run-tests.sh

   1 #!/bin/bash
   2
   3 # The directory where we'll do all the ACL manipulation.
   4 TESTDIR=test
   5
   6 acl_reset() {
   7     # Remove any ACLs on our test directory and remove its contents.
   8     setfacl --remove-all --recursive "$TESTDIR"
   9     rm -rf "${TESTDIR}"/*
  10 }
  11
  12 compare() {
  13     if [[ "${ACTUAL}" == "${EXPECTED}" ]]; then
  14         echo "Success (#${TESTNUM})"
  15         acl_reset
  16     else
  17         echo "Failure (#${TESTNUM})"
  18         echo "Expected result:"
  19         echo "${EXPECTED}"
  20         echo "Actual result:"
  21         echo "${ACTUAL}"
  22         exit 1
  23     fi
  24 }
  25
  26 # Start by removing and recreating the 'acl' directory.
  27 rm -rf "${TESTDIR}"
  28 mkdir "${TESTDIR}"
  29
  30
  31 # When using a minimal ACL, the default user, group, and other
  32 # permissions should all be propagated to the mode bits.
  33 TESTNUM=1
  34 TARGET="${TESTDIR}"/foo
  35 setfacl -d -m user::r--  "${TESTDIR}"
  36 setfacl -d -m group::r-- "${TESTDIR}"
  37 setfacl -d -m other::r-- "${TESTDIR}"
  38 touch "${TARGET}"
  39 chmod 777 "${TARGET}"
  40 ./aclq "${TARGET}"
  41
  42 EXPECTED=$(cat <<EOF
  43 user::r--
  44 group::r--
  45 other::r--
  46
  47 EOF
  48 )
  49
  50 ACTUAL=`getfacl --omit-header "${TARGET}"`
  51 compare
  52
  53 # Do the same thing as the last test, except with an extended ACL.
  54 TESTNUM=2
  55 setfacl -d -m user::r--     "${TESTDIR}"
  56 setfacl -d -m group::r--    "${TESTDIR}"
  57 setfacl -d -m other::r--    "${TESTDIR}"
  58 setfacl -d -m user:mail:rwx "${TESTDIR}"
  59 touch "${TARGET}"
  60 chmod 777 "${TARGET}"
  61 ./aclq "${TARGET}"
  62
  63 EXPECTED=$(cat <<EOF
  64 user::r--
  65 user:mail:rwx
  66 group::r--
  67 mask::rwx
  68 other::r--
  69
  70 EOF
  71 )
  72
  73 ACTUAL=`getfacl --omit-header "${TARGET}"`
  74 compare
  75
  76 # A file shared by a group, should still be group-writable
  77 # afterwards.
  78 TESTNUM=3
  79 touch "${TARGET}"
  80 chmod 644 "${TARGET}"
  81 setfacl -d -m group:mail:rwx "${TESTDIR}"
  82 ./aclq "${TARGET}"
  83
  84 EXPECTED=$(cat <<EOF
  85 user::rw-
  86 group::r--
  87 group:mail:rwx  #effective:rw-
  88 mask::rw-
  89 other::r--
  90 EOF
  91 )
  92
  93 ACTUAL=`getfacl --omit-header "${TARGET}"`
  94 compare
  95
  96 # Same test as before except with a directory.
  97 TESTNUM=4
  98 setfacl -d -m group:mail:rwx "${TESTDIR}"
  99 mkdir "${TARGET}"
 100 chmod 755 "${TARGET}"
 101 ./aclq "${TARGET}"
 102
 103 EXPECTED=$(cat <<EOF
 104 user::rwx
 105 group::r-x
 106 group:mail:rwx
 107 mask::rwx
 108 other::r-x
 109 default:user::rwx
 110 default:group::r-x
 111 default:group:mail:rwx
 112 default:mask::rwx
 113 default:other::r-x
 114
 115 EOF
 116 )
 117
 118 ACTUAL=`getfacl --omit-header "${TARGET}"`
 119 compare
 120
 121
 122 # With no default, things are left alone.
 123 TESTNUM=5
 124 touch "${TARGET}"
 125 chmod 744 "${TARGET}"
 126 ./aclq "${TARGET}"
 127
 128
 129 EXPECTED=$(cat <<EOF
 130 user::rwx
 131 group::r--
 132 other::r--
 133
 134 EOF
 135 )
 136
 137 ACTUAL=`getfacl --omit-header "${TARGET}"`
 138 compare
 139
 140
 141
 142 # Since the default ACL will grant r-x to group/other, they will wind
 143 # up with it.
 144 TESTNUM=6
 145 touch "${TARGET}"
 146 chmod 744 "${TARGET}"
 147 setfacl -d -m user:mail:rwx "${TESTDIR}"
 148 ./aclq "${TARGET}"
 149
 150
 151 EXPECTED=$(cat <<EOF
 152 user::rwx
 153 user:mail:rwx
 154 group::r-x
 155 mask::rwx
 156 other::r-x
 157
 158 EOF
 159 )
 160
 161 ACTUAL=`getfacl --omit-header "${TARGET}"`
 162 compare
 163
 164
 165 # Some named entries can be granted execute permissions as the result
 166 # of reapplication.
 167 TESTNUM=7
 168 touch "${TARGET}"
 169 chmod 744 "${TARGET}"
 170 setfacl -m user:news:rw "${TARGET}"
 171 setfacl -d -m user:mail:rwx "${TESTDIR}"
 172 setfacl -d -m user:news:rwx "${TESTDIR}"
 173 ./aclq "${TARGET}"
 174
 175
 176 EXPECTED=$(cat <<EOF
 177 user::rwx
 178 user:mail:rwx
 179 user:news:rwx
 180 group::r-x
 181 mask::rwx
 182 other::r-x
 183
 184 EOF
 185 )
 186
 187 ACTUAL=`getfacl --omit-header "${TARGET}"`
 188 compare
 189
 190
 191 # We should not retain any entries that aren't in the default.
 192 TESTNUM=8
 193 touch "${TARGET}"
 194 chmod 644 "${TARGET}"
 195 setfacl -m user:news:rw "${TARGET}"
 196 setfacl -d -m user:mail:rwx "${TESTDIR}"
 197 ./aclq "${TARGET}"
 198
 199
 200 EXPECTED=$(cat <<EOF
 201 user::rw-
 202 user:mail:rwx   #effective:rw-
 203 group::r--
 204 mask::rw-
 205 other::r--
 206
 207 EOF
 208 )
 209
 210 ACTUAL=`getfacl --omit-header "${TARGET}"`
 211 compare
 212
 213
 214 # A slightly modified test #1 to make sure it works right.
 215 TESTNUM=9
 216 TARGET="${TESTDIR}"/foo
 217 touch "${TARGET}"
 218 chmod 777 "${TARGET}"
 219 setfacl -d -m user::r--  "${TESTDIR}"
 220 ./aclq "${TARGET}"
 221
 222 EXPECTED=$(cat <<EOF
 223 user::r--
 224 group::r-x
 225 other::r-x
 226
 227 EOF
 228 )
 229
 230 ACTUAL=`getfacl --omit-header "${TARGET}"`
 231 compare