Add more tests in preparation for the -x fix.

diff --git a/run-tests.sh b/run-tests.sh
index 68ae769104826e0e9c759900e116d7d8765e7b32..f218a8feefaa8810e5236d9aa631080f0ca69acf 100755 (executable)
--- a/run-tests.sh
+++ b/run-tests.sh
@@ -40,11 +40,11 @@ mkdir "${TESTDIR}"
 # permissions should all be propagated to the mode bits.
 TESTNUM=1
 TARGET="${TESTDIR}"/foo
+touch "${TARGET}"
+chmod 777 "${TARGET}"
 setfacl -d -m user::r--  "${TESTDIR}"
 setfacl -d -m group::r-- "${TESTDIR}"
 setfacl -d -m other::r-- "${TESTDIR}"
-touch "${TARGET}"
-chmod 777 "${TARGET}"
 $BIN "${TARGET}"
 
 EXPECTED=$(cat <<EOF
@@ -81,6 +81,7 @@ EOF
 ACTUAL=`getfacl --omit-header "${TARGET}"`
 compare
 
+
 # A file shared by a group, should still be group-writable
 # afterwards.
 TESTNUM=3
@@ -95,12 +96,14 @@ group::r--
 group:mail:rwx #effective:rw-
 mask::rw-
 other::r--
+
 EOF
 )
 
 ACTUAL=`getfacl --omit-header "${TARGET}"`
 compare
 
+
 # Same test as before except with a directory.
 TESTNUM=4
 setfacl -d -m group:mail:rwx "${TESTDIR}"
@@ -176,6 +179,11 @@ TESTNUM=7
 touch "${TARGET}"
 chmod 744 "${TARGET}"
 setfacl -m user:news:rw "${TARGET}"
+# If we don't add 'x' to the mask here, nobody can execute the file.
+# setfacl will update the mask for us under most circumstances, but
+# note that we didn't create an entry with an 'x' bit using setfacl --
+# therefore, setfacl won't unmask 'x' for us.
+setfacl -m mask::rwx "${TARGET}"
 setfacl -d -m user:mail:rwx "${TESTDIR}"
 setfacl -d -m user:news:rwx "${TESTDIR}"
 $BIN "${TARGET}"
@@ -334,6 +342,7 @@ other::r--
 default:user::rwx
 default:group::r--
 default:other::r--
+
 EOF
 )
 
@@ -363,6 +372,7 @@ default:user:mail:rwx
 default:group::r-x
 default:mask::rwx
 default:other::r-x
+
 EOF
 )
 
@@ -370,7 +380,7 @@ ACTUAL=`getfacl --omit-header "${TARGET}"`
 compare
 
 
-# Same as test #14, with 755 initial perms.
+# Same as previous test, with 755 initial perms.
 #
 TESTNUM=15
 TARGET="${TESTDIR}"/baz
@@ -392,6 +402,97 @@ default:user:mail:rwx
 default:group::r-x
 default:mask::rwx
 default:other::r-x
+
+EOF
+)
+
+ACTUAL=`getfacl --omit-header "${TARGET}"`
+compare
+
+
+# Same as previous two tests, only with a file.
+#
+TESTNUM=16
+TARGET="${TESTDIR}"/foo
+touch "${TARGET}"
+chmod 644 "${TARGET}"
+setfacl -d -m user:mail:rwx "${TESTDIR}"
+
+$BIN "${TARGET}"
+$BIN "${TARGET}"
+
+EXPECTED=$(cat <<EOF
+user::rw-
+user:mail:rwx  #effective:rw-
+group::r--
+mask::rw-
+other::r--
+EOF
+)
+
+ACTUAL=`getfacl --omit-header "${TARGET}"`
+compare
+
+
+# User-executable files should not wind up exec-masked.
+TESTNUM=17
+TARGET="${TESTDIR}"/foo
+touch "${TARGET}"
+chmod 700 "${TARGET}"
+setfacl -d -m user:mail:rwx  "${TESTDIR}"
+$BIN "${TARGET}"
+
+EXPECTED=$(cat <<EOF
+user::rwx
+user:mail:rwx
+group::r-x
+mask::rwx
+other::r-x
+
+EOF
+)
+
+ACTUAL=`getfacl --omit-header "${TARGET}"`
+compare
+
+
+# Group-executable files should not wind up exec-masked.
+TESTNUM=18
+TARGET="${TESTDIR}"/foo
+touch "${TARGET}"
+chmod 670 "${TARGET}"
+setfacl -d -m user:mail:rwx  "${TESTDIR}"
+$BIN "${TARGET}"
+
+EXPECTED=$(cat <<EOF
+user::rwx
+user:mail:rwx
+group::r-x
+mask::rwx
+other::r-x
+
+EOF
+)
+
+ACTUAL=`getfacl --omit-header "${TARGET}"`
+compare
+
+
+# Other-executable files should not wind up exec-masked.
+TESTNUM=19
+TARGET="${TESTDIR}"/foo
+touch "${TARGET}"
+chmod 607 "${TARGET}"
+setfacl -d -m user:mail:rwx  "${TESTDIR}"
+$BIN "${TARGET}"
+
+EXPECTED=$(cat <<EOF
+user::rwx
+user:mail:rwx
+group::r-x
+mask::rwx
+other::r-x
+
 EOF
 )