diff options
author | Vincent Ambo <Vincent Ambo> | 2020-01-11T23·36+0000 |
---|---|---|
committer | Vincent Ambo <Vincent Ambo> | 2020-01-11T23·36+0000 |
commit | 1b593e1ea4d2af0f6444d9a7788d5d99abd6fde5 (patch) | |
tree | e3accb9beed5c4c1b5a05c99db71ab2841f0ed04 /t/t1304-default-acl.sh |
Squashed 'third_party/git/' content from commit cb71568594
git-subtree-dir: third_party/git git-subtree-split: cb715685942260375e1eb8153b0768a376e4ece7
Diffstat (limited to 't/t1304-default-acl.sh')
-rwxr-xr-x | t/t1304-default-acl.sh | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/t/t1304-default-acl.sh b/t/t1304-default-acl.sh new file mode 100755 index 000000000000..335d3f3211aa --- /dev/null +++ b/t/t1304-default-acl.sh @@ -0,0 +1,65 @@ +#!/bin/sh +# +# Copyright (c) 2010 Matthieu Moy +# + +test_description='Test repository with default ACL' + +# Create the test repo with restrictive umask +# => this must come before . ./test-lib.sh +umask 077 + +. ./test-lib.sh + +# We need an arbitrary other user give permission to using ACLs. root +# is a good candidate: exists on all unices, and it has permission +# anyway, so we don't create a security hole running the testsuite. +test_expect_success 'checking for a working acl setup' ' + if setfacl -m d:m:rwx -m u:root:rwx . && + getfacl . | grep user:root:rwx && + touch should-have-readable-acl && + getfacl should-have-readable-acl | egrep "mask::?rw-" + then + test_set_prereq SETFACL + fi +' + +if test -z "$LOGNAME" +then + LOGNAME="${USER:-$(id -u -n)}" +fi + +check_perms_and_acl () { + test -r "$1" && + getfacl "$1" > actual && + grep -q "user:root:rwx" actual && + grep -q "user:${LOGNAME}:rwx" actual && + egrep "mask::?r--" actual > /dev/null 2>&1 && + grep -q "group::---" actual || false +} + +dirs_to_set="./ .git/ .git/objects/ .git/objects/pack/" + +test_expect_success SETFACL 'Setup test repo' ' + setfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx $dirs_to_set && + setfacl -m m:rwx $dirs_to_set && + setfacl -m u:root:rwx $dirs_to_set && + setfacl -m d:u:"$LOGNAME":rwx $dirs_to_set && + setfacl -m d:u:root:rwx $dirs_to_set && + + touch file.txt && + git add file.txt && + git commit -m "init" +' + +test_expect_success SETFACL 'Objects creation does not break ACLs with restrictive umask' ' + # SHA1 for empty blob + check_perms_and_acl .git/objects/$(echo $EMPTY_BLOB | sed -e "s,^\(..\),\1/,") +' + +test_expect_success SETFACL 'git gc does not break ACLs with restrictive umask' ' + git gc && + check_perms_and_acl .git/objects/pack/*.pack +' + +test_done |