1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
|
#!/bin/sh
# Show all commands when run with environment variable VERBOSE=yes.
test -z "$VERBOSE" || set -x
test "$USE_ACL" = 0 &&
{
echo "Skipping test: insufficient ACL support"
exit 77
}
# func_tmpdir
# creates a temporary directory.
# Sets variable
# - tmp pathname of freshly created temporary directory
func_tmpdir ()
{
# Use the environment variable TMPDIR, falling back to /tmp. This allows
# users to specify a different temporary directory, for example, if their
# /tmp is filled up or too small.
: ${TMPDIR=/tmp}
{
# Use the mktemp program if available. If not available, hide the error
# message.
tmp=`(umask 077 && mktemp -d "$TMPDIR/glXXXXXX") 2>/dev/null` &&
test -n "$tmp" && test -d "$tmp"
} ||
{
# Use a simple mkdir command. It is guaranteed to fail if the directory
# already exists. $RANDOM is bash specific and expands to empty in shells
# other than bash, ksh and zsh. Its use does not increase security;
# rather, it minimizes the probability of failure in a very cluttered /tmp
# directory.
tmp=$TMPDIR/gl$$-$RANDOM
(umask 077 && mkdir "$tmp")
} ||
{
echo "$0: cannot create a temporary directory in $TMPDIR" >&2
exit 1
}
}
func_tmpdir
# builddir may already be set by the script that invokes this one.
case "$builddir" in
'') builddir=`pwd` ;;
/* | ?:*) ;;
*) builddir=`pwd`/$builddir ;;
esac
cd "$builddir" ||
{
echo "$0: cannot determine build directory (unreadable parent dir?)" >&2
exit 1
}
# Switch to a temporary directory, to increase the likelihood that ACLs are
# supported on the current file system. (/tmp is usually locally mounted,
# whereas the build dir is sometimes NFS-mounted.)
( cd "$tmp"
# Prepare tmpfile0.
rm -f tmpfile[0-9]
echo "Simple contents" > tmpfile0
chmod 600 tmpfile0
# Classification of the platform according to the programs available for
# manipulating ACLs.
# Possible values are:
# linux, cygwin, freebsd, solaris, hpux, hpuxjfs, osf1, aix, macosx, irix, none.
# TODO: Support also native Windows platforms (mingw).
acl_flavor=none
if (getfacl tmpfile0 >/dev/null) 2>/dev/null; then
# Platforms with the getfacl and setfacl programs.
# Linux, FreeBSD, Solaris, Cygwin.
if (setfacl --help >/dev/null) 2>/dev/null; then
# Linux, Cygwin.
if (LC_ALL=C setfacl --help | grep ' --set-file' >/dev/null) 2>/dev/null; then
# Linux.
acl_flavor=linux
else
acl_flavor=cygwin
fi
else
# FreeBSD, Solaris.
if (LC_ALL=C setfacl 2>&1 | grep '\-x entries' >/dev/null) 2>/dev/null; then
# FreeBSD.
acl_flavor=freebsd
else
# Solaris.
acl_flavor=solaris
fi
fi
else
if (lsacl / >/dev/null) 2>/dev/null; then
# Platforms with the lsacl and chacl programs.
# HP-UX, sometimes also IRIX.
if (getacl tmpfile0 >/dev/null) 2>/dev/null; then
# HP-UX 11.11 or newer.
acl_flavor=hpuxjfs
else
# HP-UX 11.00.
acl_flavor=hpux
fi
else
if (getacl tmpfile0 >/dev/null) 2>/dev/null; then
# Tru64, NonStop Kernel.
if (getacl -m tmpfile0 >/dev/null) 2>/dev/null; then
# Tru64.
acl_flavor=osf1
else
# NonStop Kernel.
acl_flavor=nsk
fi
else
if (aclget tmpfile0 >/dev/null) 2>/dev/null; then
# AIX.
acl_flavor=aix
else
if (fsaclctl -v >/dev/null) 2>/dev/null; then
# Mac OS X.
acl_flavor=macosx
else
if test -f /sbin/chacl; then
# IRIX.
acl_flavor=irix
fi
fi
fi
fi
fi
fi
if test $acl_flavor != none; then
# A POSIX compliant 'id' program.
if test -f /usr/xpg4/bin/id; then
ID=/usr/xpg4/bin/id
else
ID=id
fi
# Use a user and group id different from the current one, to avoid
# redundant/ambiguous ACLs.
myuid=`$ID -u`
mygid=`$ID -g`
auid=1
if test "$auid" = "$myuid"; then auid=2; fi
agid=1
if test "$agid" = "$mygid"; then agid=2; fi
fi
for mode in 700 400 200 100 644 650 605 011 4700 2070; do
rm -f tmpfile0 tmpfile1 tmpfile2
# Prepare a file with no ACL.
echo "Anything" > tmpfile0
# If a mode is not supported (e.g. 2070 on FreeBSD), we skip testing it.
if chmod $mode tmpfile0 2>/dev/null; then
modestring0=`ls -l tmpfile0 | dd ibs=1 count=10 2>/dev/null`
# Prepare a file with no ACL.
echo "Some contents" > tmpfile1
chmod 600 tmpfile1
# Try to set the ACL to only the given mode.
${CHECKER} "$builddir"/test-set-mode-acl${EXEEXT} tmpfile1 $mode
# Verify that tmpfile1 has no ACL and has the desired mode.
modestring=`ls -l tmpfile1 | dd ibs=1 count=10 2>/dev/null`
if test "x$modestring" != "x$modestring0"; then
echo "mode = $mode: tmpfile1 has wrong mode: $modestring" 1>&2
exit 1
fi
if test `${CHECKER} "$builddir"/test-file-has-acl${EXEEXT} tmpfile1` != no; then
echo "mode = $mode: tmpfile1 got an ACL" 1>&2
exit 1
fi
if test $acl_flavor != none; then
# Prepare a file with an ACL.
echo "Special contents" > tmpfile2
chmod 600 tmpfile2
# Set an ACL for a user (or group).
case $acl_flavor in
linux | freebsd | solaris)
setfacl -m user:$auid:1 tmpfile0
;;
cygwin)
setfacl -m group:0:1 tmpfile0
;;
hpux)
orig=`lsacl tmpfile0 | sed -e 's/ tmpfile0$//'`
chacl -r "${orig}($auid.%,--x)" tmpfile0
;;
hpuxjfs)
orig=`lsacl tmpfile0 | sed -e 's/ tmpfile0$//'`
chacl -r "${orig}($auid.%,--x)" tmpfile0 \
|| setacl -m user:$auid:1 tmpfile0
;;
osf1)
setacl -u user:$auid:1 tmpfile0
;;
nsk)
setacl -m user:$auid:1 tmpfile0
;;
aix)
{ aclget tmpfile0 | sed -e 's/disabled$/enabled/'; echo " permit --x u:$auid"; } | aclput tmpfile0
;;
macosx)
/bin/chmod +a "user:daemon allow execute" tmpfile0
;;
irix)
/sbin/chacl user::rw-,group::---,other::---,user:$auid:--x tmpfile0
;;
esac
# Try to set the ACL to only the given mode.
${CHECKER} "$builddir"/test-set-mode-acl${EXEEXT} tmpfile2 $mode
# Verify that tmpfile2 has no ACL and has the desired mode.
modestring=`ls -l tmpfile2 | dd ibs=1 count=10 2>/dev/null`
if test "x$modestring" != "x$modestring0"; then
echo "mode = $mode: tmpfile2 has wrong mode: $modestring" 1>&2
exit 1
fi
if test `${CHECKER} "$builddir"/test-file-has-acl${EXEEXT} tmpfile2` != no; then
echo "mode = $mode: tmpfile2 still has an ACL" 1>&2
exit 1
fi
fi
fi
done
rm -f tmpfile[0-9]
) || exit 1
rm -rf "$tmp"
exit 0
|