]>
gitweb.michael.orlitzky.com - apply-default-acl.git/blob - run-tests.sh
b20ec79c9b2259b34f18722edee522c5e9f76c38
4 BIN
=.
/src
/apply
-default-acl
6 # The directory where we'll do all the ACL manipulation.
10 # Remove any ACLs on our test directory and remove its contents.
11 setfacl
--remove-all --recursive "${TESTDIR}"
12 chmod 755 "${TESTDIR}"
17 if [[ "${ACTUAL}" == "${EXPECTED}" ]]; then
18 echo "Success (#${TESTNUM})"
21 echo "Failure (#${TESTNUM})"
22 echo 'Expected result:'
23 echo '================'
25 echo '================'
27 echo '================'
29 echo '================'
34 # Start by removing and recreating the 'acl' directory.
39 # When using a minimal ACL, the default user, group, and other
40 # permissions should all be propagated to the mode bits.
42 TARGET
="${TESTDIR}"/foo
45 setfacl
-d -m user
::r
-- "${TESTDIR}"
46 setfacl
-d -m group
::r
-- "${TESTDIR}"
47 setfacl
-d -m other
::r
-- "${TESTDIR}"
58 ACTUAL
=`getfacl --omit-header "${TARGET}"`
61 # Do the same thing as the last test, except with an extended ACL.
63 setfacl
-d -m user
::r
-- "${TESTDIR}"
64 setfacl
-d -m group
::r
-- "${TESTDIR}"
65 setfacl
-d -m other
::r
-- "${TESTDIR}"
66 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
81 ACTUAL
=`getfacl --omit-header "${TARGET}"`
85 # A file shared by a group, should still be group-writable
90 setfacl
-d -m group
:bin
:rwx
"${TESTDIR}"
96 group:bin:rwx #effective:rw-
103 ACTUAL
=`getfacl --omit-header "${TARGET}"`
107 # Same test as before except with a directory.
109 setfacl
-d -m group
:bin
:rwx
"${TESTDIR}"
111 chmod 755 "${TARGET}"
122 default:group:bin:rwx
129 ACTUAL
=`getfacl --omit-header "${TARGET}"`
133 # With no default, things are left alone.
136 chmod 744 "${TARGET}"
148 ACTUAL
=`getfacl --omit-header "${TARGET}"`
153 # Since the default ACL will grant r-x to group/other, they will wind
157 chmod 744 "${TARGET}"
158 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
172 ACTUAL
=`getfacl --omit-header "${TARGET}"`
176 # Some named entries can be granted execute permissions as the result
180 chmod 744 "${TARGET}"
181 setfacl
-m user
:daemon
:rw
"${TARGET}"
182 # If we don't add 'x' to the mask here, nobody can execute the file.
183 # setfacl will update the mask for us under most circumstances, but
184 # note that we didn't create an entry with an 'x' bit using setfacl --
185 # therefore, setfacl won't unmask 'x' for us.
186 setfacl
-m mask
::rwx
"${TARGET}"
187 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
188 setfacl
-d -m user
:daemon
:rwx
"${TESTDIR}"
203 ACTUAL
=`getfacl --omit-header "${TARGET}"`
207 # We should not retain any entries that aren't in the default.
210 chmod 644 "${TARGET}"
211 setfacl
-m user
:daemon
:rw
"${TARGET}"
212 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
218 user:bin:rwx #effective:rw-
226 ACTUAL
=`getfacl --omit-header "${TARGET}"`
230 # A slightly modified test #1 to make sure it works right.
232 TARGET
="${TESTDIR}"/foo
234 chmod 777 "${TARGET}"
235 setfacl
-d -m user
::r
-- "${TESTDIR}"
246 ACTUAL
=`getfacl --omit-header "${TARGET}"`
250 # If the default ACL mask denies execute, we should respect that
251 # regardless of the existing execute permissions.
253 TARGET
="${TESTDIR}"/foo
255 chmod 777 "${TARGET}"
256 setfacl
-m user
:bin
:rwx
"${TESTDIR}"
257 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
258 setfacl
-d -m mask
::rw
- "${TESTDIR}"
263 user:bin:rwx #effective:rw-
264 group::r-x #effective:r--
271 ACTUAL
=`getfacl --omit-header "${TARGET}"`
276 # The --recursive mode should work normally if the argument is a
277 # normal file. See Test #1.
279 TARGET
="${TESTDIR}"/foo
280 setfacl
-d -m user
::r
-- "${TESTDIR}"
281 setfacl
-d -m group
::r
-- "${TESTDIR}"
282 setfacl
-d -m other
::r
-- "${TESTDIR}"
284 chmod 777 "${TARGET}"
285 $BIN --recursive "${TARGET}"
295 ACTUAL
=`getfacl --omit-header "${TARGET}"`
299 # The --recursive mode should work recursively.
301 TARGET
="${TESTDIR}"/foo
303 touch "${TARGET}"/baz
304 mkdir -p "${TARGET}"/bar
305 touch "${TARGET}"/bar
/quux
306 setfacl
-d -m user
::rwx
"${TESTDIR}"
307 setfacl
-d -m group
::r
-- "${TESTDIR}"
308 setfacl
-d -m other
::r
-- "${TESTDIR}"
309 chmod -R 777 "${TARGET}"
310 $BIN --recursive "${TARGET}"
320 ACTUAL
=`getfacl --omit-header "${TARGET}"/bar/quux`
324 # The --recursive mode should work recursively. This time
325 # check a directory, and pass the short command-line flag.
327 TARGET
="${TESTDIR}"/foo
329 touch "${TARGET}"/baz
330 mkdir -p "${TARGET}"/bar
331 touch "${TARGET}"/bar
/quux
332 setfacl
-d -m user
::rwx
"${TESTDIR}"
333 setfacl
-d -m group
::r
-- "${TESTDIR}"
334 setfacl
-d -m other
::r
-- "${TESTDIR}"
335 chmod -R 777 "${TARGET}"
349 ACTUAL
=`getfacl --omit-header "${TARGET}"/bar`
353 # Test double application on a directory.
356 TARGET
="${TESTDIR}"/baz
358 chmod 644 "${TARGET}"
359 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
379 ACTUAL
=`getfacl --omit-header "${TARGET}"`
383 # Same as previous test, with 755 initial perms.
386 TARGET
="${TESTDIR}"/baz
388 chmod 755 "${TARGET}"
389 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
409 ACTUAL
=`getfacl --omit-header "${TARGET}"`
413 # Same as previous two tests, only with a file.
416 TARGET
="${TESTDIR}"/foo
418 chmod 644 "${TARGET}"
419 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
426 user:bin:rwx #effective:rw-
433 ACTUAL
=`getfacl --omit-header "${TARGET}"`
437 # User-executable files should not wind up exec-masked.
439 TARGET
="${TESTDIR}"/foo
441 chmod 700 "${TARGET}"
442 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
455 ACTUAL
=`getfacl --omit-header "${TARGET}"`
459 # Group-executable files should not wind up exec-masked.
461 TARGET
="${TESTDIR}"/foo
463 chmod 670 "${TARGET}"
464 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
477 ACTUAL
=`getfacl --omit-header "${TARGET}"`
481 # Other-executable files should not wind up exec-masked.
483 TARGET
="${TESTDIR}"/foo
485 chmod 607 "${TARGET}"
486 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
499 ACTUAL
=`getfacl --omit-header "${TARGET}"`
504 # Test #16's setup repeated with the --no-exec-mask flag.
507 TARGET
="${TESTDIR}"/foo
509 chmod 644 "${TARGET}"
510 # The directory allows execute for user, group, and other, so the file
511 # should actually inherit them regardless of its initial mode when the
512 # --no-exec-mask flag is passed.
513 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
515 $BIN --no-exec-mask "${TARGET}"
526 ACTUAL
=`getfacl --omit-header "${TARGET}"`
531 # Test #20 repeated recursively to make sure the flags play nice
534 PARENT_DIR
="${TESTDIR}"/foo
535 TARGET
="${PARENT_DIR}"/bar
536 mkdir "${PARENT_DIR}"
538 chmod 644 "${TARGET}"
539 setfacl
-d -m user
:bin
:rwx
"${TESTDIR}"
541 $BIN --recursive --no-exec-mask "${PARENT_DIR}"
552 ACTUAL
=`getfacl --omit-header "${TARGET}"`