acl_reset() {
# Remove any ACLs on our test directory and remove its contents.
setfacl --remove-all --recursive "$TESTDIR"
- rm "${TESTDIR}"/*
+ rm -f "${TESTDIR}"/*
}
compare() {
if [[ "${ACTUAL}" == "${EXPECTED}" ]]; then
echo "Success."
+ acl_reset
else
echo "Failure."
echo "Expected result:"
# When using a minimal ACL, the default user, group, and other
# permissions should all be propagated to the mode bits.
-
TARGET="${TESTDIR}"/foo
-touch "${TARGET}"
-chmod 777 "${TARGET}"
-setfacl -d -m user::r-- "${TESTDIR}"
+setfacl -d -m user::r-- "${TESTDIR}"
setfacl -d -m group::r-- "${TESTDIR}"
setfacl -d -m other::r-- "${TESTDIR}"
+touch "${TARGET}"
+chmod 777 "${TARGET}"
+./aclq "${TARGET}"
+
+EXPECTED=$(cat <<EOF
+user::r--
+group::r--
+other::r--
+
+EOF
+)
+ACTUAL=`getfacl --omit-header "${TARGET}"`
+compare
+
+# Do the same thing as the last test, except with an extended ACL.
+setfacl -d -m user::r-- "${TESTDIR}"
+setfacl -d -m group::r-- "${TESTDIR}"
+setfacl -d -m other::r-- "${TESTDIR}"
+setfacl -d -m user:mail:rwx "${TESTDIR}"
+touch "${TARGET}"
+chmod 777 "${TARGET}"
./aclq "${TARGET}"
EXPECTED=$(cat <<EOF
user::r--
+user:mail:rwx
group::r--
+mask::rwx
other::r--
EOF
ACTUAL=`getfacl --omit-header "${TARGET}"`
compare
+
+# A directory shared by a group, should still be group-writable
+# afterwards.
+setfacl -d -m group:mail:rwx "${TESTDIR}"
+touch "${TARGET}"
+chmod 644 "${TARGET}"
+./aclq "${TARGET}"
+
+EXPECTED=$(cat <<EOF
+user::rw-
+group::r--
+group:mail:rwx #effective:rw-
+mask::rw-
+other::r--
+EOF
+)
+
+ACTUAL=`getfacl --omit-header "${TARGET}"`
+compare