die "retake ownership failed"
}
+EXPECT="table ip t {
+ flags persist
+}"
+diff -u <(echo "$EXPECT") <($NFT list ruleset) || {
+ die "unexpected ruleset before coproc setup"
+}
+
+coproc $NFT -i
+sleep 1
+
+cat >&"${COPROC[1]}" <<EOF
+add table ip t { flags owner, persist; }
+EOF
+
+EXPECT="table ip t { # progname nft
+ flags owner,persist
+}"
+diff -u <(echo "$EXPECT") <($NFT list ruleset) || {
+ die "unexpected ruleset after coproc setup"
+}
+
+$NFT flush ruleset
+$NFT list ruleset | grep -q 'table ip t' || {
+ die "flushed owned table"
+}
+
+$NFT add table 'ip t { flags owner, persist; }' && {
+ die "stole owned table"
+}
+
+cat >&"${COPROC[1]}" <<EOF
+delete table ip t
+EOF
+
+[[ -z $($NFT list ruleset) ]] || {
+ die "owner should be able to delete the table"
+}
+
+eval "exec ${COPROC[1]}>&-"
+wait $COPROC_PID
+
+
exit 0
projects / thirdparty / nftables.git / commitdiff
