Add 'corebinutils/getfacl/' from commit '550119fbc3fe5fb6677c00484944354aa98f4b37'

git-subtree-dir: corebinutils/getfacl
git-subtree-mainline: 5c7294b9667f0a38005272add8c78483b8658092
git-subtree-split: 550119fbc3fe5fb6677c00484944354aa98f4b37

1 files changed, 229 insertions, 0 deletions

diff --git a/corebinutils/getfacl/tests/test.sh b/corebinutils/getfacl/tests/test.sh
new file mode 100644
index 0000000000..ae22edbb81
--- /dev/null
+++ b/corebinutils/getfacl/tests/test.sh
@@ -0,0 +1,229 @@
+#!/bin/sh
+set -eu
+
+: "${GETFACL_BIN:?GETFACL_BIN is required}"
+
+ROOT=$(CDPATH= cd -- "$(dirname -- "$0")/.." && pwd)
+TMPBASE="$ROOT/.tmp-tests"
+mkdir -p "$TMPBASE"
+WORKDIR=$(mktemp -d "$TMPBASE/getfacl-test.XXXXXX")
+STDOUT_FILE="$WORKDIR/stdout"
+STDERR_FILE="$WORKDIR/stderr"
+trap 'rm -rf "$WORKDIR"' EXIT INT TERM
+
+fail() {
+	printf '%s\n' "FAIL: $1" >&2
+	exit 1
+}
+
+assert_match() {
+	pattern=$1
+	text=$2
+	message=$3
+	printf '%s\n' "$text" | grep -Eq "$pattern" || fail "$message"
+}
+
+assert_not_match() {
+	pattern=$1
+	text=$2
+	message=$3
+	if printf '%s\n' "$text" | grep -Eq "$pattern"; then
+		fail "$message"
+	fi
+}
+
+assert_empty() {
+	text=$1
+	message=$2
+	[ -z "$text" ] || fail "$message"
+}
+
+assert_eq() {
+	expected=$1
+	actual=$2
+	message=$3
+	[ "$expected" = "$actual" ] || {
+		printf '%s\n' "FAIL: $message" >&2
+		printf '%s\n' "--- expected ---" >&2
+		printf '%s\n' "$expected" >&2
+		printf '%s\n' "--- actual ---" >&2
+		printf '%s\n' "$actual" >&2
+		exit 1
+	}
+}
+
+run_cmd() {
+	: >"$STDOUT_FILE"
+	: >"$STDERR_FILE"
+	set +e
+	"$@" >"$STDOUT_FILE" 2>"$STDERR_FILE"
+	CMD_STATUS=$?
+	set -e
+	CMD_STDOUT=$(cat "$STDOUT_FILE")
+	CMD_STDERR=$(cat "$STDERR_FILE")
+}
+
+run_stdin_cmd() {
+	input=$1
+	shift
+	: >"$STDOUT_FILE"
+	: >"$STDERR_FILE"
+	set +e
+	printf '%s' "$input" | "$@" >"$STDOUT_FILE" 2>"$STDERR_FILE"
+	CMD_STATUS=$?
+	set -e
+	CMD_STDOUT=$(cat "$STDOUT_FILE")
+	CMD_STDERR=$(cat "$STDERR_FILE")
+}
+
+acl_body() {
+	printf '%s\n' "$1" | sed '/^#/d;/^$/d'
+}
+
+normalize_default_body() {
+	printf '%s\n' "$1" | sed 's/^default://'
+}
+
+[ -x "$GETFACL_BIN" ] || fail "missing binary: $GETFACL_BIN"
+
+run_cmd "$GETFACL_BIN" -z
+[ "$CMD_STATUS" -eq 1 ] || fail "invalid option should exit 1"
+assert_match '^usage: getfacl ' "$CMD_STDERR" "usage output missing for invalid option"
+
+touch "$WORKDIR/file"
+chmod 640 "$WORKDIR/file"
+
+run_cmd "$GETFACL_BIN" "$WORKDIR/file"
+[ "$CMD_STATUS" -eq 0 ] || fail "base ACL read failed"
+assert_match "^# file: $WORKDIR/file$" "$CMD_STDOUT" "missing file header"
+assert_match '^# owner: ' "$CMD_STDOUT" "missing owner header"
+assert_match '^# group: ' "$CMD_STDOUT" "missing group header"
+assert_match '^user::rw-$' "$CMD_STDOUT" "missing user base entry"
+assert_match '^group::r--$' "$CMD_STDOUT" "missing group base entry"
+assert_match '^other::---$' "$CMD_STDOUT" "missing other base entry"
+base_output=$CMD_STDOUT
+
+run_cmd "$GETFACL_BIN" -h "$WORKDIR/file"
+[ "$CMD_STATUS" -eq 0 ] || fail "-h should work on regular files"
+assert_eq "$(acl_body "$base_output")" "$(acl_body "$CMD_STDOUT")" "-h should not change regular-file ACL body"
+
+run_cmd "$GETFACL_BIN" -q "$WORKDIR/file"
+[ "$CMD_STATUS" -eq 0 ] || fail "quiet ACL read failed"
+assert_not_match '^# file:' "$CMD_STDOUT" "header was not omitted"
+assert_match '^user::rw-$' "$CMD_STDOUT" "quiet output lost ACL data"
+
+run_cmd "$GETFACL_BIN" -s -q "$WORKDIR/file"
+[ "$CMD_STATUS" -eq 0 ] || fail "skip-base should not fail on trivial ACL"
+assert_empty "$CMD_STDOUT" "skip-base should suppress trivial ACLs"
+assert_empty "$CMD_STDERR" "skip-base should not warn for trivial ACL"
+
+run_cmd "$GETFACL_BIN" -n "$WORKDIR/file"
+[ "$CMD_STATUS" -eq 0 ] || fail "numeric ACL read failed"
+assert_match "^# owner: $(id -u)$" "$CMD_STDOUT" "numeric owner header missing"
+assert_match "^# group: $(id -g)$" "$CMD_STDOUT" "numeric group header missing"
+
+run_stdin_cmd "$(printf '%s\n%s\n' "$WORKDIR/file" "$WORKDIR/file")" "$GETFACL_BIN" -q
+[ "$CMD_STATUS" -eq 0 ] || fail "stdin path processing failed"
+count=$(printf '%s\n' "$CMD_STDOUT" | grep -c '^user::rw-$')
+[ "$count" -eq 2 ] || fail "stdin path processing did not emit two ACL blocks"
+assert_match '^$' "$CMD_STDOUT" "multiple stdin paths should be separated by a blank line"
+
+run_stdin_cmd "$(printf '%s\n\n%s\n' "$WORKDIR/file" "$WORKDIR/file")" "$GETFACL_BIN" -q
+[ "$CMD_STATUS" -eq 1 ] || fail "empty stdin pathname should fail"
+assert_match '^getfacl: stdin: empty pathname$' "$CMD_STDERR" "empty stdin pathname error missing"
+count=$(printf '%s\n' "$CMD_STDOUT" | grep -c '^user::rw-$')
+[ "$count" -eq 2 ] || fail "stdin processing should continue after empty pathname"
+
+run_cmd "$GETFACL_BIN" "$WORKDIR/missing"
+[ "$CMD_STATUS" -eq 1 ] || fail "missing file should exit 1"
+assert_match "^getfacl: $WORKDIR/missing: " "$CMD_STDERR" "missing file error not reported"
+
+run_cmd "$GETFACL_BIN" "$WORKDIR/file" "$WORKDIR/missing"
+[ "$CMD_STATUS" -eq 1 ] || fail "mixed success/failure operands should exit 1"
+assert_match '^user::rw-$' "$CMD_STDOUT" "successful operand output missing in mixed run"
+assert_match "^getfacl: $WORKDIR/missing: " "$CMD_STDERR" "mixed operand error missing"
+
+run_cmd "$GETFACL_BIN" -i "$WORKDIR/file"
+[ "$CMD_STATUS" -eq 1 ] || fail "unsupported -i should exit 1"
+assert_eq "getfacl: option -i is not supported on Linux" "$CMD_STDERR" "unsupported -i check missing"
+
+run_cmd "$GETFACL_BIN" -v "$WORKDIR/file"
+[ "$CMD_STATUS" -eq 1 ] || fail "unsupported -v should exit 1"
+assert_eq "getfacl: option -v is not supported on Linux" "$CMD_STDERR" "unsupported -v check missing"
+
+ln -s "$WORKDIR/file" "$WORKDIR/link"
+run_cmd "$GETFACL_BIN" -h "$WORKDIR/link"
+[ "$CMD_STATUS" -eq 1 ] || fail "symlink -h should fail on Linux"
+assert_eq "getfacl: $WORKDIR/link: symbolic link ACLs are not supported on Linux" "$CMD_STDERR" "symlink -h error missing"
+
+mkdir "$WORKDIR/plain-dir"
+run_cmd "$GETFACL_BIN" -d "$WORKDIR/plain-dir"
+[ "$CMD_STATUS" -eq 0 ] || fail "default ACL query without default xattr should succeed"
+assert_match "^# file: $WORKDIR/plain-dir$" "$CMD_STDOUT" "default ACL header missing"
+assert_not_match '^default:' "$CMD_STDOUT" "unexpected default ACL entries on plain dir"
+
+run_cmd "$GETFACL_BIN" -d -q "$WORKDIR/plain-dir"
+[ "$CMD_STATUS" -eq 0 ] || fail "quiet default ACL query without xattr should succeed"
+assert_empty "$CMD_STDOUT" "quiet default ACL output without xattr should be empty"
+
+run_cmd "$GETFACL_BIN" -d -s -q "$WORKDIR/plain-dir"
+[ "$CMD_STATUS" -eq 0 ] || fail "skip-base default ACL query without xattr should succeed"
+assert_empty "$CMD_STDOUT" "skip-base should suppress missing default ACL output"
+
+acl_supported=0
+if command -v setfacl >/dev/null 2>&1; then
+	if setfacl -m m::r-- "$WORKDIR/file" 2>/dev/null; then
+		acl_supported=1
+	fi
+fi
+
+if [ "$acl_supported" -eq 1 ]; then
+	run_cmd "$GETFACL_BIN" "$WORKDIR/file"
+	[ "$CMD_STATUS" -eq 0 ] || fail "extended ACL read failed"
+	assert_match '^mask::r--$' "$CMD_STDOUT" "extended ACL mask missing"
+
+	setfacl -m "u:$(id -u):rw-" "$WORKDIR/file"
+	setfacl -m "g:$(id -g):r--" "$WORKDIR/file"
+
+	run_cmd "$GETFACL_BIN" -n "$WORKDIR/file"
+	[ "$CMD_STATUS" -eq 0 ] || fail "numeric named ACL read failed"
+	assert_match "^user:$(id -u):rw-$" "$CMD_STDOUT" "named user ACL missing"
+	assert_match "^group:$(id -g):r--$" "$CMD_STDOUT" "named group ACL missing"
+	assert_match '^mask::rw-$' "$CMD_STDOUT" "mask was not updated after named ACL"
+
+	run_cmd "$GETFACL_BIN" "$WORKDIR/file"
+	[ "$CMD_STATUS" -eq 0 ] || fail "named ACL read failed"
+	assert_match '^user:[^:][^:]*:rw-$' "$CMD_STDOUT" "named user should resolve to a name"
+	assert_match '^group:[^:][^:]*:r--$' "$CMD_STDOUT" "named group should resolve to a name"
+
+	mkdir "$WORKDIR/dir"
+	setfacl -d -m u::rwx,g::r-x,o::---,m::r-x,u:$(id -u):rwx "$WORKDIR/dir"
+
+	run_cmd "$GETFACL_BIN" -d "$WORKDIR/dir"
+	[ "$CMD_STATUS" -eq 0 ] || fail "default ACL read failed"
+	assert_match '^default:user::rwx$' "$CMD_STDOUT" "default user entry missing"
+	assert_match "^default:user:[^:][^:]*:rwx$" "$CMD_STDOUT" "default named user entry missing"
+	assert_match '^default:group::r-x$' "$CMD_STDOUT" "default group entry missing"
+	assert_match '^default:mask::r-x$' "$CMD_STDOUT" "default mask entry missing"
+	assert_match '^default:other::---$' "$CMD_STDOUT" "default other entry missing"
+
+	run_cmd "$GETFACL_BIN" -n -d "$WORKDIR/dir"
+	[ "$CMD_STATUS" -eq 0 ] || fail "numeric default ACL read failed"
+	assert_match "^default:user:$(id -u):rwx$" "$CMD_STDOUT" "numeric default named user entry missing"
+
+	if command -v getfacl >/dev/null 2>&1; then
+		run_cmd "$GETFACL_BIN" -n -q "$WORKDIR/file"
+		ours_access=$(acl_body "$CMD_STDOUT")
+		system_access=$(getfacl -E -p -n "$WORKDIR/file" 2>/dev/null | sed '/^#/d;/^$/d')
+		assert_eq "$system_access" "$ours_access" "access ACL body diverges from system getfacl"
+
+		run_cmd "$GETFACL_BIN" -n -q -d "$WORKDIR/dir"
+		ours_default=$(normalize_default_body "$(acl_body "$CMD_STDOUT")")
+		system_default=$(getfacl -E -p -n -d "$WORKDIR/dir" 2>/dev/null | sed '/^#/d;/^$/d')
+		assert_eq "$system_default" "$ours_default" "default ACL body diverges from system getfacl"
+	fi
+else
+	printf '%s\n' "SKIP: extended ACL checks (setfacl unavailable or filesystem lacks ACL support)" >&2
+fi
+
+printf '%s\n' "PASS"