def tearDown(self): # Disable root-squash ret = set_root_squash(self.mnode, self.volname, squash=False, do_refresh_config=True) if not ret: raise ExecutionError("Failed to disable root-squash on nfs " "ganesha cluster") g.log.info("root-squash is disabled on volume") # Unexport volume unexport_nfs_ganesha_volume(self.mnode, self.volname) ret = wait_for_nfs_ganesha_volume_to_get_unexported( self.mnode, self.volname) if not ret: raise ExecutionError("Volume %s is not unexported." % self.volname) g.log.info("Unexporting of volume is successful") # Unmount and cleanup Volume ret = self.unmount_volume_and_cleanup_volume(self.mounts) if ret: g.log.info("Successfull unmount and cleanup of volume") else: raise ExecutionError("Failed to unmount and cleanup volume")
def test_rootsquash_enable(self): # Start IO on mount point. self.all_mounts_procs = [] cmd = ("for i in {1..10}; do touch %s/file$i; done" % self.mounts[0].mountpoint) proc = g.run_async(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.all_mounts_procs.append(proc) # Validate IO ret = validate_io_procs(self.all_mounts_procs, self.mounts) self.assertTrue(ret, "IO failed on some of the clients") g.log.info("IO is successful on all mounts") # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successfull in getting stats of files/dirs " "from mount point") # Check for owner and group of random file for mount_obj in self.mounts: cmd = ("ls -l %s/file5 | awk '{ print $3, $4 }' |sort" % mount_obj.mountpoint) ret, out, err = g.run(mount_obj.client_system, cmd) self.assertFalse(ret, err) self.assertIn("root root", out, "Owner and group is not ROOT") g.log.info("Owner and group of file is ROOT") # Set mount point permission to 777 for mount_obj in self.mounts: cmd = ("chmod 777 %s" % mount_obj.mountpoint) ret, _, err = g.run(mount_obj.client_system, cmd) self.assertFalse(ret, err) g.log.info("Mount point permission changed to 777") # Enable root-squash on volume ret = set_root_squash(self.servers[0], self.volname) self.assertTrue(ret, "Failed to enable root-squash on volume") g.log.info("root-squash is enable on the volume") # Start IO on mount point. self.all_mounts_procs = [] cmd = ("for i in {1..10}; do touch %s/Squashfile$i; done" % self.mounts[0].mountpoint) proc = g.run_async(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.all_mounts_procs.append(proc) # Validate IO ret = validate_io_procs(self.all_mounts_procs, self.mounts) self.assertTrue(ret, "IO failed on some of the clients") g.log.info("IO is successful on all mounts") # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successfull in getting stats of files/dirs " "from mount point") # Check for owner and group of random file for mount_obj in self.mounts: cmd = ("ls -l %s/Squashfile5 | awk '{print $3, $4}' | sort" % mount_obj.mountpoint) ret, out, err = g.run(mount_obj.client_system, cmd) self.assertFalse(ret, err) self.assertIn("nfsnobody nfsnobody", out, "Owner and group of file is NOT NFSNOBODY") g.log.info("Owner and group of file is NFSNOBODY") # Edit file created by root user for mount_obj in self.mounts: cmd = ("echo hello > %s/file10" % mount_obj.mountpoint) ret, _, _ = g.run(mount_obj.client_system, cmd) self.assertEqual( ret, 1, "nfsnobody user editing file created by " "root user should FAIL") g.log.info("nfsnobody user failed to edit file " "created by root user")
def test_root_squash_enable(self): """ Tests to verify Nfs Ganesha rootsquash functionality when glusterd service is restarted Steps: 1. Create some files and dirs inside mount point 2. Set permission as 777 for mount point 3. Enable root-squash on volume 4. Create some more files and dirs 5. Restart glusterd on all the nodes 6. Try to edit file created in step 1 It should not allow to edit the file 7. Try to edit the file created in step 5 It should allow to edit the file """ # Start IO on mount point. cmd = ("for i in {1..10}; do touch %s/file$i; done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successful in getting stats of files/dirs " "from mount point") # Set mount point permission to 777 ret = set_file_permissions(self.mounts[0].client_system, self.mounts[0].mountpoint, 777) self.assertTrue(ret, "Failed to set permission for directory") g.log.info("Successfully set permissions for directory") # Enable root-squash on volume ret = set_root_squash(self.servers[0], self.volname) self.assertTrue(ret, "Failed to enable root-squash on volume") g.log.info("root-squash is enable on the volume") # Start IO on mount point. cmd = ("for i in {1..10}; do touch %s/Squashfile$i; done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successfull in getting stats of files/dirs " "from mount point") # Restart glusterd on all servers ret = restart_glusterd(self.servers) self.assertTrue(ret, ("Failed to restart glusterd on all servers %s", self.servers)) g.log.info("Successfully restarted glusterd on all servers %s", self.servers) # Check if glusterd is running on all servers ret = is_glusterd_running(self.servers) self.assertEqual(ret, 0, ("Failed:Glusterd is not running on all " "servers %s", self.servers)) g.log.info("Glusterd is running on all the servers %s", self.servers) # Checking if peer is connected. ret = wait_for_peers_to_connect(self.mnode, self.servers) self.assertTrue(ret, "Failed:Peer is not in connected state.") g.log.info("Peers are in connected state.") # Edit file created by root user for mount_obj in self.mounts: ret = append_string_to_file(mount_obj.client_system, "%s/file10" % mount_obj.mountpoint, 'hello') self.assertFalse(ret, "Unexpected:nfsnobody user editing file " "created by root user should FAIL") g.log.info("Successful:nfsnobody user failed to edit file " "created by root user") # Edit the file created by nfsnobody user for mount_obj in self.mounts: ret = append_string_to_file(mount_obj.client_system, "%s/Squashfile5" % mount_obj.mountpoint, 'hello') self.assertTrue(ret, "Unexpected:nfsnobody user failed to edit " "the file created by nfsnobody user") g.log.info("Successful:nfsnobody user successfully edited the " "file created by nfsnobody user")
def test_root_squash_enable(self): """ Tests to verify Nfs Ganesha rootsquash functionality when volume is restarted Steps: 1. Create some files and dirs inside mount point 2. Set permission as 777 for mount point 3. Enable root-squash on volume 4. Create some more files and dirs 5. Restart volume 6. Try to edit file created in step 1 It should not allow to edit the file 7. Try to edit the file created in step 5 It should allow to edit the file """ # Start IO on mount point. cmd = ("for i in {1..10}; do touch %s/file$i; done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successful in getting stats of files/dirs " "from mount point") # Set mount point permission to 777 ret = set_file_permissions(self.mounts[0].client_system, self.mounts[0].mountpoint, 777) self.assertTrue(ret, "Failed to set permission for directory") g.log.info("Successfully set permissions for directory") # Enable root-squash on volume ret = set_root_squash(self.servers[0], self.volname) self.assertTrue(ret, "Failed to enable root-squash on volume") g.log.info("root-squash is enable on the volume") # Start IO on mount point. cmd = ("for i in {1..10}; do touch %s/Squashfile$i; done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successful in getting stats of files/dirs " "from mount point") # Stopping volume ret = volume_stop(self.mnode, self.volname) self.assertTrue(ret, ("Failed to stop volume %s" % self.volname)) g.log.info("Successful in stopping volume %s" % self.volname) # Waiting for few seconds for volume unexport. Max wait time is # 120 seconds. ret = wait_for_nfs_ganesha_volume_to_get_unexported( self.mnode, self.volname) self.assertTrue(ret, ("Failed to unexport volume %s after " "stopping volume" % self.volname)) g.log.info("Volume is unexported successfully") # Starting volume ret = volume_start(self.mnode, self.volname) self.assertTrue(ret, ("Failed to start volume %s" % self.volname)) g.log.info("Successful in starting volume %s" % self.volname) # Waiting for few seconds for volume export. Max wait time is # 120 seconds. ret = wait_for_nfs_ganesha_volume_to_get_exported( self.mnode, self.volname) self.assertTrue(ret, ("Failed to export volume %s after " "starting volume" % self.volname)) g.log.info("Volume is exported successfully") # Edit file created by root user for mount_obj in self.mounts: ret = append_string_to_file(mount_obj.client_system, "%s/file10" % mount_obj.mountpoint, 'hello') self.assertFalse( ret, "Unexpected:nfsnobody user editing file " "created by root user should FAIL") g.log.info("Successful:nfsnobody user failed to edit file " "created by root user") # Edit the file created by nfsnobody user for mount_obj in self.mounts: ret = append_string_to_file( mount_obj.client_system, "%s/Squashfile5" % mount_obj.mountpoint, 'hello') self.assertTrue( ret, "Unexpected:nfsnobody user failed to edit " "the file created by nfsnobody user") g.log.info("Successful:nfsnobody user successfully edited the " "file created by nfsnobody user")
def test_root_squash_enable(self): """ Tests to verify Nfs Ganesha rootsquash functionality with multi client Steps: 1. Create some directories on mount point. 2. Create some files inside those directories 3. Set permission as 777 for mount point 4. Enable root-squash on volume 5. Edit file created by root user from client 2 It should not allow to edit the file 6. Create some directories on mount point. 7. Create some files inside the directories Files and directories will be created by nfsnobody user 8. Edit the file created in step 7 It should allow to edit the file 9. Disable root squash 10. Edit the file created at step 7 It should allow to edit the file """ # Create Directories on Mount point cmd = ("for i in {1..10}; do mkdir %s/dir$i; done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Create files inside directories on mount point. cmd = ("for i in {1..10}; do touch %s/dir$i/file$i; done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successful in getting stats of files/dirs " "from mount point") # Set mount point permission to 777 ret = set_file_permissions(self.mounts[0].client_system, self.mounts[0].mountpoint, 777) self.assertTrue(ret, "Failed to set permission for directory") g.log.info("Successfully set permissions for directory") # Enable root-squash on volume ret = set_root_squash(self.servers[0], self.volname) self.assertTrue(ret, "Failed to enable root-squash on volume") g.log.info("root-squash is enable on the volume") # Edit file created by root user from client 2 ret = append_string_to_file( self.mounts[1].client_system, "%s/dir5/file5" % self.mounts[1].mountpoint, 'hello') self.assertFalse( ret, "Unexpected:nfsnobody user editing file " "created by root user should FAIL") g.log.info("Successful:nfsnobody user failed to edit file " "created by root user") # Create Directories on Mount point cmd = ("for i in {1..10}; do mkdir %s/SquashDir$i; done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Create files inside directories on mount point cmd = ("for i in {1..10}; do touch %s/SquashDir$i/Squashfile$i;" "done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successful in getting stats of files/dirs " "from mount point") # Edit the file created by nfsnobody user from client 2 ret = append_string_to_file( self.mounts[1].client_system, "%s/SquashDir5/Squashfile5" % self.mounts[1].mountpoint, 'hello') self.assertTrue( ret, "Unexpected:nfsnobody user failed to edit " "the file created by nfsnobody user") g.log.info("Successful:nfsnobody user successfully edited the " "file created by nfsnobody user") # Disable root-squash ret = set_root_squash(self.servers[0], self.volname, squash=False, do_refresh_config=True) self.assertTrue(ret, "Failed to disable root-squash on volume") g.log.info("root-squash is disabled on the volume") # Edit the file created by nfsnobody user from root user ret = append_string_to_file( self.mounts[1].client_system, "%s/SquashDir10/Squashfile10" % self.mounts[1].mountpoint, 'hello') self.assertTrue( ret, "Unexpected:root user failed to edit " "the file created by nfsnobody user") g.log.info("Successful:root user successfully edited the " "file created by nfsnobody user")
def test_root_squash_mount_unmount(self): """ Tests to verify Nfs Ganesha rootsquash functionality when volume is remounted Steps: 1. Set permission as 777 for mount point 2. Create some files and dirs inside mount point 3. Enable root-squash on volume 4. Create some more files and dirs inside mount point 5. Unmount the volume 6. Remount the volume 7. Try to edit file created in step 2 It should not allow to edit the file 8. Try to edit the file created in step 4 It should allow to edit the file 9. Create some more files and directory inside mount point It should be created as nobody user 10. Disable root-squash on volume 11. Edit any of the file created in step 2. It should allow to edit the file """ # Set mount point permission to 777 ret = set_file_permissions(self.mounts[0].client_system, self.mounts[0].mountpoint, 777) self.assertTrue(ret, "Failed to set permission for directory") g.log.info("Successfully set permissions for directory") # Create Directories on Mount point cmd = ("for i in {1..20}; do mkdir %s/dir$i; done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Create multiple files inside directories on mount point. for i in range(1, 21): cmd = ("for j in {1..20}; do touch %s/dir%s/file$j; done" % (self.mounts[0].mountpoint, i)) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successful in getting stats of files/dirs " "from mount point") # Enable root-squash on volume ret = set_root_squash(self.servers[0], self.volname) self.assertTrue(ret, "Failed to enable root-squash on volume") g.log.info("root-squash is enable on the volume") # Create some more Directories after enabling root-squash cmd = ("for i in {1..20}; do mkdir %s/squashed_dir$i; done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Create some more files inside directories for i in range(1, 21): cmd = ("for j in {1..20}; do touch " "%s/squashed_dir%s/squashed_file$j; done" % (self.mounts[0].mountpoint, i)) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successful in getting stats of files/dirs " "from mount point") # Unmount volume ret = unmount_mounts(self.mounts) self.assertTrue(ret, "Volume unmount failed for %s" % self.volname) # Remount volume ret = self.mount_volume(self.mounts) self.assertTrue(ret, "Volume mount failed for %s" % self.volname) # Edit file created by root user for mount_obj in self.mounts: ret = append_string_to_file( mount_obj.client_system, "%s/dir10/file10" % mount_obj.mountpoint, 'hello') self.assertFalse( ret, "Unexpected:nobody user editing file " "created by root user should FAIL") g.log.info("Successful:nobody user failed to edit file " "created by root user") # Edit the file created by nobody user for mount_obj in self.mounts: ret = append_string_to_file( mount_obj.client_system, "%s/squashed_dir10/squashed_file10" % mount_obj.mountpoint, 'hello') self.assertTrue( ret, "Unexpected:nobody user failed to edit " "the file created by nobody user") g.log.info("Successful:nobody user successfully edited the " "file created by nobody user") # Create some more files on mount point post remount. cmd = ("for i in {1..20}; do touch %s/remount_file$i; done" % self.mounts[0].mountpoint) ret, _, err = g.run(self.mounts[0].client_system, cmd, user=self.mounts[0].user) self.assertEqual(ret, 0, err) # Get stat of all the files/dirs created. ret = get_mounts_stat(self.mounts) self.assertTrue(ret, "Stat failed on some of the clients") g.log.info("Successful in getting stats of files/dirs " "from mount point") # Check for owner and group of all the files for mount_obj in self.mounts: for i in range(1, 21): cmd = ( "ls -l %s/remount_file%i | awk '{ print $3, $4 }' |sort" % (mount_obj.mountpoint, i)) ret, out, err = g.run(mount_obj.client_system, cmd) self.assertFalse(ret, err) if is_rhel7: self.assertIn("nobody nobody", out, "Owner and group is not nobody") else: self.assertIn("nfsnobody nfsnobody", out, "Owner and group is not nobody") g.log.info("Owner and group of file is nobody") # Disable root-squash ret = set_root_squash(self.mnode, self.volname, squash=False, do_refresh_config=True) self.assertTrue(ret, "Failed to disable root-squash on volume") g.log.info("root-squash is disable on the volume") # Edit file created by root user for mount_obj in self.mounts: ret = append_string_to_file( mount_obj.client_system, "%s/dir15/file15" % mount_obj.mountpoint, 'hello') self.assertTrue( ret, "Unexpected:root user should be allowed to " "edit the file created by root user") g.log.info("Successful:root user successful in editing file " "created by root user")