From: Jeff King <peff@peff.net>
To: Stefan Beller <stefanbeller@googlemail.com>
Cc: Matthieu Moy <Matthieu.Moy@grenoble-inp.fr>,
Junio C Hamano <gitster@pobox.com>,
git@vger.kernel.org
Subject: Re: Bugreport on Ubuntu LTS: not ok - 2 Objects creation does not break ACLs with restrictive umask
Date: Tue, 5 Jun 2012 03:56:15 -0400 [thread overview]
Message-ID: <20120605075614.GE25809@sigill.intra.peff.net> (raw)
In-Reply-To: <CALbm-EZrKGaj1Q7gbmPmG0wQHxksnJqaS3bz3tMDsego7Zm2ZQ@mail.gmail.com>
On Tue, Jun 05, 2012 at 09:23:47AM +0200, Stefan Beller wrote:
> So I am using /dev/sda4 on /home type ext4 (rw), but my user account
> has its home directory encrypted via ecryptfs.
It's very likely that ecryptfs is the problem, then. Googling around, I
find conflicting reports on whether it actually supports ACLs or not.
At the top of the test script we check that "setfacl" doesn't report an
error, and assume that ACLs work if it doesn't. Maybe that test needs to
be more comprehensive, like the patch below. What happens when you run
t1304 with this patch (my expectation is that it will just skip the acl
tests)?
-- >8 --
Subject: t1304: improve setfacl prerequisite setup
Some filesystems will cause "setfacl" to report success, even
though they do not seem to behave sanely enough for our
tests. Let's make sure that not only does setfacl work, but
that we can read back the result.
Since we're making the setup more complex, let's move it
into its own test. This will hide the output for us unless
the user wants to run "-v" to see it (and we don't need to
bother printing anything about setfacl failing; the
remaining tests will properly print "skip" due to the
missing prerequisite).
Signed-off-by: Jeff King <peff@peff.net>
---
t/t1304-default-acl.sh | 17 +++++++----------
1 file changed, 7 insertions(+), 10 deletions(-)
diff --git a/t/t1304-default-acl.sh b/t/t1304-default-acl.sh
index 2b962cf..be954f0 100755
--- a/t/t1304-default-acl.sh
+++ b/t/t1304-default-acl.sh
@@ -14,16 +14,13 @@ umask 077
# We need an arbitrary other user give permission to using ACLs. root
# is a good candidate: exists on all unices, and it has permission
# anyway, so we don't create a security hole running the testsuite.
-
-setfacl_out="$(setfacl -m u:root:rwx . 2>&1)"
-setfacl_ret=$?
-
-if test $setfacl_ret != 0
-then
- say "Unable to use setfacl (output: '$setfacl_out'; return code: '$setfacl_ret')"
-else
- test_set_prereq SETFACL
-fi
+test_expect_success 'checking for a working acl setup' '
+ if setfacl -m u:root:rwx . &&
+ getfacl . | grep user:root:rwx
+ then
+ test_set_prereq SETFACL
+ fi
+'
if test -z "$LOGNAME"
then
next prev parent reply other threads:[~2012-06-05 7:56 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-04 15:40 Bugreport on Ubuntu LTS: not ok - 2 Objects creation does not break ACLs with restrictive umask Stefan Beller
2012-06-04 20:18 ` Junio C Hamano
[not found] ` <CALbm-EatNCPjFRO4NyGfZuSa72-FXwZcd_7cFe-f_iMOdGL4MQ@mail.gmail.com>
2012-06-04 22:19 ` Junio C Hamano
2012-06-05 6:02 ` Matthieu Moy
2012-06-05 7:23 ` Stefan Beller
2012-06-05 7:43 ` Stefan Beller
2012-06-05 7:56 ` Jeff King [this message]
2012-06-05 11:29 ` Matthieu Moy
2012-06-05 12:23 ` Stefan Beller
2012-06-05 13:28 ` Matthieu Moy
2012-06-05 14:04 ` Jeff King
2012-06-05 14:10 ` Jeff King
2012-06-05 14:28 ` Jeff King
2012-06-05 15:05 ` Jeff King
2012-06-05 16:31 ` Junio C Hamano
2012-06-05 16:44 ` Jeff King
2012-06-05 17:27 ` Junio C Hamano
2012-06-06 13:28 ` [PATCH] t1304: improve setfacl prerequisite setup Jeff King
2012-06-06 16:11 ` Stefan Beller
2012-06-06 16:58 ` Junio C Hamano
2012-06-07 9:02 ` Jeff King
2012-06-07 16:16 ` Junio C Hamano
2012-06-08 1:18 ` Brandon Casey
2012-06-05 19:16 ` Bugreport on Ubuntu LTS: not ok - 2 Objects creation does not break ACLs with restrictive umask Tyler Hicks
2012-06-05 20:45 ` Stefan Beller
2012-06-05 13:29 ` Jeff King
-- strict thread matches above, loose matches on Subject: below --
2012-06-04 20:49 Stefan Beller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120605075614.GE25809@sigill.intra.peff.net \
--to=peff@peff.net \
--cc=Matthieu.Moy@grenoble-inp.fr \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=stefanbeller@googlemail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).