From db826571e4099066fe44233d95642591016c831b Mon Sep 17 00:00:00 2001 From: Brandon Casey Date: Mon, 15 Mar 2010 12:14:33 -0500 Subject: t/t1304: avoid -d option to setfacl Some platforms (Solaris) have a setfacl whose -d switch works differently than the one on Linux. On Linux, it causes all operations to be applied to the Default ACL. There is a notation for operating on the Default ACL: [d[efault]:] [u[ser]:]uid [:perms] so use it instead of the -d switch. Signed-off-by: Brandon Casey Signed-off-by: Junio C Hamano --- t/t1304-default-acl.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/t/t1304-default-acl.sh b/t/t1304-default-acl.sh index cc30be4a65..415a2dd3ce 100755 --- a/t/t1304-default-acl.sh +++ b/t/t1304-default-acl.sh @@ -46,8 +46,8 @@ dirs_to_set="./ .git/ .git/objects/ .git/objects/pack/" test_expect_success 'Setup test repo' ' setfacl -m u:root:rwx $dirs_to_set && - setfacl -d -m u:"$LOGNAME":rwx $dirs_to_set && - setfacl -d -m u:root:rwx $dirs_to_set && + setfacl -m d:u:"$LOGNAME":rwx $dirs_to_set && + setfacl -m d:u:root:rwx $dirs_to_set && touch file.txt && git add file.txt && -- cgit v1.2.3 From ab04a9056788cf77f6b6c72605fc6027f21d9d7c Mon Sep 17 00:00:00 2001 From: Brandon Casey Date: Mon, 15 Mar 2010 12:14:34 -0500 Subject: t/t1304: set the Default ACL base entries According to the Linux setfacl man page, in order for an ACL to be valid, the following rules must be satisfied: * Whenever an ACL contains any Default ACL entries, the three Default ACL base entries (default owner, default group, and default others) must also exist. * Whenever a Default ACL contains named user entries or named group objects, it must also contain a default effective rights mask. Some implementations of setfacl (Linux) do this automatically when necessary, some (Solaris) do not. Solaris's setfacl croaks when trying to create a default user ACL if the above rules are not satisfied. So, create them before modifying the default user ACL's. Signed-off-by: Brandon Casey Signed-off-by: Junio C Hamano --- t/t1304-default-acl.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/t/t1304-default-acl.sh b/t/t1304-default-acl.sh index 415a2dd3ce..3a1532be55 100755 --- a/t/t1304-default-acl.sh +++ b/t/t1304-default-acl.sh @@ -45,6 +45,7 @@ check_perms_and_acl () { dirs_to_set="./ .git/ .git/objects/ .git/objects/pack/" test_expect_success 'Setup test repo' ' + setfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx $dirs_to_set && setfacl -m u:root:rwx $dirs_to_set && setfacl -m d:u:"$LOGNAME":rwx $dirs_to_set && setfacl -m d:u:root:rwx $dirs_to_set && -- cgit v1.2.3 From 71c4d6c6354036597534931d8fe9e80a9ae3c0af Mon Sep 17 00:00:00 2001 From: Brandon Casey Date: Mon, 15 Mar 2010 12:14:35 -0500 Subject: t/t1304: use 'test -r' to test readability rather than looking at mode bits This test was using the group read permission bit as an indicator of the default ACL mask. This behavior is valid on Linux but not on other platforms like Solaris. So, rather than looking at mode bits, just test readability for the user. This, along with the checks for the existence of the ACL's that were set on the parent directories, should be enough. Signed-off-by: Brandon Casey Signed-off-by: Junio C Hamano --- t/t1304-default-acl.sh | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/t/t1304-default-acl.sh b/t/t1304-default-acl.sh index 3a1532be55..52246d7393 100755 --- a/t/t1304-default-acl.sh +++ b/t/t1304-default-acl.sh @@ -20,21 +20,8 @@ if ! setfacl -m u:root:rwx .; then test_done fi -modebits () { - ls -l "$1" | sed -e 's|^\(..........\).*|\1|' -} - check_perms_and_acl () { - actual=$(modebits "$1") && - case "$actual" in - -r--r-----*) - : happy - ;; - *) - echo "Got permission '$actual', expected '-r--r-----'" - false - ;; - esac && + test -r "$1" && getfacl "$1" > actual && grep -q "user:root:rwx" actual && grep -q "user:${LOGNAME}:rwx" actual && -- cgit v1.2.3 From 2e85575a0216b5ad4b1209cea77e1a2769fbd0b7 Mon Sep 17 00:00:00 2001 From: Brandon Casey Date: Mon, 15 Mar 2010 13:35:03 -0500 Subject: t/t1304: set the ACL effective rights mask Some implementations of setfacl do not recalculate the effective rights mask when the ACL is modified. So, set the effective rights mask explicitly to ensure that the ACL's that are set on the directories will have effect. Signed-off-by: Brandon Casey Signed-off-by: Junio C Hamano --- t/t1304-default-acl.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/t/t1304-default-acl.sh b/t/t1304-default-acl.sh index 52246d7393..85351aea24 100755 --- a/t/t1304-default-acl.sh +++ b/t/t1304-default-acl.sh @@ -33,6 +33,7 @@ dirs_to_set="./ .git/ .git/objects/ .git/objects/pack/" test_expect_success 'Setup test repo' ' setfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx $dirs_to_set && + setfacl -m m:rwx $dirs_to_set && setfacl -m u:root:rwx $dirs_to_set && setfacl -m d:u:"$LOGNAME":rwx $dirs_to_set && setfacl -m d:u:root:rwx $dirs_to_set && -- cgit v1.2.3 From 80700fde91e4a57897d811aa40daf9251b39c77c Mon Sep 17 00:00:00 2001 From: Brandon Casey Date: Mon, 15 Mar 2010 12:14:37 -0500 Subject: t/t1304: make a second colon optional in the mask ACL check Solaris only uses one colon in the listing of the ACL mask, Linux uses two, so substitute egrep for grep and make the second colon optional. The -q option for Solaris 7's /usr/xpg4/bin/egrep does not appear to be implemented, so redirect output to /dev/null. Signed-off-by: Brandon Casey Signed-off-by: Junio C Hamano --- t/t1304-default-acl.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/t/t1304-default-acl.sh b/t/t1304-default-acl.sh index 85351aea24..055ad00f77 100755 --- a/t/t1304-default-acl.sh +++ b/t/t1304-default-acl.sh @@ -25,7 +25,7 @@ check_perms_and_acl () { getfacl "$1" > actual && grep -q "user:root:rwx" actual && grep -q "user:${LOGNAME}:rwx" actual && - grep -q "mask::r--" actual && + egrep "mask::?r--" actual > /dev/null 2>&1 && grep -q "group::---" actual || false } -- cgit v1.2.3