1#!/bin/sh 2# 3# Copyright (c) 2010 Matthieu Moy 4# 5 6test_description='Test repository with default ACL' 7 8# Create the test repo with restrictive umask 9# => this must come before . ./test-lib.sh 10umask077 11 12. ./test-lib.sh 13 14# We need an arbitrary other user give permission to using ACLs. root 15# is a good candidate: exists on all unices, and it has permission 16# anyway, so we don't create a security hole running the testsuite. 17 18setfacl_out="$(setfacl -m u:root:rwx . 2>&1)" 19setfacl_ret=$? 20 21if[$setfacl_ret!=0];then 22 skip_all="Skipping ACL tests: unable to use setfacl (output: '$setfacl_out'; return code: '$setfacl_ret')" 23 test_done 24fi 25 26check_perms_and_acl () { 27test -r"$1"&& 28 getfacl "$1"> actual && 29grep-q"user:root:rwx" actual && 30grep-q"user:${LOGNAME}:rwx" actual && 31egrep"mask::?r--" actual > /dev/null 2>&1&& 32grep-q"group::---" actual || false 33} 34 35dirs_to_set="./ .git/ .git/objects/ .git/objects/pack/" 36 37test_expect_success 'Setup test repo'' 38 setfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx$dirs_to_set&& 39 setfacl -m m:rwx$dirs_to_set&& 40 setfacl -m u:root:rwx$dirs_to_set&& 41 setfacl -m d:u:"$LOGNAME":rwx$dirs_to_set&& 42 setfacl -m d:u:root:rwx$dirs_to_set&& 43 44 touch file.txt && 45 git add file.txt && 46 git commit -m "init" 47' 48 49test_expect_success 'Objects creation does not break ACLs with restrictive umask'' 50 # SHA1 for empty blob 51 check_perms_and_acl .git/objects/e6/9de29bb2d1d6434b8b29ae775ad8c2e48c5391 52' 53 54test_expect_success 'git gc does not break ACLs with restrictive umask'' 55 git gc && 56 check_perms_and_acl .git/objects/pack/*.pack 57' 58 59test_done