failed to disable root-squash on volume")
g.log.info("root-squash is disabled on the volume")
# Edit the file created by nfsnobody user from root user
ret = append_string_to_file(
self.mounts[1].client_system,
"%s/SquashDir10/Squashfile10" % self.mounts[1].mountpoint, 'hello')
self.assertTrue(
ret, "Unexpected:root user failed to edit "
"the file created by nfsnobody user")
g.log.info("Successful:root user successfully edited the "
"file created by nfsnobody user")
def test_root_squash_mount_unmount(self):
"""
Tests to verify Nfs Ganesha rootsquash functionality when volume
is remounted
Steps:
1. Set permission as 777 for mount point
2. Create some files and dirs inside mount point
3. Enable root-squash on volume
4. Create some more files and dirs inside mount point
5. Unmount the volume
6. Remount the volume
7. Try to edit file created in step 2
It should not allow to edit the file
8. Try to edit the file created in step 4
It should allow to edit the file
9. Create some more files and directory inside mount point
It should be created as nobody user
10. Disable root-squash on volume
11. Edit any of the file created in step 2.
It should allow to edit the file
"""
# Set mount point permission to 777
ret = set_file_permissions(self.mounts[0].client_system,
self.mounts[0].mountpoint, 777)
self.assertTrue(ret, "Failed to set permission for directory")
g.log.info("Successfully set permissions for directory")
# Create Directories on Mount point
cmd = ("for i in {1..20}; do mkdir %s/dir$i; done" %
self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Create multiple files inside directories on mount point.
for i in range(1, 21):
cmd = ("for j in {1..20}; do touch %s/dir%s/file$j; done" %
(self.mounts[0].mountpoint, i))
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successful in getting stats of files/dirs "
"from mount point")
# Enable root-squash on volume
ret = set_root_squash(self.servers[0], self.volname)
self.assertTrue(ret, "Failed to enable root-squash on volume")
g.log.info("root-squash is enable on the volume")
# Create some more Directories after enabling root-squash
cmd = ("for i in {1..20}; do mkdir %s/squashed_dir$i; done" %
self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Create some more files inside directories
for i in range(1, 21):
cmd = ("for j in {1..20}; do touch "
"%s/squashed_dir%s/squashed_file$j; done" %
(self.mounts[0].mountpoint, i))
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successful in getting stats of files/dirs "
"from mount point")
# Unmount volume
ret = unmount_mounts(self.mounts)
self.assertTrue(ret, "Volume unmount failed for %s" % self.volname)
# Remount volume
ret = self.mount_volume(self.mounts)
self.assertTrue(ret, "Volume mount failed for %s" % self.volname)
# Edit file created by root user
for mount_obj in self.mounts:
ret = append_string_to_file(
mount_obj.client_system,
"%s/dir10/file10" % mount_obj.mountpoint, 'hello')
self.assertFalse(
ret, "Unexpected:nobody user editing file "
"created by root user should FAIL")
g.log.info("Successful:nobody user failed to edit file "
"created by root user")
# Edit the file created by nobody user
for mount_obj in self.mounts:
ret = append_string_to_file(
mount_obj.client_system,
"%s/squashed_dir10/squashed_file10" % mount_obj.mountpoint,
'hello')
self.assertTrue(
ret, "Unexpected:nobody user failed to edit "
"the file created by nobody user")
g.log.info("Successful:nobody user successfully edited the "
"file created by nobody user")
# Create some more files on mount point post remount.
cmd = ("for i in {1..20}; do touch %s/remount_file$i; done" %
self.mounts[0].mountpoint)
ret, _, err = g.run(self.mounts[0].client_system,
cmd,
user=self.mounts[0].user)
self.assertEqual(ret, 0, err)
# Get stat of all the files/dirs created.
ret = get_mounts_stat(self.mounts)
self.assertTrue(ret, "Stat failed on some of the clients")
g.log.info("Successful in getting stats of files/dirs "
"from mount point")
# Check for owner and group of all the files
for mount_obj in self.mounts:
for i in range(1, 21):
cmd = (
"ls -l %s/remount_file%i | awk '{ print $3, $4 }' |sort" %
(mount_obj.mountpoint, i))
ret, out, err = g.run(mount_obj.client_system, cmd)
self.assertFalse(ret, err)
if is_rhel7:
self.assertIn("nobody nobody", out,
"Owner and group is not nobody")
else:
self.assertIn("nfsnobody nfsnobody", out,
"Owner and group is not nobody")
g.log.info("Owner and group of file is nobody")
# Disable root-squash
ret = set_root_squash(self.mnode,
self.volname,
squash=False,
do_refresh_config=True)
self.assertTrue(ret, "Failed to disable root-squash on volume")
g.log.info("root-squash is disable on the volume")
# Edit file created by root user
for mount_obj in self.mounts:
ret = append_string_to_file(
mount_obj.client_system,
"%s/dir15/file15" % mount_obj.mountpoint, 'hello')
self.assertTrue(
ret, "Unexpected:root user should be allowed to "
"edit the file created by root user")
g.log.info("Successful:root user successful in editing file "
"created by root user")
