aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--README.md1
-rw-r--r--tests/xattr/xattr_integration_test.go34
2 files changed, 29 insertions, 6 deletions
diff --git a/README.md b/README.md
index f18c2ea..76b5102 100644
--- a/README.md
+++ b/README.md
@@ -191,6 +191,7 @@ vNEXT, in progress
* Fix [#367](https://github.com/rfjakob/gocryptfs/issues/431)
* Fix [#435](https://github.com/rfjakob/gocryptfs/issues/435)
* Fix [#440](https://github.com/rfjakob/gocryptfs/pull/440)
+* Enable ACL support ([#453](https://github.com/rfjakob/gocryptfs/issues/453))
v1.7.1, 2019-10-06
* Support wild cards in reverse mode via `--exclude-wildcard`
diff --git a/tests/xattr/xattr_integration_test.go b/tests/xattr/xattr_integration_test.go
index b091830..b7b6e69 100644
--- a/tests/xattr/xattr_integration_test.go
+++ b/tests/xattr/xattr_integration_test.go
@@ -44,6 +44,10 @@ func TestMain(m *testing.M) {
}
func setGetRmList(fn string) error {
+ return setGetRmList3(fn, "user.foo", []byte("123456789"))
+}
+
+func setGetRmList3(fn string, attr string, val []byte) error {
// List
list, err := xattr.LList(fn)
if err != nil {
@@ -52,10 +56,7 @@ func setGetRmList(fn string) error {
if len(list) > 0 {
return fmt.Errorf("Should have gotten empty result, got %v", list)
}
- attr := "user.foo"
- // Set
- val1 := []byte("123456789")
- err = xattr.LSet(fn, attr, val1)
+ err = xattr.LSet(fn, attr, val)
if err != nil {
return err
}
@@ -64,8 +65,8 @@ func setGetRmList(fn string) error {
if err != nil {
return err
}
- if !bytes.Equal(val1, val2) {
- return fmt.Errorf("wrong readback value: %v != %v", val1, val2)
+ if !bytes.Equal(val, val2) {
+ return fmt.Errorf("wrong readback value: %v != %v", val, val2)
}
// Remove
err = xattr.LRemove(fn, attr)
@@ -338,3 +339,24 @@ func TestSet0200Dir(t *testing.T) {
t.Error(err)
}
}
+
+func TestAcl(t *testing.T) {
+ fn := test_helpers.DefaultPlainDir + "/TestAcl"
+ err := ioutil.WriteFile(fn, nil, 0600)
+ if err != nil {
+ t.Fatalf("creating empty file failed: %v", err)
+ }
+ // ACLs are blobs generated in userspace, let's steal a valid ACL from
+ // setfacl using strace:
+ //
+ // $ strace -e setxattr setfacl -m u:root:r file
+ // setxattr("file", "system.posix_acl_access", "\2\0\0\0\1\0\6\0\377\377\377\377\2\0\4\0\0\0\0\0\4\0\4\0\377\377\377\377\20\0\4", 44, 0) = 0
+ //
+ // The ACL gives user root additional read rights, in other words, it should
+ // have no effect at all.
+ acl := "\002\000\000\000\001\000\006\000\377\377\377\377\002\000\004\000\000\000\000\000\004\000\004\000\377\377\377\377\020\000\004"
+ err = setGetRmList3(fn, "system.posix_acl_access", []byte(acl))
+ if err != nil {
+ t.Error(err)
+ }
+}
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 16:45:09 +0000