From ab084b5f6e65326d6f0c5f519596757c8283c0f6 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 4 Jun 2012 20:43:09 -0700
Subject: [PATCH 1/4] Tests for bug #8972 - Add a posix_share definition to s3 so we can do raw posix permissions checks.

---
 selftest/target/Samba3.pm |    9 +++++++++
 1 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 098f532..a84b4e1 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -984,6 +984,15 @@ sub provision($$$$$$)
 	comment = smb username is [%U]
 	create mask = 777
 	force create mode = 777
+[posix_share]
+	path = $shrdir
+	comment = smb username is [%U]
+	create mask = 0777
+	force create mode = 0
+	directory mask = 0777
+	force directory mode = 0
+	vfs objects = $vfs_modulesdir_abs/xattr_tdb.so
+
 [print\$]
 	copy = tmp
 	";
-- 
1.7.0.4


From 136e37a7adbb9fcd4ec253af9e057445da222e41 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 4 Jun 2012 20:44:08 -0700
Subject: [PATCH 2/4] Tests for bug #8972 - Add a posix_share definition to s4 so we can do raw posix permissions checks.

---
 selftest/target/Samba4.pm |    8 ++++++++
 1 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 97cdbf2..954cf9c 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -745,6 +745,14 @@ sub provision($$$$$$$$)
 	create mask = 777
 	force create mode = 777
 
+[posix_share]
+	path = $ctx->{share}
+	read only = no
+	create mask = 0777
+	force create mode = 0
+	directory mask = 0777
+	force directory mode = 0
+
 [test1]
 	path = $ctx->{share}/test1
 	read only = no
-- 
1.7.0.4


From fae0e0434a18548e2350255408ed84ebc8de0eee Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 4 Jun 2012 20:44:56 -0700
Subject: [PATCH 3/4] Tests for bug #8972 - run the POSIX tests against the posix_share.

---
 source3/selftest/tests.py |   10 ++++++++--
 1 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index c131ca2..0d3bf04 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -85,8 +85,7 @@ tests=[ "FDPASS", "LOCK1", "LOCK2", "LOCK3", "LOCK4", "LOCK5", "LOCK6", "LOCK7",
         "OPEN", "XCOPY", "RENAME", "DELETE", "DELETE-LN", "PROPERTIES", "W2K",
         "TCON2", "IOCTL", "CHKPATH", "FDSESS", "CHAIN1", "CHAIN2",
         "CHAIN3",
-        "GETADDRINFO", "POSIX", "UID-REGRESSION-TEST", "SHORTNAME-TEST",
-        "POSIX-APPEND",
+        "GETADDRINFO", "UID-REGRESSION-TEST", "SHORTNAME-TEST",
         "CASE-INSENSITIVE-CREATE", "SMB2-BASIC", "NTTRANS-FSCTL", "SMB2-NEGPROT",
         "CLEANUP1",
         "CLEANUP2",
@@ -97,6 +96,13 @@ for t in tests:
     plantestsuite("samba3.smbtorture_s3.crypt(s3dc).%s" % t, "s3dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/tmp', '$USERNAME', '$PASSWORD', smbtorture3, "-e", "-l $LOCAL_PATH"])
     plantestsuite("samba3.smbtorture_s3.plain(dc).%s" % t, "dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/tmp', '$USERNAME', '$PASSWORD', smbtorture3, "", "-l $LOCAL_PATH"])
 
+posix_tests=[ "POSIX", "POSIX-APPEND"]
+
+for t in posix_tests:
+    plantestsuite("samba3.smbtorture_s3.plain(s3dc).%s" % t, "s3dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/posix_share', '$USERNAME', '$PASSWORD', smbtorture3, "", "-l $LOCAL_PATH"])
+    plantestsuite("samba3.smbtorture_s3.crypt(s3dc).%s" % t, "s3dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/posix_share', '$USERNAME', '$PASSWORD', smbtorture3, "-e", "-l $LOCAL_PATH"])
+    plantestsuite("samba3.smbtorture_s3.plain(dc).%s" % t, "dc", [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/posix_share', '$USERNAME', '$PASSWORD', smbtorture3, "", "-l $LOCAL_PATH"])
+
 env = "s3dc:local"
 t = "CLEANUP3"
 plantestsuite("samba3.smbtorture_s3.plain(%s).%s" % (env, t), env, [os.path.join(samba3srcdir, "script/tests/test_smbtorture_s3.sh"), t, '//$SERVER_IP/tmp', '$USERNAME', '$PASSWORD', binpath('smbtorture3'), "", "-l $LOCAL_PATH"])
-- 
1.7.0.4


From 667edb1b0c7842f0f780b6cfd50f9b081715409b Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Mon, 4 Jun 2012 20:45:34 -0700
Subject: [PATCH 4/4] Tests for bug #8972 - Add permission checks to run_simple_posix_open_test().

This requires a share with :

	create mask = 0777
	force create mode = 0
	directory mask = 0777
	force directory mode = 0

set so we don't mess with requested permissions.
---
 source3/torture/torture.c |   27 +++++++++++++++++++++++++++
 1 files changed, 27 insertions(+), 0 deletions(-)

diff --git a/source3/torture/torture.c b/source3/torture/torture.c
index 1fc80fe..546e033 100644
--- a/source3/torture/torture.c
+++ b/source3/torture/torture.c
@@ -5402,6 +5402,13 @@ static bool run_simple_posix_open_test(int dummy)
 		goto out;
 	}
 
+	/* Ensure st_mode == 0600 */
+	if ((sbuf.st_ex_mode & 07777) != 0600) {
+		printf("posix_open - bad permissions 0%o != 0600\n",
+				(unsigned int)sbuf.st_ex_mode);
+		goto out;
+	}
+
 	/* Test ftruncate - set file size back to zero. */
 	status = cli_ftruncate(cli1, fnum1, 0);
 	if (!NT_STATUS_IS_OK(status)) {
@@ -5632,6 +5639,26 @@ static bool run_simple_posix_open_test(int dummy)
 		goto out;
 	}
 
+	/* Check directory opens with a specific permission. */
+	status = cli_posix_mkdir(cli1, dname, 0700);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("POSIX mkdir of %s failed (%s)\n", dname, nt_errstr(status));
+		goto out;
+	}
+
+	/* Ensure st_mode == 0700 */
+	status = cli_posix_stat(cli1, dname, &sbuf);
+	if (!NT_STATUS_IS_OK(status)) {
+		printf("stat failed (%s)\n", nt_errstr(status));
+		goto out;
+	}
+
+	if ((sbuf.st_ex_mode & 07777) != 0700) {
+		printf("posix_mkdir - bad permissions 0%o != 0700\n",
+				(unsigned int)(sbuf.st_ex_mode & 07777));
+		goto out;
+	}
+
 	printf("Simple POSIX open test passed\n");
 	correct = true;
 
-- 
1.7.0.4