1#!/bin/sh 2 3# Show all commands when run with environment variable VERBOSE=yes. 4test -z "$VERBOSE" || set -x 5 6test "$USE_ACL" = 0 && 7 { 8 echo "Skipping test: insufficient ACL support" 9 exit 77 10 } 11 12# func_tmpdir 13# creates a temporary directory. 14# Sets variable 15# - tmp pathname of freshly created temporary directory 16func_tmpdir () 17{ 18 # Use the environment variable TMPDIR, falling back to /tmp. This allows 19 # users to specify a different temporary directory, for example, if their 20 # /tmp is filled up or too small. 21 : ${TMPDIR=/tmp} 22 { 23 # Use the mktemp program if available. If not available, hide the error 24 # message. 25 tmp=`(umask 077 && mktemp -d "$TMPDIR/glXXXXXX") 2>/dev/null` && 26 test -n "$tmp" && test -d "$tmp" 27 } || 28 { 29 # Use a simple mkdir command. It is guaranteed to fail if the directory 30 # already exists. $RANDOM is bash specific and expands to empty in shells 31 # other than bash, ksh and zsh. Its use does not increase security; 32 # rather, it minimizes the probability of failure in a very cluttered /tmp 33 # directory. 34 tmp=$TMPDIR/gl$$-$RANDOM 35 (umask 077 && mkdir "$tmp") 36 } || 37 { 38 echo "$0: cannot create a temporary directory in $TMPDIR" >&2 39 exit 1 40 } 41} 42 43func_tmpdir 44# builddir may already be set by the script that invokes this one. 45case "$builddir" in 46 '') builddir=`pwd` ;; 47 /* | ?:*) ;; 48 *) builddir=`pwd`/$builddir ;; 49esac 50cd "$builddir" || 51 { 52 echo "$0: cannot determine build directory (unreadable parent dir?)" >&2 53 exit 1 54 } 55# Switch to a temporary directory, to increase the likelihood that ACLs are 56# supported on the current file system. (/tmp is usually locally mounted, 57# whereas the build dir is sometimes NFS-mounted.) 58( cd "$tmp" 59 60 # Prepare tmpfile0. 61 rm -f tmpfile[0-9] 62 echo "Simple contents" > tmpfile0 63 chmod 600 tmpfile0 64 65 # Classification of the platform according to the programs available for 66 # manipulating ACLs. 67 # Possible values are: 68 # linux, cygwin, freebsd, solaris, hpux, hpuxjfs, osf1, aix, macosx, irix, none. 69 # TODO: Support also native Windows platforms (mingw). 70 acl_flavor=none 71 if (getfacl tmpfile0 >/dev/null) 2>/dev/null; then 72 # Platforms with the getfacl and setfacl programs. 73 # Linux, FreeBSD, Solaris, Cygwin. 74 if (setfacl --help >/dev/null) 2>/dev/null; then 75 # Linux, Cygwin. 76 if (LC_ALL=C setfacl --help | grep ' --set-file' >/dev/null) 2>/dev/null; then 77 # Linux. 78 acl_flavor=linux 79 else 80 acl_flavor=cygwin 81 fi 82 else 83 # FreeBSD, Solaris. 84 if (LC_ALL=C setfacl 2>&1 | grep '\-x entries' >/dev/null) 2>/dev/null; then 85 # FreeBSD. 86 acl_flavor=freebsd 87 else 88 # Solaris. 89 acl_flavor=solaris 90 fi 91 fi 92 else 93 if (lsacl / >/dev/null) 2>/dev/null; then 94 # Platforms with the lsacl and chacl programs. 95 # HP-UX, sometimes also IRIX. 96 if (getacl tmpfile0 >/dev/null) 2>/dev/null; then 97 # HP-UX 11.11 or newer. 98 acl_flavor=hpuxjfs 99 else 100 # HP-UX 11.00. 101 acl_flavor=hpux 102 fi 103 else 104 if (getacl tmpfile0 >/dev/null) 2>/dev/null; then 105 # Tru64, NonStop Kernel. 106 if (getacl -m tmpfile0 >/dev/null) 2>/dev/null; then 107 # Tru64. 108 acl_flavor=osf1 109 else 110 # NonStop Kernel. 111 acl_flavor=nsk 112 fi 113 else 114 if (aclget tmpfile0 >/dev/null) 2>/dev/null; then 115 # AIX. 116 acl_flavor=aix 117 else 118 if (fsaclctl -v >/dev/null) 2>/dev/null; then 119 # Mac OS X. 120 acl_flavor=macosx 121 else 122 if test -f /sbin/chacl; then 123 # IRIX. 124 acl_flavor=irix 125 fi 126 fi 127 fi 128 fi 129 fi 130 fi 131 132 if test $acl_flavor != none; then 133 # A POSIX compliant 'id' program. 134 if test -f /usr/xpg4/bin/id; then 135 ID=/usr/xpg4/bin/id 136 else 137 ID=id 138 fi 139 # Use a user and group id different from the current one, to avoid 140 # redundant/ambiguous ACLs. 141 myuid=`$ID -u` 142 mygid=`$ID -g` 143 auid=1 144 if test "$auid" = "$myuid"; then auid=2; fi 145 agid=1 146 if test "$agid" = "$mygid"; then agid=2; fi 147 fi 148 149 for mode in 700 400 200 100 644 650 605 011 4700 2070; do 150 rm -f tmpfile0 tmpfile1 tmpfile2 151 152 # Prepare a file with no ACL. 153 echo "Anything" > tmpfile0 154 # If a mode is not supported (e.g. 2070 on FreeBSD), we skip testing it. 155 if chmod $mode tmpfile0 2>/dev/null; then 156 modestring0=`ls -l tmpfile0 | dd ibs=1 count=10 2>/dev/null` 157 158 # Prepare a file with no ACL. 159 echo "Some contents" > tmpfile1 160 chmod 600 tmpfile1 161 162 # Try to set the ACL to only the given mode. 163 ${CHECKER} "$builddir"/test-set-mode-acl${EXEEXT} tmpfile1 $mode 164 # Verify that tmpfile1 has no ACL and has the desired mode. 165 modestring=`ls -l tmpfile1 | dd ibs=1 count=10 2>/dev/null` 166 if test "x$modestring" != "x$modestring0"; then 167 echo "mode = $mode: tmpfile1 has wrong mode: $modestring" 1>&2 168 exit 1 169 fi 170 if test `${CHECKER} "$builddir"/test-file-has-acl${EXEEXT} tmpfile1` != no; then 171 echo "mode = $mode: tmpfile1 got an ACL" 1>&2 172 exit 1 173 fi 174 175 if test $acl_flavor != none; then 176 177 # Prepare a file with an ACL. 178 echo "Special contents" > tmpfile2 179 chmod 600 tmpfile2 180 # Set an ACL for a user (or group). 181 case $acl_flavor in 182 linux | freebsd | solaris) 183 setfacl -m user:$auid:1 tmpfile0 184 ;; 185 cygwin) 186 setfacl -m group:0:1 tmpfile0 187 ;; 188 hpux) 189 orig=`lsacl tmpfile0 | sed -e 's/ tmpfile0$//'` 190 chacl -r "${orig}($auid.%,--x)" tmpfile0 191 ;; 192 hpuxjfs) 193 orig=`lsacl tmpfile0 | sed -e 's/ tmpfile0$//'` 194 chacl -r "${orig}($auid.%,--x)" tmpfile0 \ 195 || setacl -m user:$auid:1 tmpfile0 196 ;; 197 osf1) 198 setacl -u user:$auid:1 tmpfile0 199 ;; 200 nsk) 201 setacl -m user:$auid:1 tmpfile0 202 ;; 203 aix) 204 { aclget tmpfile0 | sed -e 's/disabled$/enabled/'; echo " permit --x u:$auid"; } | aclput tmpfile0 205 ;; 206 macosx) 207 /bin/chmod +a "user:daemon allow execute" tmpfile0 208 ;; 209 irix) 210 /sbin/chacl user::rw-,group::---,other::---,user:$auid:--x tmpfile0 211 ;; 212 esac 213 214 # Try to set the ACL to only the given mode. 215 ${CHECKER} "$builddir"/test-set-mode-acl${EXEEXT} tmpfile2 $mode 216 # Verify that tmpfile2 has no ACL and has the desired mode. 217 modestring=`ls -l tmpfile2 | dd ibs=1 count=10 2>/dev/null` 218 if test "x$modestring" != "x$modestring0"; then 219 echo "mode = $mode: tmpfile2 has wrong mode: $modestring" 1>&2 220 exit 1 221 fi 222 if test `${CHECKER} "$builddir"/test-file-has-acl${EXEEXT} tmpfile2` != no; then 223 echo "mode = $mode: tmpfile2 still has an ACL" 1>&2 224 exit 1 225 fi 226 fi 227 fi 228 done 229 230 rm -f tmpfile[0-9] 231) || exit 1 232 233rm -rf "$tmp" 234exit 0 235