1 Pretty comprehensive ACL tests.
3 This must be run on a filesystem with ACL support. Also, you will need
4 two dummy users (bin and daemon) and a dummy group (daemon).
9 Only change a base ACL:
10 $ lfs lsetfacl -m u::r f
11 $ lfs lsetfacl -m u::rw,u:bin:rw f
12 $ lfs ls -dl f | awk '{print $1}'
15 $ lfs lgetfacl --omit-header f
26 $ lfs lsetfacl -m u:bin:rw f
27 $ lfs ls -dl f | awk '{print $1}'
30 $ lfs lgetfacl --omit-header f
41 $ lfs lsetfacl -m u:bin:rwx d
42 $ lfs ls -dl d | awk '{print $1}'
45 $ lfs lgetfacl --omit-header d
56 $ lfs lsetfacl -m u:bin:rwx d
57 $ lfs ls -dl d | awk '{print $1}'
60 $ lfs lgetfacl --omit-header d
75 $ lfs lsetfacl -m u:bin:rw,u:daemon:r f
76 $ lfs ls -dl f | awk '{print $1}'
79 $ lfs lgetfacl --omit-header f
90 $ lfs lsetfacl -m g:users:rw,g:daemon:r f
91 $ lfs ls -dl f | awk '{print $1}'
94 $ lfs lgetfacl --omit-header f
107 $ lfs lsetfacl -x g:users f
108 $ lfs ls -dl f | awk '{print $1}'
111 $ lfs lgetfacl --omit-header f
123 $ lfs lsetfacl -x u:daemon f
124 $ lfs ls -dl f | awk '{print $1}'
127 $ lfs lgetfacl --omit-header f
142 $ lfs lsetfacl -m u:bin:rwx,u:daemon:rw,d:u:bin:rwx,d:m:rx d
143 $ lfs ls -dl d | awk '{print $1}'
146 $ lfs lgetfacl --omit-header d
154 > default:user:bin:rwx #effective:r-x
164 $ lfs ls -dl d/f | awk '{print $1}'
167 $ lfs lgetfacl --omit-header d/f
169 > user:bin:rwx #effective:r--
170 > group::r-x #effective:r--
178 $ lfs ls -dl d/f | awk '{print $1}'
181 $ lfs lgetfacl --omit-header d/f
183 > user:bin:rwx #effective:r--
184 > group::r-x #effective:r--
195 $ lfs ls -dl d/d | awk '{print $1}'
198 $ lfs lgetfacl --omit-header d/d
200 > user:bin:rwx #effective:r-x
205 > default:user:bin:rwx #effective:r-x
214 $ lfs ls -dl d/d | awk '{print $1}'
217 $ lfs lgetfacl --omit-header d/d
219 > user:bin:rwx #effective:r-x
224 > default:user:bin:rwx #effective:r-x
230 Add some users and groups
232 $ lfs lsetfacl -nm u:daemon:rx,d:u:daemon:rx,g:users:rx,g:daemon:rwx d/d
233 $ lfs ls -dl d/d | awk '{print $1}'
236 $ lfs lgetfacl --omit-header d/d
238 > user:bin:rwx #effective:r-x
241 > group:daemon:rwx #effective:r-x
246 > default:user:bin:rwx #effective:r-x
247 > default:user:daemon:r-x
253 Symlink in directory with default ACL?
256 $ lfs ls -dl d/l | awk '{print $1}'
259 $ lfs ls -dl -L d/l | awk '{print $1}'
262 # XXX:there is an issue with getfacl dealing symbol link
263 # $ lfs lgetfacl --omit-header d/l
265 $ lfs lgetfacl --omit-header l
267 > user:bin:rwx #effective:r-x
270 > group:daemon:rwx #effective:r-x
275 > default:user:bin:rwx #effective:r-x
276 > default:user:daemon:r-x
286 Does mask manipulation work?
288 $ lfs lsetfacl -m g:daemon:rx,u:bin:rx d/d
289 $ lfs ls -dl d/d | awk '{print $1}'
292 $ lfs lgetfacl --omit-header d/d
302 > default:user:bin:rwx #effective:r-x
303 > default:user:daemon:r-x
309 $ lfs lsetfacl -m d:u:bin:rwx d/d
310 $ lfs ls -dl d/d | awk '{print $1}'
313 $ lfs lgetfacl --omit-header d/d
323 > default:user:bin:rwx
324 > default:user:daemon:r-x
332 Remove the default ACL
335 $ lfs ls -dl d | awk '{print $1}'
338 $ lfs lgetfacl --omit-header d
347 Reset to base entries
350 $ lfs ls -dl d | awk '{print $1}'
353 $ lfs lgetfacl --omit-header d
359 Now, chmod should change the group_obj entry
362 $ lfs ls -dl d | awk '{print $1}'
365 $ lfs lgetfacl --omit-header d
374 $ lfs lsetfacl -m u:daemon:rwx,u:bin:rx,d:u:daemon:rwx,d:u:bin:rx d
375 $ lfs ls -dl d | awk '{print $1}'
378 $ lfs lgetfacl --omit-header d
386 > default:user:bin:r-x
387 > default:user:daemon:rwx
394 $ lfs ls -dl d | awk '{print $1}'
397 $ lfs lgetfacl --omit-header d
400 > user:daemon:rwx #effective:r-x
401 > group::rwx #effective:r-x
405 > default:user:bin:r-x
406 > default:user:daemon:rwx
413 $ lfs ls -dl d | awk '{print $1}'
416 $ lfs lgetfacl --omit-header d
419 > user:daemon:rwx #effective:r-x
420 > group::rwx #effective:r-x
424 > default:user:bin:r-x
425 > default:user:daemon:rwx