diff options
Diffstat (limited to 'tests/shell/testcases/owner/0002-persist')
-rwxr-xr-x | tests/shell/testcases/owner/0002-persist | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/tests/shell/testcases/owner/0002-persist b/tests/shell/testcases/owner/0002-persist new file mode 100755 index 00000000..98a8eb13 --- /dev/null +++ b/tests/shell/testcases/owner/0002-persist @@ -0,0 +1,78 @@ +#!/bin/bash + +# NFT_TEST_REQUIRES(NFT_TEST_HAVE_table_flag_owner) +# NFT_TEST_REQUIRES(NFT_TEST_HAVE_table_flag_persist) + +die() { + echo "$@" + exit 1 +} + +$NFT -f - <<EOF +table ip t { + flags owner, persist +} +EOF +[[ $? -eq 0 ]] || { + die "table add failed" +} + +$NFT list ruleset | grep -q 'table ip t' || { + die "table does not persist" +} +$NFT list ruleset | grep -q 'flags persist$' || { + die "unexpected flags in orphaned table" +} + +$NFT -f - <<EOF +table ip t { + flags owner, persist +} +EOF +[[ $? -eq 0 ]] || { + die "retake ownership failed" +} + +EXPECT="table ip t { + flags persist +}" +diff -u <(echo "$EXPECT") <($NFT list ruleset) || { + die "unexpected ruleset before coproc setup" +} + +coproc $NFT -i +sleep 1 + +cat >&"${COPROC[1]}" <<EOF +add table ip t { flags owner, persist; } +EOF + +EXPECT="table ip t { # progname nft + flags owner,persist +}" +diff -u <(echo "$EXPECT") <($NFT list ruleset) || { + die "unexpected ruleset after coproc setup" +} + +$NFT flush ruleset +$NFT list ruleset | grep -q 'table ip t' || { + die "flushed owned table" +} + +$NFT add table 'ip t { flags owner, persist; }' && { + die "stole owned table" +} + +cat >&"${COPROC[1]}" <<EOF +delete table ip t +EOF + +[[ -z $($NFT list ruleset) ]] || { + die "owner should be able to delete the table" +} + +eval "exec ${COPROC[1]}>&-" +wait $COPROC_PID + + +exit 0 |