(command.CommandList children: [ (command.Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (lhs_expr.LhsName name:test_description) op: Equal rhs: {(SQ <'Test repository with default ACL'>)} ) ] ) (C {(umask)} {(077)}) (C {(.)} {(./test-lib.sh)}) (C {(test_expect_success)} {(SQ <'checking for a working acl setup'>)} { (SQ <'\n'> <'\tif setfacl -m d:m:rwx -m u:root:rwx . &&\n'> <'\t getfacl . | grep user:root:rwx &&\n'> <'\t touch should-have-readable-acl &&\n'> <'\t getfacl should-have-readable-acl | egrep "mask::?rw-"\n'> <'\tthen\n'> <'\t\ttest_set_prereq SETFACL\n'> <'\tfi\n'> ) } ) (command.If arms: [ (if_arm cond: [(C {(test)} {(-z)} {(DQ ($ VSub_DollarName '$LOGNAME'))})] action: [ (command.Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (lhs_expr.LhsName name:LOGNAME) op: Equal rhs: { (DQ (word_part.BracedVarSub token: <VSub_Name USER> suffix_op: (suffix_op.StringUnary op_id: VTest_ColonHyphen arg_word: { (word_part.CommandSubPart command_list: (command.CommandList children: [(C {(id)} {(-u)} {(-n)})] ) left_token: <Left_CommandSub '$('> ) } ) ) ) } ) ] ) ] ) ] ) (command.FuncDef name: check_perms_and_acl body: (command.BraceGroup children: [ (command.AndOr ops: [Op_DAmp Op_DAmp Op_DAmp Op_DAmp Op_DAmp Op_DPipe] children: [ (C {(test)} {(-r)} {(DQ ($ VSub_Number '$1'))}) (command.SimpleCommand words: [{(getfacl)} {(DQ ($ VSub_Number '$1'))}] redirects: [(redir.Redir op:<Redir_Great '>'> fd:16777215 arg_word:{(actual)})] ) (C {(grep)} {(-q)} {(DQ ('user:root:rwx'))} {(actual)}) (C {(grep)} {(-q)} {(DQ ('user:') (${ VSub_Name LOGNAME) (':rwx'))} {(actual)}) (command.SimpleCommand words: [{(egrep)} {(DQ ('mask::?r--'))} {(actual)}] redirects: [ (redir.Redir op: <Redir_Great '>'> fd: 16777215 arg_word: {(/dev/null)} ) (redir.Redir op:<Redir_GreatAnd '2>&'> fd:2 arg_word:{(1)}) ] ) (C {(grep)} {(-q)} {(DQ ('group::---'))} {(actual)}) (C {(false)}) ] ) ] ) ) (command.Assignment keyword: Assign_None pairs: [ (assign_pair lhs: (lhs_expr.LhsName name:dirs_to_set) op: Equal rhs: {(DQ ('./ .git/ .git/objects/ .git/objects/pack/'))} ) ] ) (C {(test_expect_success)} {(SETFACL)} {(SQ <'Setup test repo'>)} { (SQ <'\n'> <'\tsetfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx $dirs_to_set &&\n'> <'\tsetfacl -m m:rwx $dirs_to_set &&\n'> <'\tsetfacl -m u:root:rwx $dirs_to_set &&\n'> <'\tsetfacl -m d:u:"$LOGNAME":rwx $dirs_to_set &&\n'> <'\tsetfacl -m d:u:root:rwx $dirs_to_set &&\n'> <'\n'> <'\ttouch file.txt &&\n'> <'\tgit add file.txt &&\n'> <'\tgit commit -m "init"\n'> ) } ) (C {(test_expect_success)} {(SETFACL)} {(SQ <'Objects creation does not break ACLs with restrictive umask'>)} { (SQ <'\n'> <'\t# SHA1 for empty blob\n'> <'\tcheck_perms_and_acl .git/objects/e6/9de29bb2d1d6434b8b29ae775ad8c2e48c5391\n'> ) } ) (C {(test_expect_success)} {(SETFACL)} {(SQ <'git gc does not break ACLs with restrictive umask'>)} {(SQ <'\n'> <'\tgit gc &&\n'> <'\tcheck_perms_and_acl .git/objects/pack/*.pack\n'>)} ) (C {(test_done)}) ] )