freebsd: add some ACL tests, fixes #7745

enable ACL support in freebsd vagrant machine's filesystem
2023-08-27 02:47:46 +02:00 · 2023-08-27 02:47:46 +02:00 · 7f8eba4fbf
parent 678501a6ff
commit 7f8eba4fbf
2 changed files with 77 additions and 13 deletions
--- a/2
+++ b/2
@ -66,6 +66,8 @@ def packages_freebsd
    pkg update
    yes | pkg upgrade
    echo 'export BORG_OPENSSL_PREFIX=/usr' >> ~vagrant/.bash_profile
+    # (re)mount / with acls
+    mount -o acls /
  EOF
 end

--- a/src/borg/testsuite/platform_freebsd.py
+++ b/src/borg/testsuite/platform_freebsd.py
@ -1,30 +1,92 @@
-"""Dummy file for now, will eventually contain FreeBSD ACL tests."""
-import pytest
+import os
+import tempfile

+from ..platform import acl_get, acl_set
 from .platform import skipif_not_freebsd

 # set module-level skips
 pytestmark = [skipif_not_freebsd]


-def get_acl():
-    return
+ACCESS_ACL = """\
+user::rw-
+user:root:rw-
+user:9999:r--
+group::r--
+group:wheel:r--
+group:9999:r--
+mask::rw-
+other::r--
+""".encode(
+    "ascii"
+)
+
+DEFAULT_ACL = """\
+user::rw-
+user:root:r--
+user:8888:r--
+group::r--
+group:wheel:r--
+group:8888:r--
+mask::rw-
+other::r--
+""".encode(
+    "ascii"
+)


-def get_set_acl():
-    return
+def get_acl(path, numeric_ids=False):
+    item = {}
+    acl_get(path, item, os.stat(path), numeric_ids=numeric_ids)
+    return item
+
+
+def set_acl(path, access=None, default=None, nfs4=None, numeric_ids=False):
+    item = {"acl_access": access, "acl_default": default, "acl_nfs4": nfs4}
+    acl_set(path, item, numeric_ids=numeric_ids)


-@pytest.mark.skip(reason="not yet implemented")
 def test_access_acl():
-    pass
+    file1 = tempfile.NamedTemporaryFile()
+    set_acl(
+        file1.name,
+        access=b"user::rw-\ngroup::r--\nmask::rw-\nother::---\nuser:root:rw-\ngroup:wheel:rw-\n",
+        numeric_ids=False,
+    )
+    acl_access_names = get_acl(file1.name, numeric_ids=False)["acl_access"]
+    assert b"user:root:rw-" in acl_access_names
+    assert b"group:wheel:rw-" in acl_access_names
+    acl_access_ids = get_acl(file1.name, numeric_ids=True)["acl_access"]
+    assert b"user:0:rw-" in acl_access_ids
+    assert b"group:0:rw-" in acl_access_ids
+
+    file2 = tempfile.NamedTemporaryFile()
+    set_acl(
+        file2.name, access=b"user::rw-\ngroup::r--\nmask::rw-\nother::---\nuser:0:rw-\ngroup:0:rw-\n", numeric_ids=True
+    )
+    acl_access_names = get_acl(file2.name, numeric_ids=False)["acl_access"]
+    assert b"user:root:rw-" in acl_access_names
+    assert b"group:wheel:rw-" in acl_access_names
+    acl_access_ids = get_acl(file2.name, numeric_ids=True)["acl_access"]
+    assert b"user:0:rw-" in acl_access_ids
+    assert b"group:0:rw-" in acl_access_ids
+
+    file3 = tempfile.NamedTemporaryFile()
+    set_acl(
+        file3.name,
+        access=b"user::rw-\ngroup::r--\nmask::rw-\nother::---\nuser:root:rw-:9999\ngroup:wheel:rw-:9999\n",
+        numeric_ids=True,
+    )
+    acl_access_ids = get_acl(file3.name, numeric_ids=True)["acl_access"]
+    assert b"user:9999:rw-" in acl_access_ids
+    assert b"group:9999:rw-" in acl_access_ids


-@pytest.mark.skip(reason="not yet implemented")
 def test_default_acl():
-    pass
+    tmpdir = tempfile.mkdtemp()
+    set_acl(tmpdir, access=ACCESS_ACL, default=DEFAULT_ACL)
+    assert get_acl(tmpdir)["acl_access"] == ACCESS_ACL
+    assert get_acl(tmpdir)["acl_default"] == DEFAULT_ACL


-@pytest.mark.skip(reason="not yet implemented")
-def test_nfs4_acl():
-    pass
+# nfs4 acls testing not implemented.