b2e5d75d17
When the "ab/various-leak-fixes" topic was merged in [1] only t6021 would fail if the tests were run in the "GIT_TEST_PASSING_SANITIZE_LEAK=check" mode, i.e. to check whether we marked all leak-free tests with "TEST_PASSES_SANITIZE_LEAK=true". Since then we've had various tests starting to pass under SANITIZE=leak. Let's mark those as passing, this is when they started to pass, narrowed down with "git bisect": - t5317-pack-objects-filter-objects.sh: Infaebba436e
(list-objects-filter: plug pattern_list leak, 2022-12-01). - t3210-pack-refs.sh, t5613-info-alternate.sh, t7403-submodule-sync.sh: In189e97bc4b
(diff: remove parseopts member from struct diff_options, 2022-12-01). - t1408-packed-refs.sh: Inab91f6b7c4
(Merge branch 'rs/diff-parseopts', 2022-12-19). - t0023-crlf-am.sh, t4152-am-subjects.sh, t4254-am-corrupt.sh, t4256-am-format-flowed.sh, t4257-am-interactive.sh, t5403-post-checkout-hook.sh: Ina658e881c1
(am: don't pass strvec to apply_parse_options(), 2022-12-13) - t1301-shared-repo.sh, t1302-repo-version.sh: Inb07a819c05
(reflog: clear leftovers in reflog_expiry_cleanup(), 2022-12-13). - t1304-default-acl.sh, t1410-reflog.sh, t5330-no-lazy-fetch-with-commit-graph.sh, t5502-quickfetch.sh, t5604-clone-reference.sh, t6014-rev-list-all.sh, t7701-repack-unpack-unreachable.sh: Inb0c61be320
(Merge branch 'rs/reflog-expiry-cleanup', 2022-12-26) - t3800-mktag.sh, t5302-pack-index.sh, t5306-pack-nobase.sh, t5573-pull-verify-signatures.sh, t7612-merge-verify-signatures.sh: In69bbbe484b
(hash-object: use fsck for object checks, 2023-01-18). - t1451-fsck-buffer.sh: In8e4309038f
(fsck: do not assume NUL-termination of buffers, 2023-01-19). - t6501-freshen-objects.sh: Inabf2bb895b
(Merge branch 'jk/hash-object-fsck', 2023-01-30) 1.9ea1378d04
(Merge branch 'ab/various-leak-fixes', 2022-12-14) Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
67 lines
1.8 KiB
Bash
Executable File
67 lines
1.8 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# Copyright (c) 2010 Matthieu Moy
|
|
#
|
|
|
|
test_description='Test repository with default ACL'
|
|
|
|
# Create the test repo with restrictive umask
|
|
# => this must come before . ./test-lib.sh
|
|
umask 077
|
|
|
|
TEST_PASSES_SANITIZE_LEAK=true
|
|
. ./test-lib.sh
|
|
|
|
# We need an arbitrary other user give permission to using ACLs. root
|
|
# is a good candidate: exists on all unices, and it has permission
|
|
# anyway, so we don't create a security hole running the testsuite.
|
|
test_expect_success 'checking for a working acl setup' '
|
|
if setfacl -m d:m:rwx -m u:root:rwx . &&
|
|
getfacl . | grep user:root:rwx &&
|
|
touch should-have-readable-acl &&
|
|
getfacl should-have-readable-acl | grep -E "mask::?rw-"
|
|
then
|
|
test_set_prereq SETFACL
|
|
fi
|
|
'
|
|
|
|
if test -z "$LOGNAME"
|
|
then
|
|
LOGNAME="${USER:-$(id -u -n)}"
|
|
fi
|
|
|
|
check_perms_and_acl () {
|
|
test -r "$1" &&
|
|
getfacl "$1" > actual &&
|
|
grep -q "user:root:rwx" actual &&
|
|
grep -q "user:${LOGNAME}:rwx" actual &&
|
|
grep -E "mask::?r--" actual > /dev/null 2>&1 &&
|
|
grep -q "group::---" actual || false
|
|
}
|
|
|
|
dirs_to_set="./ .git/ .git/objects/ .git/objects/pack/"
|
|
|
|
test_expect_success SETFACL 'Setup test repo' '
|
|
setfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx $dirs_to_set &&
|
|
setfacl -m m:rwx $dirs_to_set &&
|
|
setfacl -m u:root:rwx $dirs_to_set &&
|
|
setfacl -m d:u:"$LOGNAME":rwx $dirs_to_set &&
|
|
setfacl -m d:u:root:rwx $dirs_to_set &&
|
|
|
|
touch file.txt &&
|
|
git add file.txt &&
|
|
git commit -m "init"
|
|
'
|
|
|
|
test_expect_success SETFACL 'Objects creation does not break ACLs with restrictive umask' '
|
|
# SHA1 for empty blob
|
|
check_perms_and_acl .git/objects/$(echo $EMPTY_BLOB | sed -e "s,^\(..\),\1/,")
|
|
'
|
|
|
|
test_expect_success SETFACL 'git gc does not break ACLs with restrictive umask' '
|
|
git gc &&
|
|
check_perms_and_acl .git/objects/pack/*.pack
|
|
'
|
|
|
|
test_done
|