MichaĆ Bartoszkiewicz just reported a very bad bug in the latest
release. When multiple named-user and named-group entries exist, the
later entries clobber earlier ones in the list. So if there are two
default ACL entries on a parent directory for group:bar and group:foo,
then apply-default-acl will create two entries on a child but both
wind up with the permissions of the group:foo entry. The full test
case he provided is as follows:
$ getfacl -n .
# file: .
# owner: 1000
# group: 1000
user::rwx
group::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:1:---
default:group:2:rw-
default:mask::rwx
default:other::r-x
$ touch foo
$ getfacl -n foo
# file: foo
# owner: 1000
# group: 1000
user::rw-
group::r-x #effective:r--
group:1:---
group:2:rw-
mask::rw-
other::r--
$ apply-default-acl foo
$ getfacl -n foo
# file: foo
# owner: 1000
# group: 1000
user::rw-
group::r--
group:1:rw-
group:2:rw-
mask::rw-
other::r--
This commit adds a new regression test that creates multiple default
named-user and named-group entries at once (with different
permissions!) and checks that they get applied correctly.