Start post 2.2 cycle
[git/gitweb.git] / t / t1304-default-acl.sh
blobf5422f1d33f5eac98e6f56ec4bf05f3f8d4c8be2
1 #!/bin/sh
3 # Copyright (c) 2010 Matthieu Moy
6 test_description='Test repository with default ACL'
8 # Create the test repo with restrictive umask
9 # => this must come before . ./test-lib.sh
10 umask 077
12 . ./test-lib.sh
14 # We need an arbitrary other user give permission to using ACLs. root
15 # is a good candidate: exists on all unices, and it has permission
16 # anyway, so we don't create a security hole running the testsuite.
17 test_expect_success 'checking for a working acl setup' '
18 if setfacl -m d:m:rwx -m u:root:rwx . &&
19 getfacl . | grep user:root:rwx &&
20 touch should-have-readable-acl &&
21 getfacl should-have-readable-acl | egrep "mask::?rw-"
22 then
23 test_set_prereq SETFACL
27 if test -z "$LOGNAME"
28 then
29 LOGNAME="${USER:-$(id -u -n)}"
32 check_perms_and_acl () {
33 test -r "$1" &&
34 getfacl "$1" > actual &&
35 grep -q "user:root:rwx" actual &&
36 grep -q "user:${LOGNAME}:rwx" actual &&
37 egrep "mask::?r--" actual > /dev/null 2>&1 &&
38 grep -q "group::---" actual || false
41 dirs_to_set="./ .git/ .git/objects/ .git/objects/pack/"
43 test_expect_success SETFACL 'Setup test repo' '
44 setfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx $dirs_to_set &&
45 setfacl -m m:rwx $dirs_to_set &&
46 setfacl -m u:root:rwx $dirs_to_set &&
47 setfacl -m d:u:"$LOGNAME":rwx $dirs_to_set &&
48 setfacl -m d:u:root:rwx $dirs_to_set &&
50 touch file.txt &&
51 git add file.txt &&
52 git commit -m "init"
55 test_expect_success SETFACL 'Objects creation does not break ACLs with restrictive umask' '
56 # SHA1 for empty blob
57 check_perms_and_acl .git/objects/e6/9de29bb2d1d6434b8b29ae775ad8c2e48c5391
60 test_expect_success SETFACL 'git gc does not break ACLs with restrictive umask' '
61 git gc &&
62 check_perms_and_acl .git/objects/pack/*.pack
65 test_done