improve are_acls_working function

- ACLs are not working, if ENOTSUP ("Operation not supported") happens - fix check for macOS On macOS borg uses "acl_extended", not "acl_access" and also the ACL text format is a bit different.
2024-02-25 02:19:38 +01:00 · 2024-02-25 02:19:38 +01:00 · 926b5a6b08
parent 2c53a63a1c
commit 926b5a6b08
1 changed files with 17 additions and 6 deletions
--- a/src/borg/testsuite/platform.py
+++ b/src/borg/testsuite/platform.py
@ -1,3 +1,4 @@
+import errno
 import functools
 import os
 import random
@ -58,16 +59,26 @@ def are_acls_working():
    with unopened_tempfile() as filepath:
        open(filepath, 'w').close()
        try:
-            access = b'user::rw-\ngroup::r--\nmask::rw-\nother::---\nuser:root:rw-:9999\ngroup:root:rw-:9999\n'
-            acl = {'acl_access': access}
-            acl_set(filepath, acl)
+            if is_darwin:
+                acl_key = 'acl_extended'
+                acl_value = b'!#acl 1\nuser:FFFFEEEE-DDDD-CCCC-BBBB-AAAA00000000:root:0:allow:read\n'
+            else:
+                acl_key = 'acl_access'
+                acl_value = b'user::rw-\ngroup::r--\nmask::rw-\nother::---\nuser:root:rw-:9999\ngroup:root:rw-:9999\n'
+            write_acl = {acl_key: acl_value}
+            acl_set(filepath, write_acl)
            read_acl = {}
            acl_get(filepath, read_acl, os.stat(filepath))
-            read_acl_access = read_acl.get('acl_access', None)
-            if read_acl_access and b'user::rw-' in read_acl_access:
-                return True
+            acl = read_acl.get(acl_key, None)
+            if acl is not None:
+                check_for = b'root:0:allow:read' if is_darwin else b'user::rw-'
+                if check_for in acl:
+                    return True
        except PermissionError:
            pass
+        except OSError as e:
+            if e.errno not in (errno.ENOTSUP, ):
+                raise
        return False