From: Szabolcs S. <sz...@us...> - 2008-09-17 12:18:57
|
Update of /cvsroot/ntfs-3g/pjd-fstest/tests/xacl In directory sc8-pr-cvs16.sourceforge.net:/tmp/cvs-serv10126/tests/xacl Added Files: 00.t 01.t 02.t 03.t 04.t 05.t 06.t Log Message: add Posix ACL support (Jean-Pierre Andre) --- NEW FILE: 06.t --- #!/bin/sh desc="check errors which can occur when setting an ACL by acl_set_file() or acl_delete_def_file()" dir=`dirname $0` . ${dir}/../misc.sh d0=`namegen` n1=`namegen` rm -rf ${d0} # # skip the test if ACLs are not implemented # mkdir ${n1} if setfacl -m 'm::5' ${n1} 2> /dev/null then rmdir ${n1} echo "1..42" # create a basic file, clean its inherited ACLs, and check initial ACL # 1 expect 0 mkdir ${d0} 0777 expect 0 chown ${d0} 65533 65533 expect 0 setfacl ${d0} km 'u::rwx,g::rwx,o::rwx' expect 0 create ${d0}/${n1} 0644 expect 0 chown ${d0}/${n1} 65533 65533 expect 'u::rw-,g::r--,o::r--' getfacl ${d0}/${n1} access expect EACCES getfacl ${d0}/${n1} default # # EACCES : no search permission on parent directory # or wrong ACL type # only for acl_set_file() # 8 expect 0 setfacl ${d0} m 'u::rw,g::rwx,o::rwx,m::rwx' expect 'u::rw-,g::rwx,m::rwx,o::rwx' getfacl ${d0} access expect EACCES -u 65533 -g 65533 setfacl ${d0}/${n1} m 'u::rw-,g::r--,o::r--' expect 0 setfacl ${d0} m 'u::rwx,g::rwx,o::rwx,m::rwx' expect 'u::rwx,g::rwx,m::rwx,o::rwx' getfacl ${d0} access expect 0 -u 65533 -g 65533 setfacl ${d0}/${n1} m 'u::rw-,g::r--,o::r--' expect EACCES -u 65533 -g 65533 setfacl ${d0}/${n1} md 'u::rw-,g::r--,o::r--' # # # EINVAL argument does not point to a valid ACL # or argument has too many entries # not done (no known limit) # or argument is not ACL_TYPE_ACCESS or ACL_TYPE_DEFAULT # not done, meaningless here # or setting a default acl to non-directory # not done : conflicting error code, EACCES found on ext3 # this should also happen for acl_delete_def_file(), but # on ext3 it is accepted. # 15 expect EINVAL setfacl ${d0}/${n1} m 'u::r,u::w,g::r--,o::r--' expect 0 -u 65533 -g 65533 setfacl ${d0}/${n1} k # # ENAMETOOLONG path to file name is too long # not mentioned for acl_delete_def_file(), but it obviously # happens nevertheless # 17 expect 0 create ${d0}/${name255} 0644 expect 0 setfacl ${d0}/${name255} m 'u::rw,g::rwx,o::-,u:65532:x,m::w' expect 0620 stat ${d0}/${name255} mode expect 'u::rw-,u:65532:--x,g::rwx,m::-w-,o::---' getfacl ${d0}/${name255} access expect 0 unlink ${d0}/${name255} expect ENAMETOOLONG setfacl ${d0}/${name256} m 'u::w,g::r--,o::r--' # expect 0 mkdir ${d0}/${name255} 0755 expect 0 setfacl ${d0}/${name255} md 'u::rw,g::rwx,o::-,u:65532:x,m::w' expect 'u::rw-,u:65532:--x,g::rwx,m::-w-,o::---' getfacl ${d0}/${name255} default expect 0 setfacl ${d0}/${name255} k expect void getfacl ${d0}/${name255} default expect 'u::rwx,g::r-x,o::r-x' getfacl ${d0}/${name255} access expect 0 rmdir ${d0}/${name255} expect ENAMETOOLONG setfacl ${d0}/${name256} k # # ENOENT file does not exist # or no file name # not mentioned for acl_delete_def_file(), but it obviously # happens nevertheless # 31 expect ENOENT setfacl ${d0}/none m 'u::w,g::r--,o::r--' expect ENOENT setfacl '\0' m 'u::rw-,g::r--,o::r--' expect ENOENT setfacl ${d0}/none k expect ENOENT setfacl '\0' k # # ENOSPC not enough space in directory # not done, no known limit # # ENOTDIR path contains a non-directory segment # not mentioned for acl_delete_def_file(), but it obviously # happens nevertheless # 35 expect ENOTDIR setfacl ${d0}/${n1}/none m 'u::rw-,g::r--,o::r--' expect ENOTDIR setfacl ${d0}/${n1}/none k # # ENOTSUP file system does not support ACL # not done, meaningless here # # EPERM process is not allowed to set the ACL # 37 expect EPERM -u 65531 -g 65531 setfacl ${d0}/${n1} m 'u::rw-,g::r--,o::r--' expect EPERM -u 65531 -g 65533 setfacl ${d0}/${n1} m 'u::rw-,g::r--,o::r--' expect 0 -u 65533 -g 65533 setfacl ${d0}/${n1} m 'u::rw-,g::r--,o::r--' # expect EPERM -u 65531 -g 65531 setfacl ${d0} k expect EPERM -u 65531 -g 65533 setfacl ${d0} k expect 0 -u 65533 -g 65533 setfacl ${d0} k # # EROFS file system is read-only # not done, meaningless here # # # Clean # rm -rf ${d0} else quick_exit fi #/home/linux/rpmbuild/ntfs/fstest/pjd-fstest/fstest -u 65533 getfacl ${d0} access --- NEW FILE: 03.t --- (This appears to be a binary file; contents omitted.) --- NEW FILE: 02.t --- #!/bin/sh desc="interactions between chown and setfacl for advanced rights" # might want do add ACL applied to directories dir=`dirname $0` . ${dir}/../misc.sh d0=`namegen` n1=`namegen` rm -rf ${d0} # # skip the test if ACLs are not implemented # mkdir ${n1} if setfacl -m 'm::5' ${n1} 2> /dev/null then rmdir ${n1} echo "1..80" # create a basic directory, clean its inherited ACLs, and check initial ACL # 1 expect 0 mkdir ${d0} 0777 expect 0 setfacl ${d0} b expect 0 create ${d0}/${n1} 0644 expect 0 chown ${d0}/${n1} 65533 65533 expect 'u::rw-,g::r--,o::r--' getfacl ${d0}/${n1} access expect EACCES getfacl ${d0}/${n1} default # # Grant some access to another user and group, and change ownership to them. # The mode and the ACL are unchanged, but the new owner gets an entry as # owner and another entry as a designated user, with different rights # 6 expect 0 setfacl ${d0}/${n1} m 'u::r,g::r,o::r,m::rx,u:65531:rx,g:65532:rw' expect 0454 stat ${d0}/${n1} mode expect 'u::r--,u:65531:r-x,g::r--,g:65532:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 65531 65533 expect 0454 stat ${d0}/${n1} mode expect 'u::r--,u:65531:r-x,g::r--,g:65532:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 65531 65532 expect 0454 stat ${d0}/${n1} mode expect 'u::r--,u:65531:r-x,g::r--,g:65532:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 65531,65532 stat ${d0}/${n1} uid,gid # # Change back to original owner and group # 17 expect 0 chown ${d0}/${n1} 65533 65532 expect 0454 stat ${d0}/${n1} mode expect 65533,65532 stat ${d0}/${n1} uid,gid expect 'u::r--,u:65531:r-x,g::r--,g:65532:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 65533 65533 expect 0454 stat ${d0}/${n1} mode expect 65533,65533 stat ${d0}/${n1} uid,gid expect 'u::r--,u:65531:r-x,g::r--,g:65532:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access # # Change ownership to root and back # 26 expect 0 chown ${d0}/${n1} 0 65533 expect 0454 stat ${d0}/${n1} mode expect 0,65533 stat ${d0}/${n1} uid,gid expect 'u::r--,u:65531:r-x,g::r--,g:65532:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 65533 0 expect 0454 stat ${d0}/${n1} mode expect 65533,0 stat ${d0}/${n1} uid,gid expect 'u::r--,u:65531:r-x,g::r--,g:65532:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 0 0 expect 0454 stat ${d0}/${n1} mode expect 0,0 stat ${d0}/${n1} uid,gid expect 'u::r--,u:65531:r-x,g::r--,g:65532:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 65533 65533 expect 0454 stat ${d0}/${n1} mode expect 65533,65533 stat ${d0}/${n1} uid,gid expect 'u::r--,u:65531:r-x,g::r--,g:65532:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access # # Replay the same scenario, with root as the alternate user # # # Grant some access to another user and group, and change ownership to them. # The mode and the ACL are unchanged, but the new owner gets an entry as # owner and another entry as a designated user, with different rights # 41 expect 0 setfacl ${d0}/${n1} k expect 0 setfacl ${d0}/${n1} m 'u::r,g::r,o::r,m::rx,u:0:rx,g:0:rw' expect 0454 stat ${d0}/${n1} mode expect 'u::r--,u:root:r-x,g::r--,g:root:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 0 65533 expect 0454 stat ${d0}/${n1} mode expect 'u::r--,u:root:r-x,g::r--,g:root:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 0 0 expect 0454 stat ${d0}/${n1} mode expect 'u::r--,u:root:r-x,g::r--,g:root:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0,0 stat ${d0}/${n1} uid,gid # # Change back to original owner and group # 52 expect 0 chown ${d0}/${n1} 65533 65532 expect 0454 stat ${d0}/${n1} mode expect 65533,65532 stat ${d0}/${n1} uid,gid expect 'u::r--,u:root:r-x,g::r--,g:root:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 65533 65533 expect 0454 stat ${d0}/${n1} mode expect 65533,65533 stat ${d0}/${n1} uid,gid expect 'u::r--,u:root:r-x,g::r--,g:root:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access # # Change ownership to root and back # 60 expect 0 chown ${d0}/${n1} 0 65533 expect 0454 stat ${d0}/${n1} mode expect 0,65533 stat ${d0}/${n1} uid,gid expect 'u::r--,u:root:r-x,g::r--,g:root:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 65533 0 expect 0454 stat ${d0}/${n1} mode expect 65533,0 stat ${d0}/${n1} uid,gid expect 'u::r--,u:root:r-x,g::r--,g:root:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 0 0 expect 0454 stat ${d0}/${n1} mode expect 0,0 stat ${d0}/${n1} uid,gid expect 'u::r--,u:root:r-x,g::r--,g:root:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chown ${d0}/${n1} 65533 65533 expect 0454 stat ${d0}/${n1} mode expect 65533,65533 stat ${d0}/${n1} uid,gid expect 'u::r--,u:root:r-x,g::r--,g:root:rw-,m::r-x,o::r--' getfacl ${d0}/${n1} access # # A designated user with full access cannot change ownership # 76 expect 0 setfacl ${d0}/${n1} m 'u::r--,u:root:r-x,u:65531:rwx,g::r--,g:root:rw-,g:65532:rwx,m::rwx,o::r--' expect EPERM -u 65531 -g 65532 chown ${d0}/${n1} 65531 65532 expect 0474 stat ${d0}/${n1} mode expect 65533,65533 stat ${d0}/${n1} uid,gid expect 'u::r--,u:root:r-x,u:65531:rwx,g::r--,g:root:rw-,g:65532:rwx,m::rwx,o::r--' getfacl ${d0}/${n1} access # # Clean # rm -rf ${d0} else quick_exit fi --- NEW FILE: 05.t --- #!/bin/sh desc="check errors which can occur when getting an ACL by acl_get_file()" dir=`dirname $0` . ${dir}/../misc.sh d0=`namegen` n1=`namegen` rm -rf ${d0} # # skip the test if ACLs are not implemented # mkdir ${n1} if setfacl -m 'm::5' ${n1} 2> /dev/null then rmdir ${n1} echo "1..21" # create a basic directory, clean its inherited ACLs, and check initial ACL # 1 expect 0 mkdir ${d0} 0777 expect 0 chown ${d0} 65533 65533 expect 0 setfacl ${d0} km 'u::rwx,g::rwx,o::rwx' expect 0 create ${d0}/${n1} 0644 expect 0 chown ${d0}/${n1} 65533 65533 expect 'u::rw-,g::r--,o::r--' getfacl ${d0}/${n1} access expect EACCES getfacl ${d0}/${n1} default # # EACCES : search permission of parent directory # or wrong ACL type # 8 expect 0 setfacl ${d0} m 'u::rw,g::rwx,o::rwx,m::rwx' expect 'u::rw-,g::rwx,m::rwx,o::rwx' getfacl ${d0} access expect EACCES -u 65533 -g 65533 getfacl ${d0}/${n1} access expect 0 setfacl ${d0} m 'u::rwx,g::rwx,o::rwx,m::rwx' expect 'u::rwx,g::rwx,m::rwx,o::rwx' getfacl ${d0} access expect 'u::rw-,g::r--,o::r--' -u 65533 -g 65533 getfacl ${d0}/${n1} access expect EACCES -u 65533 -g 65533 getfacl ${d0}/${n1} default # # EINVAL argument is not ACL_TYPE_ACCESS or ACL_TYPE_DEFAULT # not done, meaningless here # # # ENAMETOOLONG path to file name is too long # 15 expect 0 create ${d0}/${name255} 0644 expect 'u::rw-,g::r--,o::r--' getfacl ${d0}/${name255} access expect 0 unlink ${d0}/${name255} expect ENAMETOOLONG getfacl ${d0}/${name256} access # # ENOENT file does not exist # or no file name # 19 expect ENOENT getfacl ${d0}/none access expect ENOENT getfacl '\0' access # # ENOMEM not enough memory # not done, meaningless here # # ENOTDIR path contains a non-directory segment # 21 expect ENOTDIR getfacl ${d0}/${n1}/none access # # ENOTSUP file system does not support ACL # not done, meaningless here # # Clean # rm -rf ${d0} else quick_exit fi --- NEW FILE: 04.t --- #!/bin/sh desc="check rights granted to designated users and groups are effective" dir=`dirname $0` . ${dir}/../misc.sh d0=`namegen` d1=`namegen` n1=`namegen` n2=`namegen` rm -rf ${d0} # # skip the test if ACLs are not implemented # mkdir ${n1} if setfacl -m 'm::5' ${n1} 2> /dev/null then rmdir ${n1} echo "1..53" # create a basic directory, clean its inherited ACLs, and check initial ACL # 1 expect 0 mkdir ${d0} 0777 expect 0 setfacl ${d0} b expect 0 create ${d0}/${n1} 0644 expect 0 chown ${d0}/${n1} 65533 65533 expect 'u::rw-,g::r--,o::r--' getfacl ${d0}/${n1} access expect EACCES getfacl ${d0}/${n1} default # # Grant read or write access to another user or group, check access # 6 expect 0 setfacl ${d0}/${n1} m 'u::-,g::-,o::-,m::rw,u:65531:r,g:65532:w' expect 0 -u 65531 -g 65531 open ${d0}/${n1} O_RDONLY expect EACCES -u 65531 -g 65531 open ${d0}/${n1} O_RDWR expect 0 -u 65532 -g 65532 open ${d0}/${n1} O_WRONLY expect EACCES -u 65532 -g 65532 open ${d0}/${n1} O_RDWR # make sure the mask applies expect 0 setfacl ${d0}/${n1} m 'u::-,g::-,o::-,m::-,u:65531:r,g:65532:w' expect EACCES -u 65531 -g 65531 open ${d0}/${n1} O_RDONLY expect EACCES -u 65532 -g 65532 open ${d0}/${n1} O_WRONLY expect 0 setfacl ${d0}/${n1} m 'u::-,g::-,o::-,m::rw,u:65531:w,g:65532:r' expect 0 -u 65531 -g 65531 open ${d0}/${n1} O_WRONLY expect EACCES -u 65531 -g 65531 open ${d0}/${n1} O_RDONLY expect 0 -u 65532 -g 65532 open ${d0}/${n1} O_RDONLY expect EACCES -u 65532 -g 65532 open ${d0}/${n1} O_WRONLY # # create a directory, clean its inherited ACLs, and check initial ACL # 20 expect 0 mkdir ${d0}/${d1} 0777 expect 0 chown ${d0}/${d1} 65533 65533 expect 'u::rwx,g::rwx,o::rwx' getfacl ${d0}/${d1} access expect void getfacl ${d0}/${d1} default # # Grant read or write access to another user or group, check access # then add execute access # 24 expect 0 setfacl ${d0}/${d1} m 'u::-,g::-,o::-,m::rw,u:65531:r,g:65532:w' expect 0 -u 65531 -g 65531 open ${d0}/${d1} O_RDONLY expect EACCES -u 65531 -g 65531 create ${d0}/${d1}/${n1} 0644 expect EACCES -u 65532 -g 65532 create ${d0}/${d1}/${n1} 0644 expect 0 setfacl ${d0}/${d1} m 'u::-,g::-,o::-,m::rwx,u:65531:rx,g:65532:wx' expect 0 -u 65531 -g 65531 open ${d0}/${d1} O_RDONLY expect EACCES -u 65531 -g 65531 create ${d0}/${d1}/${n1} 0644 expect 0 -u 65532 -g 65532 create ${d0}/${d1}/${n1} 0644 expect EACCES -u 65532 -g 65532 open ${d0}/${d1} O_RDONLY # make sure the execute mask applies # 33 expect 0 setfacl ${d0}/${d1} m 'u::-,g::-,o::-,m::rw,u:65531:rx,g:65532:wx' expect EACCES -u 65532 -g 65532 unlink ${d0}/${d1}/${n1} # 35 expect 0 setfacl ${d0}/${d1} m 'u::-,g::-,o::-,m::rw,u:65531:w,g:65532:r' expect EACCES -u 65531 -g 65531 create ${d0}/${d1}/${n2} 0644 expect EACCES -u 65531 -g 65531 open ${d0}/${d1} O_RDONLY expect 0 -u 65532 -g 65532 open ${d0}/${d1} O_RDONLY expect EACCES -u 65532 -g 65532 create ${d0}/${d1}/${n2} 0644 # 40 expect 0 setfacl ${d0}/${d1} m 'u::-,g::-,o::-,m::rwx,u:65531:wx,g:65532:rx' expect 0 -u 65531 -g 65531 create ${d0}/${d1}/${n2} 0644 expect EACCES -u 65531 -g 65531 open ${d0}/${d1} O_RDONLY expect 0 -u 65532 -g 65532 open ${d0}/${d1} O_RDONLY expect EACCES -u 65532 -g 65532 unlink ${d0}/${d1}/${n2} # # check rights granted to owner as a designated user are not effective # 45 expect 0 setfacl ${d0}/${d1} m 'u::---,u:65531:-wx,g::---,g:65532:r-x,m::rwx,o::---,u:65533:rwx,g:65533:rwx' expect EACCES -u 65533 -g 65533 stat ${d0}/${d1}/${n2} mode # # check rights denied to root as a designated user are still effective # 47 expect 0 setfacl ${d0}/${n1} m 'u::---,u:0:-,u:65531:-wx,u:65533:rwx,g::---,g:0:-,g:65532:r-x,g:65533:rwx,m::rwx,o::---' expect 0 open ${d0}/${n1} O_RDONLY # # when a couple of rights is needed they must be granted through the same ACE # (user belonging to two groups and not owner or a designated user) # 49 expect 0 setfacl ${d0}/${n1} m 'u::---,u:0:-,u:65531:wx,u:65533:rwx,g::---,g:0:-,g:65531:w,g:65532:r-x,g:65533:rwx,m::rwx,o::---' expect EACCES -u 65532 -g 65531,65532 open ${d0}/${n1} O_RDWR # # Check only the owner (apart from root) can modify an ACL # 51 expect 0 setfacl ${d0}/${n1} m 'u::---,u:0:-,u:65531:rwx,u:65533:rwx,g::---,g:0:-,g:65531:w,g:65532:r-x,g:65533:rwx,m::rwx,o::---' expect EPERM -u 65531 setfacl ${d0}/${n1} m 'u::rw,g::r,o::r,m::rx' expect 0 -u 65533 setfacl ${d0}/${n1} m 'u::rw,g::r,o::r,m::rx' # # Clean # rm -rf ${d0} else quick_exit fi --- NEW FILE: 01.t --- #!/bin/sh desc="interactions between chmod and setfacl for advanced rights" dir=`dirname $0` . ${dir}/../misc.sh d0=`namegen` n1=`namegen` d1=`namegen` n2=`namegen` rm -rf ${d0} # # skip the test if ACLs are not implemented # mkdir ${n1} if setfacl -m 'm::5' ${n1} 2> /dev/null then rmdir ${n1} echo "1..32" # create a basic file, clean its inherited ACLs, and check initial ACL # 1 expect 0 mkdir ${d0} 0777 expect 0 setfacl ${d0} b expect 0 create ${d0}/${n1} 0644 expect 0 chown ${d0}/${n1} 65533 65533 expect 'u::rw-,g::r--,o::r--' getfacl ${d0}/${n1} access expect EACCES getfacl ${d0}/${n1} default expect 65533,65533 stat ${d0}/${n1} uid,gid # # mask should be seen as group rights in a mode # 8 expect 0 setfacl ${d0}/${n1} m 'u::rw,g::r,o::r,m::rx' expect 0654 stat ${d0}/${n1} mode expect 'u::rw-,g::r--,m::r-x,o::r--' getfacl ${d0}/${n1} access expect 0 chmod ${d0}/${n1} 0611 expect 0611 stat ${d0}/${n1} mode expect 'u::rw-,g::r--,m::--x,o::--x' getfacl ${d0}/${n1} access expect EACCES getfacl ${d0}/${n1} default # # add rights for specific users and groups # 15 expect 0 setfacl ${d0}/${n1} m 'u::-,g::-,o::-,m::rx,u:65531:rw,u:65532:wx,g:65531:x,g:65532:r' expect 050 stat ${d0}/${n1} mode expect 'u::---,u:65531:rw-,u:65532:-wx,g::---,g:65531:--x,g:65532:r--,m::r-x,o::---' getfacl ${d0}/${n1} access expect EACCES getfacl ${d0}/${n1} default # # The owner may have different permissions as a designated user, # same for group # 19 expect 0 setfacl ${d0}/${n1} m 'u::-,g::-,o::-,m::rx,u:65531:rw,u:65533:wx' expect 'u::---,u:65531:rw-,u:65533:-wx,g::---,m::r-x,o::---' getfacl ${d0}/${n1} access expect 0 setfacl ${d0}/${n1} m 'u::-,u:65531:rw-,u:65533:-wx,g::-,o::-,m::rx,g:65531:x,g:65533:r' expect 'u::---,u:65531:rw-,u:65533:-wx,g::---,g:65531:--x,g:65533:r--,m::r-x,o::---' getfacl ${d0}/${n1} access # # Set a default ACL and check initial setting on a file and a directory # umask should be ignored, but with fuse, it is not # expect 0 setfacl ${d0} md 'u::rx,u:65531:wx,u:0:x,g::wx,g:65532:x,g:0:rx,m::rwx,o::rx' expect 0 create ${d0}/${n2} 077 expect 'u::---,u:root:--x,u:65531:-wx,g::-wx,g:root:r-x,g:65532:--x,m::rwx,o::r-x' getfacl ${d0}/${n2} access expect 0 mkdir ${d0}/${d1} 077 expect 'u::---,u:root:--x,u:65531:-wx,g::-wx,g:root:r-x,g:65532:--x,m::rwx,o::r-x' getfacl ${d0}/${d1} access expect 'u::r-x,u:root:--x,u:65531:-wx,g::-wx,g:root:r-x,g:65532:--x,m::rwx,o::r-x' getfacl ${d0}/${d1} default # # Do the same with a different umask, it should be ignored # (it is not with fuse) # rm -rf ${d0}/${n2} ${d0}/${d1} expect 0 -U 077 create ${d0}/${n2} 077 expect 'u::---,u:root:--x,u:65531:-wx,g::-wx,g:root:r-x,g:65532:--x,m::rwx,o::r-x' getfacl ${d0}/${n2} access expect 0 -U 077 mkdir ${d0}/${d1} 077 expect 'u::---,u:root:--x,u:65531:-wx,g::-wx,g:root:r-x,g:65532:--x,m::rwx,o::r-x' getfacl ${d0}/${d1} access # # Clean # rm -rf ${d0} else quick_exit fi --- NEW FILE: 00.t --- #!/bin/sh desc="interactions between chmod and setfacl for basic rights" # might want do add ACL applied to directories # prefer execution with a plain user rights dir=`dirname $0` . ${dir}/../misc.sh d0=`namegen` n1=`namegen` d1=`namegen` n2=`namegen` rm -rf ${d0} # # skip the test if ACLs are not implemented # mkdir ${n1} if setfacl -m 'm::5' ${n1} 2> /dev/null then rmdir ${n1} echo "1..42" # create a basic directory, clean its inherited ACLs, and check initial ACL # 1 expect 0 mkdir ${d0} 0777 expect 0 setfacl ${d0} b expect 0 create ${d0}/${n1} 0644 expect 'u::rw-,g::r--,o::r--' getfacl ${d0}/${n1} access expect EACCES getfacl ${d0}/${n1} default # # do a few chmod and check access ACL # 6 expect 0 chmod ${d0}/${n1} 0421 expect 'u::r--,g::-w-,o::--x' getfacl ${d0}/${n1} access expect 0 chmod ${d0}/${n1} 0142 expect 'u::--x,g::r--,o::-w-' getfacl ${d0}/${n1} access expect 0 chmod ${d0}/${n1} 0214 expect 'u::-w-,g::--x,o::r--' getfacl ${d0}/${n1} access expect 0 chmod ${d0}/${n1} 0635 expect 'u::rw-,g::-wx,o::r-x' getfacl ${d0}/${n1} access expect 0 chmod ${d0}/${n1} 0563 expect 'u::r-x,g::rw-,o::-wx' getfacl ${d0}/${n1} access expect 0 chmod ${d0}/${n1} 0356 expect 'u::-wx,g::r-x,o::rw-' getfacl ${d0}/${n1} access # # do a few setfacl and check mode # 18 expect 0 setfacl ${d0}/${n1} m 'u::r,g::w,o::x' expect 0421 stat ${d0}/${n1} mode expect 0 setfacl ${d0}/${n1} m 'u::w,g::x,o::r' expect 0214 stat ${d0}/${n1} mode expect 0 setfacl ${d0}/${n1} m 'u::x,g::r,o::w' expect 0142 stat ${d0}/${n1} mode expect 0 setfacl ${d0}/${n1} m 'u::rw,g::wx,o::rx' expect 0635 stat ${d0}/${n1} mode expect 0 setfacl ${d0}/${n1} m 'u::wx,g::rx,o::rw' expect 0356 stat ${d0}/${n1} mode expect 0 setfacl ${d0}/${n1} m 'u::rx,g::rw,o::wx' expect 0563 stat ${d0}/${n1} mode # # Create a file and make sure the initial mode is 0664 (with umask 002) # for a directory, the initial mode is 0776 # 30 umask 0002 touch ${d0}/${n2} expect 0664 stat ${d0}/${n2} mode expect 'u::rw-,g::rw-,o::r--' getfacl ${d0}/${n2} access mkdir ${d0}/${d1} expect 0775 stat ${d0}/${d1} mode expect 'u::rwx,g::rwx,o::r-x' getfacl ${d0}/${d1} access expect void getfacl ${d0}/${d1} default # # The special mode bits should not interfere with the ACL settings # 35 expect 0 chmod ${d0}/${n1} 07754 expect 07754 stat ${d0}/${n1} mode expect 'u::rwx,g::r-x,o::r--' getfacl ${d0}/${n1} access expect EACCES getfacl ${d0}/${n1} default expect 0 setfacl ${d0}/${n1} m 'u::rx,g::rw,o::wx' expect 07563 stat ${d0}/${n1} mode expect 'u::r-x,g::rw-,o::-wx' getfacl ${d0}/${n1} access expect EACCES getfacl ${d0}/${n1} default # # Clean # rm -rf ${d0} else quick_exit fi |