1#!/bin/sh 2# 3# Copyright (c) 2010 Matthieu Moy 4# 5 6test_description='Test repository with default ACL' 7 8# Create the test repo with restrictive umask 9# => this must come before . ./test-lib.sh 10umask077 11 12. ./test-lib.sh 13 14# We need an arbitrary other user give permission to using ACLs. root 15# is a good candidate: exists on all unices, and it has permission 16# anyway, so we don't create a security hole running the testsuite. 17 18if! setfacl -m u:root:rwx .;then 19 say "Skipping ACL tests: unable to use setfacl" 20 test_done 21fi 22 23check_perms_and_acl () { 24test -r"$1"&& 25 getfacl "$1"> actual && 26grep-q"user:root:rwx" actual && 27grep-q"user:${LOGNAME}:rwx" actual && 28grep-q"mask::r--" actual && 29grep-q"group::---" actual || false 30} 31 32dirs_to_set="./ .git/ .git/objects/ .git/objects/pack/" 33 34test_expect_success 'Setup test repo'' 35 setfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx$dirs_to_set&& 36 setfacl -m u:root:rwx$dirs_to_set&& 37 setfacl -m d:u:"$LOGNAME":rwx$dirs_to_set&& 38 setfacl -m d:u:root:rwx$dirs_to_set&& 39 40 touch file.txt && 41 git add file.txt && 42 git commit -m "init" 43' 44 45test_expect_success 'Objects creation does not break ACLs with restrictive umask'' 46 # SHA1 for empty blob 47 check_perms_and_acl .git/objects/e6/9de29bb2d1d6434b8b29ae775ad8c2e48c5391 48' 49 50test_expect_success 'git gc does not break ACLs with restrictive umask'' 51 git gc && 52 check_perms_and_acl .git/objects/pack/*.pack 53' 54 55test_done