The operaton of setfacl and the interaction of mode bits with ACL seem to differ on Solaris and Linux. The current t1304 tests fail on Solaris 7 and 10. The following patch series seems to fix the tests on Solaris 10. Solaris 7 still fails t1304.3 for some unknown reason. I used the script below to do some testing. On Linux it prints out: Initialized empty Git repository in /var/tmp/test_acl2/.git/ [master (root-commit) 22176cb] test commit 1 files changed, 1 insertions(+), 0 deletions(-) create mode 100644 foo.txt -r--r-----+ 1 casey NRL7240 29 Mar 15 11:47 .git/objects/90/bfcb510602aa11ae53a42dcec18ea39fbd8cec # file: .git/objects/90/bfcb510602aa11ae53a42dcec18ea39fbd8cec # owner: casey # group: NRL7240 user::r-- user:display:rwx #effective:r-- group::--- mask::r-- other::--- -r--r-----+ 1 casey NRL7240 225 Mar 15 11:47 .git/objects/pack/pack-0611d0bcfb48f3db9f0d51334a035289272dbb2c.pack # file: .git/objects/pack/pack-0611d0bcfb48f3db9f0d51334a035289272dbb2c.pack # owner: casey # group: NRL7240 user::r-- user:display:rwx #effective:r-- group::--- mask::r-- other::--- On Solaris 10 it prints out: Initialized empty Git repository in /var/tmp/test_acl2/.git/ [master (root-commit) 5e4c0c6] test commit 1 files changed, 1 insertions(+), 0 deletions(-) create mode 100644 foo.txt -r--------+ 1 casey NRL7240 29 Mar 15 11:49 .git/objects/90/bfcb510602aa11ae53a42dcec18ea39fbd8cec # file: .git/objects/90/bfcb510602aa11ae53a42dcec18ea39fbd8cec # owner: casey # group: NRL7240 user::r-- user:display:rwx #effective:r-- group::--- #effective:--- mask:r-- other:--- -r--------+ 1 casey NRL7240 225 Mar 15 11:49 .git/objects/pack/pack-fedf57238f710f6b713019fe02fddab7a63702d0.pack # file: .git/objects/pack/pack-fedf57238f710f6b713019fe02fddab7a63702d0.pack # owner: casey # group: NRL7240 user::r-- user:display:rwx #effective:r-- group::--- #effective:--- mask:r-- other:--- On Solaris 7 it prints out: Initialized empty Git repository in /var/tmp/test_acl2/.git/ [master (root-commit) ca62c6f] test commit 1 files changed, 1 insertions(+), 0 deletions(-) create mode 100644 foo.txt -r--------+ 1 casey NRL7240 29 Mar 15 10:51 .git/objects/90/bfcb510602aa11ae53a42dcec18ea39fbd8cec # file: .git/objects/90/bfcb510602aa11ae53a42dcec18ea39fbd8cec # owner: casey # group: NRL7240 user::r-- user:display:rwx #effective:r-- group::--- #effective:--- mask:r-- other:--- -r--------+ 1 casey NRL7240 225 Mar 15 10:51 .git/objects/pack/pack-dc814256703ad9c01e6dd1080c7151f664c6382a.pack # file: .git/objects/pack/pack-dc814256703ad9c01e6dd1080c7151f664c6382a.pack # owner: casey # group: NRL7240 user::r-- user:display:rwx #effective:--- group::--- #effective:--- mask:--- other:--- So, on Solaris 7, the pack file incorrectly has effective permissions of '---' for the 'display' user. For some reason the mask ACL was not inherited from the parent directory. When the patch series is applied on top of 7aba6185, which introduced these tests, Linux still correctly fails t1304.3, but t1304.2 now passes. This is ok since t1304.2 was only failing because git gave object files more permissive file permissions than what were requested, not because the ACL's were clobbered. Of course, when applied on top of master, all tests pass on Linux, and now on Solaris 10. --->8--- test_acl.sh --->8--- #!/bin/sh alt_user=display testcase=${1:-'1'} case "$testcase" in 1) test_dir=/var/tmp/test_acl1 ;; 2) test_dir=/var/tmp/test_acl2 GIT_EXEC_PATH=`pwd` PATH=`pwd`:$PATH GITPERLLIB=`pwd`/perl/blib/lib export GIT_EXEC_PATH PATH GITPERLLIB ;; *) echo 1>&2 "Usage: $0 [1|2]" exit 1 ;; esac umask 077 && rm -rf "$test_dir" && mkdir "$test_dir" && cd "$test_dir" && setfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx . && setfacl -m d:u:$alt_user:rwx . && setfacl -m u:$alt_user:rwx,m:rwx . && git init && echo 'this is a test' > foo.txt && git add foo.txt && git commit -m 'test commit' && ls -l .git/objects/90/bfcb510602aa11ae53a42dcec18ea39fbd8cec && getfacl .git/objects/90/bfcb510602aa11ae53a42dcec18ea39fbd8cec && git gc && ls -l .git/objects/pack/*.pack && getfacl .git/objects/pack/*.pack --->8--- Brandon Casey (5): t/t1304: avoid -d option to setfacl t/t1304: set the Default ACL base entries t/t1304: use 'test -r' to test readability rather than looking at mode bits t/t1304: set the mask ACL that is checked in check_perms_and_acl t/t1304: make a second colon optional in the mask ACL check t/t1304-default-acl.sh | 23 ++++++----------------- 1 files changed, 6 insertions(+), 17 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html