From 950ef1a3228a2c6427dbd8f836100d0d91221740 Mon Sep 17 00:00:00 2001
From: Michael Orlitzky <michael@orlitzky.com>
Date: Tue, 14 Aug 2012 23:59:19 -0400
Subject: [PATCH] Add a few more tricky tests.

---
 run-tests.sh | 87 +++++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 79 insertions(+), 8 deletions(-)

diff --git a/run-tests.sh b/run-tests.sh
index 75414ca..4bfd364 100755
--- a/run-tests.sh
+++ b/run-tests.sh
@@ -1,8 +1,5 @@
 #!/bin/bash
 
-# Our exit code.
-RESULT=0
-
 # The directory where we'll do all the ACL manipulation.
 TESTDIR=test
 
@@ -14,15 +11,15 @@ acl_reset() {
 
 compare() {
     if [[ "${ACTUAL}" == "${EXPECTED}" ]]; then
-	echo "Success."
+	echo "Success (#${TESTNUM})"
 	acl_reset
     else
-	echo "Failure."
+	echo "Failure (#${TESTNUM})"
 	echo "Expected result:"
 	echo "${EXPECTED}"
 	echo "Actual result:"
 	echo "${ACTUAL}"
-	RESULT=1
+	exit 1
     fi
 }
 
@@ -33,6 +30,7 @@ mkdir "${TESTDIR}"
 
 # When using a minimal ACL, the default user, group, and other
 # permissions should all be propagated to the mode bits.
+TESTNUM=1
 TARGET="${TESTDIR}"/foo
 setfacl -d -m user::r--  "${TESTDIR}"
 setfacl -d -m group::r-- "${TESTDIR}"
@@ -53,6 +51,7 @@ ACTUAL=`getfacl --omit-header "${TARGET}"`
 compare
 
 # Do the same thing as the last test, except with an extended ACL.
+TESTNUM=2
 setfacl -d -m user::r--     "${TESTDIR}"
 setfacl -d -m group::r--    "${TESTDIR}"
 setfacl -d -m other::r--    "${TESTDIR}"
@@ -74,11 +73,12 @@ EOF
 ACTUAL=`getfacl --omit-header "${TARGET}"`
 compare
 
-# A directory shared by a group, should still be group-writable
+# A file shared by a group, should still be group-writable
 # afterwards.
-setfacl -d -m group:mail:rwx "${TESTDIR}"
+TESTNUM=3
 touch "${TARGET}"
 chmod 644 "${TARGET}"
+setfacl -d -m group:mail:rwx "${TESTDIR}"
 ./aclq "${TARGET}"
 
 EXPECTED=$(cat <<EOF
@@ -94,6 +94,7 @@ ACTUAL=`getfacl --omit-header "${TARGET}"`
 compare
 
 # Same test as before except with a directory.
+TESTNUM=4
 setfacl -d -m group:mail:rwx "${TESTDIR}"
 mkdir "${TARGET}"
 chmod 755 "${TARGET}"
@@ -116,3 +117,73 @@ EOF
 
 ACTUAL=`getfacl --omit-header "${TARGET}"`
 compare
+
+
+# With no default, things are left alone.
+TESTNUM=5
+touch "${TARGET}"
+chmod 744 "${TARGET}"
+./aclq "${TARGET}"
+
+
+EXPECTED=$(cat <<EOF
+user::rwx
+group::r--
+other::r--
+
+EOF
+)
+
+ACTUAL=`getfacl --omit-header "${TARGET}"`
+compare
+
+
+
+# Make sure execute permission is removed for group/other after the
+# reapplication.
+TESTNUM=6
+touch "${TARGET}"
+chmod 744 "${TARGET}"
+setfacl -d -m user:mail:rwx "${TESTDIR}"
+./aclq "${TARGET}"
+
+
+EXPECTED=$(cat <<EOF
+user::rwx
+user:mail:rwx
+group::r--
+mask::rwx
+other::r--
+
+EOF
+)
+
+ACTUAL=`getfacl --omit-header "${TARGET}"`
+compare
+
+
+# In fact, no existing named entries without execute permissions
+# should be granted execute permissions as the result of
+# reapplication.
+TESTNUM=7
+touch "${TARGET}"
+chmod 744 "${TARGET}"
+setfacl -m user:news:rw "${TARGET}"
+setfacl -d -m user:mail:rwx "${TESTDIR}"
+setfacl -d -m user:news:rwx "${TESTDIR}"
+./aclq "${TARGET}"
+
+
+EXPECTED=$(cat <<EOF
+user::rwx
+user:mail:rwx
+user:news:rw-
+group::r--
+mask::rwx
+other::r--
+
+EOF
+)
+
+ACTUAL=`getfacl --omit-header "${TARGET}"`
+compare
-- 
2.43.2