tests/test-copy-acl.sh

   1 #!/bin/sh
   2
   3 # Show all commands when run with environment variable VERBOSE=yes.
   4 test -z "$VERBOSE" || set -x
   5
   6 test "$USE_ACL" = 0 &&
   7   {
   8     echo "Skipping test: insufficient ACL support"
   9     exit 77
  10   }
  11
  12 # func_tmpdir
  13 # creates a temporary directory.
  14 # Sets variable
  15 # - tmp             pathname of freshly created temporary directory
  16 func_tmpdir ()
  17 {
  18   # Use the environment variable TMPDIR, falling back to /tmp. This allows
  19   # users to specify a different temporary directory, for example, if their
  20   # /tmp is filled up or too small.
  21   : ${TMPDIR=/tmp}
  22   {
  23     # Use the mktemp program if available. If not available, hide the error
  24     # message.
  25     tmp=`(umask 077 && mktemp -d "$TMPDIR/glXXXXXX") 2>/dev/null` &&
  26     test -n "$tmp" && test -d "$tmp"
  27   } ||
  28   {
  29     # Use a simple mkdir command. It is guaranteed to fail if the directory
  30     # already exists.  $RANDOM is bash specific and expands to empty in shells
  31     # other than bash, ksh and zsh.  Its use does not increase security;
  32     # rather, it minimizes the probability of failure in a very cluttered /tmp
  33     # directory.
  34     tmp=$TMPDIR/gl$$-$RANDOM
  35     (umask 077 && mkdir "$tmp")
  36   } ||
  37   {
  38     echo "$0: cannot create a temporary directory in $TMPDIR" >&2
  39     exit 1
  40   }
  41 }
  42
  43 func_tmpdir
  44 # builddir may already be set by the script that invokes this one.
  45 case "$builddir" in
  46   '') builddir=`pwd` ;;
  47   /* | ?:*) ;;
  48   *) builddir=`pwd`/$builddir ;;
  49 esac
  50 cd "$builddir" ||
  51   {
  52     echo "$0: cannot determine build directory (unreadable parent dir?)" >&2
  53     exit 1
  54   }
  55 # Switch to a temporary directory, to increase the likelihood that ACLs are
  56 # supported on the current file system. (/tmp is usually locally mounted,
  57 # whereas the build dir is sometimes NFS-mounted.)
  58 ( cd "$tmp"
  59
  60   # Prepare tmpfile0.
  61   rm -f tmpfile[0-9] tmpaclout[0-2]
  62   echo "Simple contents" > tmpfile0
  63   chmod 600 tmpfile0
  64
  65   # Classification of the platform according to the programs available for
  66   # manipulating ACLs.
  67   # Possible values are:
  68   #   linux, cygwin, freebsd, solaris, hpux, hpuxjfs, osf1, aix, macosx, irix, none.
  69   # TODO: Support also native Windows platforms (mingw).
  70   acl_flavor=none
  71   if (getfacl tmpfile0 >/dev/null) 2>/dev/null; then
  72     # Platforms with the getfacl and setfacl programs.
  73     # Linux, FreeBSD, Solaris, Cygwin.
  74     if (setfacl --help >/dev/null) 2>/dev/null; then
  75       # Linux, Cygwin.
  76       if (LC_ALL=C setfacl --help | grep ' --set-file' >/dev/null) 2>/dev/null; then
  77         # Linux.
  78         acl_flavor=linux
  79       else
  80         acl_flavor=cygwin
  81       fi
  82     else
  83       # FreeBSD, Solaris.
  84       if (LC_ALL=C setfacl 2>&1 | grep '\-x entries' >/dev/null) 2>/dev/null; then
  85         # FreeBSD.
  86         acl_flavor=freebsd
  87       else
  88         # Solaris.
  89         acl_flavor=solaris
  90       fi
  91     fi
  92   else
  93     if (lsacl / >/dev/null) 2>/dev/null; then
  94       # Platforms with the lsacl and chacl programs.
  95       # HP-UX, sometimes also IRIX.
  96       if (getacl tmpfile0 >/dev/null) 2>/dev/null; then
  97         # HP-UX 11.11 or newer.
  98         acl_flavor=hpuxjfs
  99       else
 100         # HP-UX 11.00.
 101         acl_flavor=hpux
 102       fi
 103     else
 104       if (getacl tmpfile0 >/dev/null) 2>/dev/null; then
 105         # Tru64, NonStop Kernel.
 106         if (getacl -m tmpfile0 >/dev/null) 2>/dev/null; then
 107           # Tru64.
 108           acl_flavor=osf1
 109         else
 110           # NonStop Kernel.
 111           acl_flavor=nsk
 112         fi
 113       else
 114         if (aclget tmpfile0 >/dev/null) 2>/dev/null; then
 115           # AIX.
 116           acl_flavor=aix
 117         else
 118           if (fsaclctl -v >/dev/null) 2>/dev/null; then
 119             # Mac OS X.
 120             acl_flavor=macosx
 121           else
 122             if test -f /sbin/chacl; then
 123               # IRIX.
 124               acl_flavor=irix
 125             fi
 126           fi
 127         fi
 128       fi
 129     fi
 130   fi
 131
 132   # Define a function to test for the same ACLs, from the point of view of
 133   # the programs.
 134   # func_test_same_acls file1 file2
 135   case $acl_flavor in
 136     linux | cygwin | freebsd | solaris)
 137       func_test_same_acls ()
 138       {
 139         getfacl "$1" | sed -e "s/$1/FILENAME/g" > tmpaclout1
 140         getfacl "$2" | sed -e "s/$2/FILENAME/g" > tmpaclout2
 141         cmp tmpaclout1 tmpaclout2 > /dev/null
 142       }
 143       ;;
 144     hpux)
 145       func_test_same_acls ()
 146       {
 147         lsacl "$1" | sed -e "s/$1/FILENAME/g" > tmpaclout1
 148         lsacl "$2" | sed -e "s/$2/FILENAME/g" > tmpaclout2
 149         cmp tmpaclout1 tmpaclout2 > /dev/null
 150       }
 151       ;;
 152     hpuxjfs)
 153       func_test_same_acls ()
 154       {
 155         { lsacl "$1" | sed -e "s/$1/FILENAME/g" > tmpaclout1
 156           lsacl "$2" | sed -e "s/$2/FILENAME/g" > tmpaclout2
 157           cmp tmpaclout1 tmpaclout2 > /dev/null
 158         } &&
 159         { getacl "$1" | sed -e "s/$1/FILENAME/g" > tmpaclout1
 160           getacl "$2" | sed -e "s/$2/FILENAME/g" > tmpaclout2
 161           cmp tmpaclout1 tmpaclout2 > /dev/null
 162         }
 163       }
 164       ;;
 165     osf1 | nsk)
 166       func_test_same_acls ()
 167       {
 168         getacl "$1" | sed -e "s/$1/FILENAME/g" > tmpaclout1
 169         getacl "$2" | sed -e "s/$2/FILENAME/g" > tmpaclout2
 170         cmp tmpaclout1 tmpaclout2 > /dev/null
 171       }
 172       ;;
 173     aix)
 174       func_test_same_acls ()
 175       {
 176         aclget "$1" > tmpaclout1
 177         aclget "$2" > tmpaclout2
 178         cmp tmpaclout1 tmpaclout2 > /dev/null
 179       }
 180       ;;
 181     macosx)
 182       func_test_same_acls ()
 183       {
 184         /bin/ls -le "$1" | sed -e "s/$1/FILENAME/g" > tmpaclout1
 185         /bin/ls -le "$2" | sed -e "s/$2/FILENAME/g" > tmpaclout2
 186         cmp tmpaclout1 tmpaclout2 > /dev/null
 187       }
 188       ;;
 189     irix)
 190       func_test_same_acls ()
 191       {
 192         /bin/ls -lD "$1" | sed -e "s/$1/FILENAME/g" > tmpaclout1
 193         /bin/ls -lD "$2" | sed -e "s/$2/FILENAME/g" > tmpaclout2
 194         cmp tmpaclout1 tmpaclout2 > /dev/null
 195       }
 196       ;;
 197     none)
 198       func_test_same_acls ()
 199       {
 200         :
 201       }
 202       ;;
 203   esac
 204
 205   # func_test_copy file1 file2
 206   # copies file1 to file2 and verifies the permissions and ACLs are the same
 207   # on both.
 208   func_test_copy ()
 209   {
 210     echo "Simple contents" > "$2"
 211     chmod 600 "$2"
 212     ${CHECKER} "$builddir"/test-copy-acl${EXEEXT} "$1" "$2" || exit 1
 213     ${CHECKER} "$builddir"/test-sameacls${EXEEXT} "$1" "$2" || exit 1
 214     func_test_same_acls                           "$1" "$2" || exit 1
 215   }
 216
 217   func_test_copy tmpfile0 tmpfile1
 218
 219   if test $acl_flavor != none; then
 220     # A POSIX compliant 'id' program.
 221     if test -f /usr/xpg4/bin/id; then
 222       ID=/usr/xpg4/bin/id
 223     else
 224       ID=id
 225     fi
 226     # Use a user and group id different from the current one, to avoid
 227     # redundant/ambiguous ACLs.
 228     myuid=`$ID -u`
 229     mygid=`$ID -g`
 230     auid=1
 231     if test "$auid" = "$myuid"; then auid=2; fi
 232     agid=1
 233     if test "$agid" = "$mygid"; then agid=2; fi
 234
 235     case $acl_flavor in
 236       linux | freebsd | solaris)
 237
 238         # Set an ACL for a user.
 239         setfacl -m user:$auid:1 tmpfile0
 240
 241         func_test_copy tmpfile0 tmpfile2
 242
 243         # Set an ACL for a group.
 244         setfacl -m group:$agid:4 tmpfile0
 245
 246         func_test_copy tmpfile0 tmpfile3
 247
 248         # Set an ACL for other.
 249         case $acl_flavor in
 250           freebsd) setfacl -m other::4 tmpfile0 ;;
 251           solaris) chmod o+r tmpfile0 ;;
 252           *)       setfacl -m other:4 tmpfile0 ;;
 253         esac
 254
 255         func_test_copy tmpfile0 tmpfile4
 256
 257         # Remove the ACL for the user.
 258         case $acl_flavor in
 259           linux)   setfacl -x user:$auid tmpfile0 ;;
 260           freebsd) setfacl -x user:$auid:1 tmpfile0 ;;
 261           *)       setfacl -d user:$auid:1 tmpfile0 ;;
 262         esac
 263
 264         func_test_copy tmpfile0 tmpfile5
 265
 266         # Remove the ACL for other.
 267         case $acl_flavor in
 268           linux | solaris) ;; # impossible
 269           freebsd) setfacl -x other::4 tmpfile0 ;;
 270           *)       setfacl -d other:4 tmpfile0 ;;
 271         esac
 272
 273         func_test_copy tmpfile0 tmpfile6
 274
 275         # Remove the ACL for the group.
 276         case $acl_flavor in
 277           linux)   setfacl -x group:$agid tmpfile0 ;;
 278           freebsd) setfacl -x group:$agid:4 tmpfile0 ;;
 279           *)       setfacl -d group:$agid:4 tmpfile0 ;;
 280         esac
 281
 282         func_test_copy tmpfile0 tmpfile7
 283
 284         # Delete all optional ACLs.
 285         case $acl_flavor in
 286           linux | freebsd)
 287             setfacl -m user:$auid:1 tmpfile0
 288             setfacl -b tmpfile0
 289             ;;
 290           *)
 291             setfacl -s user::6,group::0,other:0 tmpfile0 ;;
 292         esac
 293
 294         func_test_copy tmpfile0 tmpfile8
 295
 296         # Copy ACLs from a file that has no ACLs.
 297         echo > tmpfile9
 298         chmod a+x tmpfile9
 299         case $acl_flavor in
 300           linux)   getfacl tmpfile9 | setfacl --set-file=- tmpfile0 ;;
 301           freebsd) ;;
 302           *)       getfacl tmpfile9 | setfacl -f - tmpfile0 ;;
 303         esac
 304         rm -f tmpfile9
 305
 306         func_test_copy tmpfile0 tmpfile9
 307
 308         ;;
 309
 310       cygwin)
 311
 312         # Set an ACL for a group.
 313         setfacl -m group:0:1 tmpfile0
 314
 315         func_test_copy tmpfile0 tmpfile2
 316
 317         # Set an ACL for other.
 318         setfacl -m other:4 tmpfile0
 319
 320         func_test_copy tmpfile0 tmpfile4
 321
 322         # Remove the ACL for the group.
 323         setfacl -d group:0 tmpfile0
 324
 325         func_test_copy tmpfile0 tmpfile5
 326
 327         # Remove the ACL for other.
 328         setfacl -d other:4 tmpfile0
 329
 330         func_test_copy tmpfile0 tmpfile6
 331
 332         # Delete all optional ACLs.
 333         setfacl -s user::6,group::0,other:0 tmpfile0
 334
 335         func_test_copy tmpfile0 tmpfile8
 336
 337         # Copy ACLs from a file that has no ACLs.
 338         echo > tmpfile9
 339         chmod a+x tmpfile9
 340         getfacl tmpfile9 | setfacl -f - tmpfile0
 341         rm -f tmpfile9
 342
 343         func_test_copy tmpfile0 tmpfile9
 344
 345         ;;
 346
 347       hpux)
 348
 349         # Set an ACL for a user.
 350         orig=`lsacl tmpfile0 | sed -e 's/ tmpfile0$//'`
 351         chacl -r "${orig}($auid.%,--x)" tmpfile0
 352
 353         func_test_copy tmpfile0 tmpfile2
 354
 355         # Set an ACL for a group.
 356         orig=`lsacl tmpfile0 | sed -e 's/ tmpfile0$//'`
 357         chacl -r "${orig}(%.$agid,r--)" tmpfile0
 358
 359         func_test_copy tmpfile0 tmpfile3
 360
 361         # Set an ACL for other.
 362         orig=`lsacl tmpfile0 | sed -e 's/ tmpfile0$//'`
 363         chacl -r "${orig}(%.%,r--)" tmpfile0
 364
 365         func_test_copy tmpfile0 tmpfile4
 366
 367         # Remove the ACL for the user.
 368         chacl -d "($auid.%,--x)" tmpfile0
 369
 370         func_test_copy tmpfile0 tmpfile5
 371
 372         # Remove the ACL for the group.
 373         chacl -d "(%.$agid,r--)" tmpfile0
 374
 375         func_test_copy tmpfile0 tmpfile6
 376
 377         # Delete all optional ACLs.
 378         chacl -z tmpfile0
 379
 380         func_test_copy tmpfile0 tmpfile8
 381
 382         # Copy ACLs from a file that has no ACLs.
 383         echo > tmpfile9
 384         chmod a+x tmpfile9
 385         orig=`lsacl tmpfile9 | sed -e 's/ tmpfile9$//'`
 386         rm -f tmpfile9
 387         chacl -r "${orig}" tmpfile0
 388
 389         func_test_copy tmpfile0 tmpfile9
 390
 391         ;;
 392
 393       hpuxjfs)
 394
 395         # Set an ACL for a user.
 396         orig=`lsacl tmpfile0 | sed -e 's/ tmpfile0$//'`
 397         chacl -r "${orig}($auid.%,--x)" tmpfile0 \
 398           || setacl -m user:$auid:1 tmpfile0
 399
 400         func_test_copy tmpfile0 tmpfile2
 401
 402         # Set an ACL for a group.
 403         orig=`lsacl tmpfile0 | sed -e 's/ tmpfile0$//'`
 404         chacl -r "${orig}(%.$agid,r--)" tmpfile0 \
 405           || setacl -m group:$agid:4 tmpfile0
 406
 407         func_test_copy tmpfile0 tmpfile3
 408
 409         # Set an ACL for other.
 410         orig=`lsacl tmpfile0 | sed -e 's/ tmpfile0$//'`
 411         chacl -r "${orig}(%.%,r--)" tmpfile0 \
 412           || setacl -m other:4 tmpfile0
 413
 414         func_test_copy tmpfile0 tmpfile4
 415
 416         # Remove the ACL for the user.
 417         chacl -d "($auid.%,--x)" tmpfile0 \
 418           || setacl -d user:$auid tmpfile0
 419
 420         func_test_copy tmpfile0 tmpfile5
 421
 422         # Remove the ACL for the group.
 423         chacl -d "(%.$agid,r--)" tmpfile0 \
 424           || setacl -d group:$agid tmpfile0
 425
 426         func_test_copy tmpfile0 tmpfile6
 427
 428         # Delete all optional ACLs.
 429         chacl -z tmpfile0 \
 430           || { setacl -m user:$auid:1 tmpfile0
 431                setacl -s user::6,group::0,class:7,other:0 tmpfile0
 432              }
 433
 434         func_test_copy tmpfile0 tmpfile8
 435
 436         # Copy ACLs from a file that has no ACLs.
 437         echo > tmpfile9
 438         chmod a+x tmpfile9
 439         orig=`lsacl tmpfile9 | sed -e 's/ tmpfile9$//'`
 440         getacl tmpfile9 > tmpaclout0
 441         rm -f tmpfile9
 442         chacl -r "${orig}" tmpfile0 \
 443           || setacl -f tmpaclout0 tmpfile0
 444
 445         func_test_copy tmpfile0 tmpfile9
 446
 447         ;;
 448
 449       osf1)
 450
 451         # Set an ACL for a user.
 452         setacl -u user:$auid:1 tmpfile0
 453
 454         func_test_copy tmpfile0 tmpfile2
 455
 456         # Set an ACL for a group.
 457         setacl -u group:$agid:4 tmpfile0
 458
 459         func_test_copy tmpfile0 tmpfile3
 460
 461         # Set an ACL for other.
 462         setacl -u other::4 tmpfile0
 463
 464         func_test_copy tmpfile0 tmpfile4
 465
 466         # Remove the ACL for the user.
 467         setacl -x user:$auid:1 tmpfile0
 468
 469         func_test_copy tmpfile0 tmpfile5
 470
 471         if false; then # would give an error "can't set ACL: Invalid argument"
 472           # Remove the ACL for other.
 473           setacl -x other::4 tmpfile0
 474
 475           func_test_copy tmpfile0 tmpfile6
 476         fi
 477
 478         # Remove the ACL for the group.
 479         setacl -x group:$agid:4 tmpfile0
 480
 481         func_test_copy tmpfile0 tmpfile7
 482
 483         # Delete all optional ACLs.
 484         setacl -u user:$auid:1 tmpfile0
 485         setacl -b tmpfile0
 486
 487         func_test_copy tmpfile0 tmpfile8
 488
 489         # Copy ACLs from a file that has no ACLs.
 490         echo > tmpfile9
 491         chmod a+x tmpfile9
 492         getacl tmpfile9 > tmpaclout0
 493         setacl -b -U tmpaclout0 tmpfile0
 494         rm -f tmpfile9
 495
 496         func_test_copy tmpfile0 tmpfile9
 497
 498         ;;
 499
 500       nsk)
 501
 502         # Set an ACL for a user.
 503         setacl -m user:$auid:1 tmpfile0
 504
 505         func_test_copy tmpfile0 tmpfile2
 506
 507         # Set an ACL for a group.
 508         setacl -m group:$agid:4 tmpfile0
 509
 510         func_test_copy tmpfile0 tmpfile3
 511
 512         # Set an ACL for other.
 513         setacl -m other:4 tmpfile0
 514
 515         func_test_copy tmpfile0 tmpfile4
 516
 517         # Remove the ACL for the user.
 518         setacl -d user:$auid tmpfile0
 519
 520         func_test_copy tmpfile0 tmpfile5
 521
 522         # Remove the ACL for the group.
 523         setacl -d group:$agid tmpfile0
 524
 525         func_test_copy tmpfile0 tmpfile6
 526
 527         # Delete all optional ACLs.
 528         setacl -m user:$auid:1 tmpfile0
 529         setacl -s user::6,group::0,class:7,other:0 tmpfile0
 530
 531         func_test_copy tmpfile0 tmpfile8
 532
 533         # Copy ACLs from a file that has no ACLs.
 534         echo > tmpfile9
 535         chmod a+x tmpfile9
 536         getacl tmpfile9 > tmpaclout0
 537         setacl -f tmpaclout0 tmpfile0
 538         rm -f tmpfile9
 539
 540         func_test_copy tmpfile0 tmpfile9
 541
 542         ;;
 543
 544       aix)
 545
 546         # Set an ACL for a user.
 547         { aclget tmpfile0 | sed -e 's/disabled$/enabled/'; echo "        permit --x u:$auid"; } | aclput tmpfile0
 548
 549         func_test_copy tmpfile0 tmpfile2
 550
 551         # Set an ACL for a group.
 552         { aclget tmpfile0 | sed -e 's/disabled$/enabled/'; echo "        permit r-- g:$agid"; } | aclput tmpfile0
 553
 554         func_test_copy tmpfile0 tmpfile3
 555
 556         # Set an ACL for other.
 557         chmod o+r tmpfile0
 558
 559         func_test_copy tmpfile0 tmpfile4
 560
 561         # Remove the ACL for the user.
 562         aclget tmpfile0 | grep -v ' u:[^ ]*$' | aclput tmpfile0
 563
 564         func_test_copy tmpfile0 tmpfile5
 565
 566         # Remove the ACL for the group.
 567         aclget tmpfile0 | grep -v ' g:[^ ]*$' | aclput tmpfile0
 568
 569         func_test_copy tmpfile0 tmpfile7
 570
 571         # Delete all optional ACLs.
 572         aclget tmpfile0 | sed -e 's/enabled$/disabled/' | sed -e '/disabled$/q' | aclput tmpfile0
 573
 574         func_test_copy tmpfile0 tmpfile8
 575
 576         # Copy ACLs from a file that has no ACLs.
 577         echo > tmpfile9
 578         chmod a+x tmpfile9
 579         aclget tmpfile9 | aclput tmpfile0
 580         rm -f tmpfile9
 581
 582         func_test_copy tmpfile0 tmpfile9
 583
 584         ;;
 585
 586       macosx)
 587
 588         # Set an ACL for a user.
 589         /bin/chmod +a "user:daemon allow execute" tmpfile0
 590
 591         func_test_copy tmpfile0 tmpfile2
 592
 593         # Set an ACL for a group.
 594         /bin/chmod +a "group:daemon allow read" tmpfile0
 595
 596         func_test_copy tmpfile0 tmpfile3
 597
 598         # Set an ACL for other.
 599         chmod o+r tmpfile0
 600
 601         func_test_copy tmpfile0 tmpfile4
 602
 603         # Remove the ACL for the user.
 604         /bin/chmod -a "user:daemon allow execute" tmpfile0
 605
 606         func_test_copy tmpfile0 tmpfile5
 607
 608         # Remove the ACL for the group.
 609         /bin/chmod -a "group:daemon allow read" tmpfile0
 610
 611         func_test_copy tmpfile0 tmpfile7
 612
 613         # Delete all optional ACLs.
 614         /bin/chmod -N tmpfile0
 615
 616         func_test_copy tmpfile0 tmpfile8
 617
 618         # Copy ACLs from a file that has no ACLs.
 619         echo > tmpfile9
 620         chmod a+x tmpfile9
 621         { /bin/ls -le tmpfile9 | sed -n -e 's/^ [0-9][0-9]*: //p'; echo; } | /bin/chmod -E tmpfile0
 622         rm -f tmpfile9
 623
 624         func_test_copy tmpfile0 tmpfile9
 625
 626         ;;
 627
 628       irix)
 629
 630         # Set an ACL for a user.
 631         /sbin/chacl user::rw-,group::---,other::---,user:$auid:--x tmpfile0
 632
 633         func_test_copy tmpfile0 tmpfile2
 634
 635         # Set an ACL for a group.
 636         /sbin/chacl user::rw-,group::---,other::---,user:$auid:--x,group:$agid:r-- tmpfile0
 637
 638         func_test_copy tmpfile0 tmpfile3
 639
 640         # Set an ACL for other.
 641         /sbin/chacl user::rw-,group::---,user:$auid:--x,group:$agid:r--,other::r-- tmpfile0
 642
 643         func_test_copy tmpfile0 tmpfile4
 644
 645         # Remove the ACL for the user.
 646         /sbin/chacl user::rw-,group::---,group:$agid:r--,other::r-- tmpfile0
 647
 648         func_test_copy tmpfile0 tmpfile5
 649
 650         # Remove the ACL for the group.
 651         /sbin/chacl user::rw-,group::---,other::r-- tmpfile0
 652
 653         func_test_copy tmpfile0 tmpfile7
 654
 655         ;;
 656
 657     esac
 658   fi
 659
 660   rm -f tmpfile[0-9] tmpaclout[0-2]
 661 ) || exit 1
 662
 663 rm -rf "$tmp"
 664 exit 0