1#!/bin/sh 2# 3# Copyright (c) 2010 Matthieu Moy 4# 5 6test_description='Test repository with default ACL' 7 8# Create the test repo with restrictive umask 9# => this must come before . ./test-lib.sh 10umask077 11 12. ./test-lib.sh 13 14# We need an arbitrary other user give permission to using ACLs. root 15# is a good candidate: exists on all unices, and it has permission 16# anyway, so we don't create a security hole running the testsuite. 17 18if! setfacl -m u:root:rwx .;then 19 say "Skipping ACL tests: unable to use setfacl" 20 test_done 21fi 22 23check_perms_and_acl () { 24test -r"$1"&& 25 getfacl "$1"> actual && 26grep-q"user:root:rwx" actual && 27grep-q"user:${LOGNAME}:rwx" actual && 28egrep"mask::?r--" actual > /dev/null 2>&1&& 29grep-q"group::---" actual || false 30} 31 32dirs_to_set="./ .git/ .git/objects/ .git/objects/pack/" 33 34test_expect_success 'Setup test repo'' 35 setfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx$dirs_to_set&& 36 setfacl -m m:rwx$dirs_to_set&& 37 setfacl -m u:root:rwx$dirs_to_set&& 38 setfacl -m d:u:"$LOGNAME":rwx$dirs_to_set&& 39 setfacl -m d:u:root:rwx$dirs_to_set&& 40 41 touch file.txt && 42 git add file.txt && 43 git commit -m "init" 44' 45 46test_expect_success 'Objects creation does not break ACLs with restrictive umask'' 47 # SHA1 for empty blob 48 check_perms_and_acl .git/objects/e6/9de29bb2d1d6434b8b29ae775ad8c2e48c5391 49' 50 51test_expect_success 'git gc does not break ACLs with restrictive umask'' 52 git gc && 53 check_perms_and_acl .git/objects/pack/*.pack 54' 55 56test_done