(command.CommandList children: [ (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:test_description) op: assign_op.Equal rhs: {(SQ <'Test repository with default ACL'>)} spids: [13] ) ] ) (C {<umask>} {<077>}) (C {<.>} {<'./test-lib.sh'>}) (C {<test_expect_success>} {(SQ <'checking for a working acl setup'>)} { (SQ <'\n'> <'\tif setfacl -m d:m:rwx -m u:root:rwx . &&\n'> <'\t getfacl . | grep user:root:rwx &&\n'> <'\t touch should-have-readable-acl &&\n'> <'\t getfacl should-have-readable-acl | egrep "mask::?rw-"\n'> <'\tthen\n'> <'\t\ttest_set_prereq SETFACL\n'> <'\tfi\n'> ) } ) (command.If arms: [ (if_arm cond: [(C {<test>} {<-z>} {(DQ ($ Id.VSub_DollarName '$LOGNAME'))})] action: [ (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:LOGNAME) op: assign_op.Equal rhs: { (DQ (braced_var_sub token: <Id.VSub_Name USER> suffix_op: (suffix_op.Unary op_id: Id.VTest_ColonHyphen arg_word: { (command_sub left_token: <Id.Left_DollarParen '$('> child: (C {<id>} {<-u>} {<-n>}) ) } ) ) ) } spids: [75] ) ] ) ] spids: [62 72] ) ] ) (command.ShFunction name: check_perms_and_acl body: (BraceGroup children: [ (command.AndOr ops: [Id.Op_DAmp Id.Op_DAmp Id.Op_DAmp Id.Op_DAmp Id.Op_DAmp Id.Op_DPipe] children: [ (C {<test>} {<-r>} {(DQ ($ Id.VSub_Number '$1'))}) (command.Simple words: [{<getfacl>} {(DQ ($ Id.VSub_Number '$1'))}] redirects: [(redir op:<Id.Redir_Great '>'> loc:(redir_loc.Fd fd:1) arg:{<actual>})] do_fork: T ) (C {<grep>} {<-q>} {(DQ <'user:root:rwx'>)} {<actual>}) (C {<grep>} {<-q>} {(DQ <'user:'> (${ Id.VSub_Name LOGNAME) <':rwx'>)} {<actual>}) (command.Simple words: [{<egrep>} {(DQ <'mask::?r--'>)} {<actual>}] redirects: [ (redir op: <Id.Redir_Great '>'> loc: (redir_loc.Fd fd:1) arg: {<'/dev/null'>} ) (redir op: <Id.Redir_GreatAnd '2>&'> loc: (redir_loc.Fd fd:2) arg: {<1>} ) ] do_fork: T ) (C {<grep>} {<-q>} {(DQ <'group::---'>)} {<actual>}) (C {<false>}) ] ) ] ) ) (command.ShAssignment pairs: [ (assign_pair lhs: (sh_lhs_expr.Name name:dirs_to_set) op: assign_op.Equal rhs: {(DQ <'./ .git/ .git/objects/ .git/objects/pack/'>)} spids: [190] ) ] ) (C {<test_expect_success>} {<SETFACL>} {(SQ <'Setup test repo'>)} { (SQ <'\n'> <'\tsetfacl -m d:u::rwx,d:g::---,d:o:---,d:m:rwx $dirs_to_set &&\n'> <'\tsetfacl -m m:rwx $dirs_to_set &&\n'> <'\tsetfacl -m u:root:rwx $dirs_to_set &&\n'> <'\tsetfacl -m d:u:"$LOGNAME":rwx $dirs_to_set &&\n'> <'\tsetfacl -m d:u:root:rwx $dirs_to_set &&\n'> <'\n'> <'\ttouch file.txt &&\n'> <'\tgit add file.txt &&\n'> <'\tgit commit -m "init"\n'> ) } ) (C {<test_expect_success>} {<SETFACL>} {(SQ <'Objects creation does not break ACLs with restrictive umask'>)} { (SQ <'\n'> <'\t# SHA1 for empty blob\n'> <'\tcheck_perms_and_acl .git/objects/e6/9de29bb2d1d6434b8b29ae775ad8c2e48c5391\n'> ) } ) (C {<test_expect_success>} {<SETFACL>} {(SQ <'git gc does not break ACLs with restrictive umask'>)} {(SQ <'\n'> <'\tgit gc &&\n'> <'\tcheck_perms_and_acl .git/objects/pack/*.pack\n'>)} ) (C {<test_done>}) ] )