OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/acl?expand=0&rev=10

2009-01-09 00:24:42 +00:00 · 2009-01-09 00:24:42 +00:00 · ce93f35b0b
commit ce93f35b0b
parent 5a2da165e5
8 changed files with 1580 additions and 6 deletions
--- a/acl-add-getfacl-r-l-p-tests.patch
+++ b/acl-add-getfacl-r-l-p-tests.patch
@ -0,0 +1,209 @@
+Subject: [PATH] acl: add getfacl -R -L -P tests
+
+Test fixes to walk_tree.c by Andreas.
+
+Signed-off-by: Brandon Philips <bphilips@suse.de>
+
+---
+ test/getfacl-recursive.test |  194 ++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 194 insertions(+)
+
+Index: acl-2.2.47/test/getfacl-recursive.test
+===================================================================
+--- /dev/null
+++ acl-2.2.47/test/getfacl-recursive.test
+@@ -0,0 +1,194 @@
+Tests for proper path recursion
+
+	$ mkdir -p 1/2/3
+	$ mkdir 1/link
+	$ touch 1/link/file
+	$ ln -s `pwd`/1/link 1/2/link
+	$ getfacl -P -R 1/2
+	> # file: 1/2
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2/3
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+
+	$ getfacl -R 1/2
+	> # file: 1/2
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2/3
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+
+	$ getfacl -R -L 1/2
+	> # file: 1/2
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2/3
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2/link
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2/link/file
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rw-
+	> group::r--
+	> other::r--
+	>
+
+	$ getfacl -P -R 1
+	> # file: 1
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2/3
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/link
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/link/file
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rw-
+	> group::r--
+	> other::r--
+	>
+
+	$ getfacl -R 1
+	> # file: 1
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2/3
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/link
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/link/file
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rw-
+	> group::r--
+	> other::r--
+	>
+
+	$ getfacl -R -L 1
+	> # file: 1
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2/3
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2/link
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/2/link/file
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rw-
+	> group::r--
+	> other::r--
+	>
+	> # file: 1/link
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rwx
+	> group::r-x
+	> other::r-x
+	>
+	> # file: 1/link/file
+	> # owner: %TUSER
+	> # group: %TGROUP
+	> user::rw-
+	> group::r--
+	> other::r--
+	>
+
+	$ rm -R 1/
--- a/acl-add-make-test-target-and-use-make-to-run-tests.patch
+++ b/acl-add-make-test-target-and-use-make-to-run-tests.patch
@ -0,0 +1,76 @@
+Subject: [PATCH] acl: add make test target and use make to run tests
+
+The tests are difficult to run. So, this patch adds a Make target that
+sets up the path and runs *.test files in the test/ directory.
+
+nfs specific tests can be ran from the test directory by running
+`make nfs`
+
+tests requiring root can be ran from the test directory by running
+`make nfs`
+
+Signed-off-by: Brandon Philips <bphilips@suse.de>
+
+---
+ Makefile      |    6 +++++-
+ test/Makefile |   26 +++++++++++++++++++-------
+ 2 files changed, 24 insertions(+), 8 deletions(-)
+
+Index: acl-2.2.47/test/Makefile
+===================================================================
+--- acl-2.2.47.orig/test/Makefile
+++ acl-2.2.47/test/Makefile
+@@ -2,13 +2,25 @@
+ # Copyright (c) 2001-2002 Silicon Graphics, Inc.  All Rights Reserved.
+ #
+ 
+-TOPDIR = ..
+-include $(TOPDIR)/include/builddefs
+TEST = $(wildcard *.test)
+ROOT = $(wildcard root/*.test)
+NFS = $(wildcard nfs/*.test)
+ 
+-LSRCFILES = run make-tree \
+-	    cp.test getfacl-noacl.test misc.test nfs-dir.test \
+-	    nfsacl.test permissions.test setfacl.test
+PATH := $(abspath ../getfacl/):$(abspath ../setfacl/):$(abspath ../chacl/):$(PATH)
+ 
+-include $(BUILDRULES)
+all: $(TEST)
+root: $(ROOT)
+nfs: $(NFS)
+ 
+-default install install-dev install-lib:
+
+$(TEST):
+	@echo "*** $@ ***"; perl run $@
+
+$(NFS):
+	@echo "NFS specific tests"; @echo "*** $@ ***"; perl run $@
+
+$(ROOT):
+	@echo "Note: Tests must run as root"; @echo "*** $@ ***"; perl run $@
+
+.PHONY: $(TEST) $(ROOT) $(NFS) default
+.NOTPARALLEL:
+Index: acl-2.2.47/Makefile
+===================================================================
+--- acl-2.2.47.orig/Makefile
+++ acl-2.2.47/Makefile
+@@ -17,7 +17,7 @@ LDIRT = config.log .dep config.status co
+ 	Logs/* built .census install.* install-dev.* install-lib.* *.gz
+ 
+ SUBDIRS = include libmisc libacl getfacl setfacl chacl m4 man doc po \
+-	  test examples build debian
+	  examples build debian
+ 
+ default: $(CONFIGURE)
+ ifeq ($(HAVE_BUILDDEFS), no)
+@@ -65,3 +65,7 @@ install-lib: default
+ realclean distclean: clean
+ 	rm -f $(LDIRT) $(CONFIGURE)
+ 	rm -rf autom4te.cache Logs
+
+.PHONY: test
+test: default
+	$(MAKE) -C test/
--- a/acl-minor-fix-to-cp.test.patch
+++ b/acl-minor-fix-to-cp.test.patch
@ -0,0 +1,23 @@
+Subject: [PATCH] acl: minor fix to cp.test
+
+X -> x
+
+Signed-off-by: Brandon Philips <bphilips@suse.de>
+
+---
+ test/cp.test |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: acl-2.2.47/test/cp.test
+===================================================================
+--- acl-2.2.47.orig/test/cp.test
+++ acl-2.2.47/test/cp.test
+@@ -24,7 +24,7 @@ The cp utility should only copy ACLs if
+ 	> blubb
+ 
+ 	$ rm -r i
+-	$ setfacl -R -m u:bin:rwX h
+	$ setfacl -R -m u:bin:rwx h
+ 	$ getfacl --omit-header h/x
+ 	> user::rw-
+ 	> user:bin:rwx
--- a/acl-move-nfs-tests-to-their-own-folder.patch
+++ b/acl-move-nfs-tests-to-their-own-folder.patch
@ -0,0 +1,218 @@
+Subject: [PATCH] acl: move nfs tests to their own folder
+
+Since these tests require nfs mounts to run move them into a seperate
+folder so they don't run by default.
+
+Signed-off-by: Brandon Philips <bphilips@suse.de>
+
+---
+ test/nfs-dir.test     |   50 --------------------------------------------------
+ test/nfs/nfs-dir.test |   50 ++++++++++++++++++++++++++++++++++++++++++++++++++
+ test/nfs/nfsacl.test  |   42 ++++++++++++++++++++++++++++++++++++++++++
+ test/nfsacl.test      |   42 ------------------------------------------
+ 4 files changed, 92 insertions(+), 92 deletions(-)
+
+Index: acl-2.2.47/test/nfs-dir.test
+===================================================================
+--- acl-2.2.47.orig/test/nfs-dir.test
+++ /dev/null
+@@ -1,50 +0,0 @@
+-This is a regression test for a bug in 2.4 kernels. The test must be run
+-as root on a machine that has a loopback mounted NFS export. The mount
+-must have root squashing enabled. The test must be run in the root of
+-the nfs mount, and requires the following environment variable:
+-
+-EXPORT_PATH => the path that is mounted at the working directory.
+-
+-	Create a test directory and file.
+-	
+-	$ umask 022
+-	$ mkdir %{EXPORT_PATH}/test
+-	$ echo blah > %{EXPORT_PATH}/test/blah
+-
+-	Make sure the file can be accessed before.
+-	
+-	$ su bin
+-	$ cat test/blah
+-	> blah
+-
+-	Set up a situation that triggers the bug.
+-
+-	$ su
+-	$ chmod go-rwx %{EXPORT_PATH}/test
+-	$ setfacl -m u:bin:rx %{EXPORT_PATH}/test
+-	$ ls -dl %{EXPORT_PATH}/test | awk '{print $1, $3, $4}'
+-	> drwxr-x---+ root root
+-	$ getfacl --omit-header %{EXPORT_PATH}/test 2> /dev/null
+-	> user::rwx
+-	> user:bin:r-x
+-	> group::---
+-	> mask::r-x
+-	> other::---
+-	>
+-
+-	This should also succeed. With the bug, reading the file would
+-	fail with "Stale NFS file handle" or "Input/output error".
+-
+-	$ su bin
+-	$ cat test/blah
+-	> blah
+-	$ sleep 3
+-	$ cat test/blah
+-	> blah
+-	$ cat test/blah
+-	> blah
+-
+-	Clean up.
+-
+-	$ su
+-	$ rm -rf %{EXPORT_PATH}/test
+Index: acl-2.2.47/test/nfs/nfs-dir.test
+===================================================================
+--- /dev/null
+++ acl-2.2.47/test/nfs/nfs-dir.test
+@@ -0,0 +1,50 @@
+This is a regression test for a bug in 2.4 kernels. The test must be run
+as root on a machine that has a loopback mounted NFS export. The mount
+must have root squashing enabled. The test must be run in the root of
+the nfs mount, and requires the following environment variable:
+
+EXPORT_PATH => the path that is mounted at the working directory.
+
+	Create a test directory and file.
+
+	$ umask 022
+	$ mkdir %{EXPORT_PATH}/test
+	$ echo blah > %{EXPORT_PATH}/test/blah
+
+	Make sure the file can be accessed before.
+
+	$ su bin
+	$ cat test/blah
+	> blah
+
+	Set up a situation that triggers the bug.
+
+	$ su
+	$ chmod go-rwx %{EXPORT_PATH}/test
+	$ setfacl -m u:bin:rx %{EXPORT_PATH}/test
+	$ ls -dl %{EXPORT_PATH}/test | awk '{print $1, $3, $4}'
+	> drwxr-x---+ root root
+	$ getfacl --omit-header %{EXPORT_PATH}/test 2> /dev/null
+	> user::rwx
+	> user:bin:r-x
+	> group::---
+	> mask::r-x
+	> other::---
+	>
+
+	This should also succeed. With the bug, reading the file would
+	fail with "Stale NFS file handle" or "Input/output error".
+
+	$ su bin
+	$ cat test/blah
+	> blah
+	$ sleep 3
+	$ cat test/blah
+	> blah
+	$ cat test/blah
+	> blah
+
+	Clean up.
+
+	$ su
+	$ rm -rf %{EXPORT_PATH}/test
+Index: acl-2.2.47/test/nfs/nfsacl.test
+===================================================================
+--- /dev/null
+++ acl-2.2.47/test/nfs/nfsacl.test
+@@ -0,0 +1,42 @@
+This is a regression test for bugs in the nfsacl protocol extension.
+The test should be run on an NFS export mount with ACL support.
+
+	Create a test directory and file.
+
+	$ umask 022
+	$ mkdir -p test/sub
+	$ echo blah > test/sub/blah
+
+	$ cp -rp test/sub test/sub2
+	$ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}'
+	> drwxr-xr-x test/sub2
+	> -rw-r--r-- test/sub2/blah
+
+	$ rm -rf test/sub2
+
+	$ setfacl -m u:daemon:rwx test/sub
+	$ setfacl -dm u:daemon:rwx test/sub
+	$ getfattr -m- test/sub
+	> # file: test/sub
+	> system.posix_acl_access
+	> system.posix_acl_default
+	>
+
+	$ cp -rp test/sub test/sub2
+	$ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}'
+	> drwxrwxr-x+ test/sub2
+	> -rw-r--r-- test/sub2/blah
+
+	$ rm -rf test/sub2
+
+	$ setfacl -m u:daemon:rw test/sub/blah
+	$ cp -rp test/sub test/sub2
+	$ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}'
+	> drwxrwxr-x+ test/sub2
+	> -rw-rw-r--+ test/sub2/blah
+
+	$ rm -rf test/sub2
+
+	Clean up.
+
+	$ rm -rf test
+Index: acl-2.2.47/test/nfsacl.test
+===================================================================
+--- acl-2.2.47.orig/test/nfsacl.test
+++ /dev/null
+@@ -1,42 +0,0 @@
+-This is a regression test for bugs in the nfsacl protocol extension.
+-The test should be run on an NFS export mount with ACL support.
+-
+-	Create a test directory and file.
+-	
+-	$ umask 022
+-	$ mkdir -p test/sub
+-	$ echo blah > test/sub/blah
+-
+-	$ cp -rp test/sub test/sub2
+-	$ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}'
+-	> drwxr-xr-x test/sub2
+-	> -rw-r--r-- test/sub2/blah
+-
+-	$ rm -rf test/sub2
+-	
+-	$ setfacl -m u:daemon:rwx test/sub
+-	$ setfacl -dm u:daemon:rwx test/sub
+-	$ getfattr -m- test/sub
+-	> # file: test/sub
+-	> system.posix_acl_access
+-	> system.posix_acl_default
+-	>
+-
+-	$ cp -rp test/sub test/sub2
+-	$ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}'
+-	> drwxrwxr-x+ test/sub2
+-	> -rw-r--r-- test/sub2/blah
+-	
+-	$ rm -rf test/sub2
+-	
+-	$ setfacl -m u:daemon:rw test/sub/blah
+-	$ cp -rp test/sub test/sub2
+-	$ find test/sub2 | sort | xargs ls -dl | awk '{print $1,$8}'
+-	> drwxrwxr-x+ test/sub2
+-	> -rw-rw-r--+ test/sub2/blah
+-	
+-	$ rm -rf test/sub2
+-
+-	Clean up.
+-
+-	$ rm -rf test
--- a/acl-move-root-tests-to-their-own-folder.patch
+++ b/acl-move-root-tests-to-their-own-folder.patch
@ -0,0 +1,880 @@
+Subject: [PATCH] acl: move root tests to their own folder
+
+Since these tests require root perms to run move them into a seperate
+folder so they don't run by default.
+
+Signed-off-by: Brandon Philips <bphilips@suse.de>
+
+---
+ test/permissions.test      |  279 ---------------------------------------------
+ test/root/permissions.test |  279 +++++++++++++++++++++++++++++++++++++++++++++
+ test/root/setfacl.test     |  144 +++++++++++++++++++++++
+ test/setfacl.test          |  144 -----------------------
+ 4 files changed, 423 insertions(+), 423 deletions(-)
+
+Index: acl-2.2.47/test/permissions.test
+===================================================================
+--- acl-2.2.47.orig/test/permissions.test
+++ /dev/null
+@@ -1,279 +0,0 @@
+-This script tests if file permissions are properly checked with and
+-without ACLs. The script must be run as root to allow switching users.
+-The following users are required. They must be a member in the groups
+-listed in parentheses.
+-
+-	bin (bin)
+-	daemon (bin, daemon)
+-
+-
+-Cry immediately if we are not running as root.
+-
+-	$ id -u
+-	> 0
+-
+-
+-First, set up a temporary directory and create a regular file with
+-defined permissions.
+-
+-	$ mkdir d
+-	$ cd d
+-	$ umask 027
+-	$ touch f
+-	$ ls -l f | awk -- '{ print $1, $3, $4 }'
+-	> -rw-r----- root root
+-
+-
+-Make sure root has access to the file.  Verify that user daemon does not
+-have access to the file owned by root.
+-
+-	$ echo root > f
+-
+-	$ su daemon
+-	$ echo daemon >> f
+-	> f: Permission denied
+-
+-	$ su
+-
+-
+-Now, change the ownership of the file to bin:bin and verify that this
+-gives user bin write access.
+-
+-	$ chown bin:bin f
+-	$ ls -l f | awk -- '{ print $1, $3, $4 }'
+-	> -rw-r----- bin bin
+-	$ su bin
+-	$ echo bin >> f
+-
+-
+-User daemon is a member in the owning group, which has only read access.
+-Verify this.
+-
+-	$ su daemon
+-	$ cat f
+-	> root
+-	> bin
+-
+-	$ echo daemon >> f
+-	> f: Permission denied
+-
+-
+-Now, add an ACL entry for user daemon that grants him rw- access. File
+-owners and users capable of CAP_FOWNER are allowed to change ACLs.
+-
+-	$ su bin
+-	$ setfacl -m u:daemon:rw f
+-	$ getfacl --omit-header f
+-	> user::rw-
+-	> user:daemon:rw-
+-	> group::r--
+-	> mask::rw-
+-	> other::---
+-	>
+-
+-
+-Verify that the additional ACL entry grants user daemon write access.
+-
+-	$ su daemon
+-	$ echo daemon >> f
+-	$ cat f
+-	> root
+-	> bin
+-	> daemon
+-
+-
+-Remove write access from the group class permission bits, and
+-verify that this masks daemon's write permission.
+-
+-	$ su bin
+-	$ chmod g-w f
+-	$ getfacl --omit-header f
+-	> user::rw-
+-	> user:daemon:rw-	#effective:r--
+-	> group::r--
+-	> mask::r--
+-	> other::---
+-	>
+-
+-	$ su daemon
+-	$ echo daemon >> f
+-	> f: Permission denied
+-
+-
+-Add an entry for group daemon with rw- access, and change the
+-permissions for user daemon to r--. Also change the others permissions t
+-rw-. The user entry should take precedence, so daemon should be denied
+-access.
+-
+-	$ su bin
+-	$ setfacl -m u:daemon:r,g:daemon:rw-,o::rw- f
+-
+-	$ su daemon
+-	$ echo daemon >> f
+-	> f: Permission denied
+-
+-
+-Remove the entry for user daemon. The group daemon permissions should
+-now give user daemon rw- access.
+-
+-	$ su bin
+-	$ setfacl -x u:daemon f
+-
+-	$ su daemon
+-	$ echo daemon2 >> f
+-	$ cat f
+-	> root
+-	> bin
+-	> daemon
+-	> daemon2
+-
+-
+-Set the group daemon permissions to r-- and verify that after than, user
+-daemon does not have write access anymore.
+-
+-	$ su bin
+-	$ setfacl -m g:daemon:r f
+-
+-	$ su daemon
+-	$ echo daemon3 >> f
+-	> f: Permission denied
+-
+-
+-Now, remove the group daemon entry. Because user daemon is a member in
+-the owning group, he should still have no write access.
+-
+-	$ su bin
+-	$ setfacl -x g:daemon f
+-
+-	$ su daemon
+-	$ echo daemon4 >> f
+-	> f: Permission denied
+-
+-
+-Change the owning group. The other permissions should now grant user
+-daemon write access.
+-
+-	$ su
+-	$ chgrp root f
+-
+-	$ su daemon
+-	$ echo daemon5 >> f
+-	$ cat f
+-	> root
+-	> bin
+-	> daemon
+-	> daemon2
+-	> daemon5
+-
+-
+-Verify that permissions in separate matching ACL entries do not
+-accumulate.
+-
+-	$ su
+-	$ setfacl -m g:bin:r,g:daemon:w f
+-
+-	$ su daemon
+-	$ : < f	 # open for reading
+-	$ : > f  # open for writing
+-	$ : <> f  # open for read-write
+-	> f: Permission denied
+-
+-
+-Test if directories can have ACLs.  We assume that only one access check
+-algorithm is used for all file types the file system, so these tests
+-only need to verify that ACL permissions make a difference.
+-
+-	$ su
+-	$ mkdir -m 750 e
+-	$ touch e/h
+-
+-	$ su bin
+-	$ shopt -s nullglob ; echo e/*
+-	>
+-
+-	$ echo i > e/i
+-	> e/i: Permission denied
+-
+-	$ su
+-	$ setfacl -m u:bin:rx e
+-
+-	$ su bin
+-	$ echo e/*
+-	> e/h
+-	$ echo i > e/i
+-	> e/i: Permission denied
+-
+-	$ su
+-	$ setfacl -m u:bin:rwx e
+-
+-	$ su bin
+-	$ echo i > e/i
+-
+-
+-Test if symlinks are properly followed.
+-
+-	$ su
+-	$ touch g
+-	$ ln -s g l
+-	$ setfacl -m u:bin:rw l
+-	$ ls -l g | awk -- '{ print $1, $3, $4 }'
+-	> -rw-rw----+ root root
+-
+-
+-Test if ACLs are effective for block and character special files, fifos,
+-sockets. This is done by creating special files locally. The devices do
+-not need to exist: The access check is earlier in the code path than the
+-test if the device exists.
+-
+-
+-	$ mknod -m 0660 hdt b 91 64	# /dev/hdt
+-	$ mknod -m 0660 null c 1 3	# /dev/null
+-	$ mkfifo -m 0660 fifo
+-
+-	$ su bin
+-	$ : < hdt
+-	> hdt: Permission denied
+-	$ : < null
+-	> null: Permission denied
+-	$ : < fifo
+-	> fifo: Permission denied
+-
+-	$ su
+-	$ setfacl -m u:bin:rw hdt null fifo
+-
+-	$ su bin
+-	$ : < hdt
+-	> hdt: No such device or address
+-	$ : < null
+-	$ ( echo blah > fifo & ) ; cat fifo
+-	> blah
+-
+-
+-Test if CAP_FOWNER is properly honored for directories. This addresses a
+-specific bug in XFS 1.2, which does not grant root access to files in
+-directories if the file has an ACL and only CAP_FOWNER would grant them.
+-
+-	$ su
+-	$ mkdir -m 600 x
+-	$ chown daemon:daemon x
+-	$ echo j > x/j
+-	$ ls -l x/j | awk -- '{ print $1, $3, $4 }'
+-	> -rw-r----- root root
+-
+-	$ setfacl -m u:daemon:r x
+-
+-	$ ls -l x/j | awk -- '{ print $1, $3, $4 }'
+-	> -rw-r----- root root
+-	(With the bug this gives: `ls: x/j: Permission denied'.)
+-
+-	$ echo k > x/k
+-	(With the bug this gives: `x/k: Permission denied'.)
+-
+-	$ chmod 750 x
+-
+-
+-Clean up.
+-
+-	$ su
+-	$ cd ..
+-	$ rm -rf d
+Index: acl-2.2.47/test/setfacl.test
+===================================================================
+--- acl-2.2.47.orig/test/setfacl.test
+++ /dev/null
+@@ -1,144 +0,0 @@
+-Setfacl utility tests. Run these tests on a filesystem with ACL support.
+- 
+- 	$ mkdir d
+-	$ chown bin:bin d
+-	$ cd d
+-
+-	$ su bin
+-	$ sg bin
+-	$ umask 027
+-	$ touch g
+-	$ ls -dl g | awk '{print $1}'
+-	> -rw-r-----
+-	
+-	$ setfacl -m m:- g
+-	$ ls -dl g | awk '{print $1}'
+-	> -rw-------+
+-	
+-	$ getfacl g
+-	> # file: g
+-	> # owner: bin
+-	> # group: bin
+-	> user::rw-
+-	> group::r--	#effective:---
+-	> mask::---
+-	> other::---
+-	> 
+-	
+-	$ setfacl -x m g
+-	$ getfacl g
+-	> # file: g
+-	> # owner: bin
+-	> # group: bin
+-	> user::rw-
+-	> group::r--
+-	> other::---
+-	> 
+-	
+-	$ setfacl -m u:daemon:rw g
+-	$ getfacl g
+-	> # file: g
+-	> # owner: bin
+-	> # group: bin
+-	> user::rw-
+-	> user:daemon:rw-
+-	> group::r--
+-	> mask::rw-
+-	> other::---
+-	> 
+-	
+-	$ setfacl -m u::rwx,g::r-x,o:- g
+-	$ getfacl g
+-	> # file: g
+-	> # owner: bin
+-	> # group: bin
+-	> user::rwx
+-	> user:daemon:rw-
+-	> group::r-x
+-	> mask::rwx
+-	> other::---
+-	> 
+-	
+-	$ setfacl -m u::rwx,g::r-x,o:-,m:- g
+-	$ getfacl g
+-	> # file: g
+-	> # owner: bin
+-	> # group: bin
+-	> user::rwx
+-	> user:daemon:rw-	#effective:---
+-	> group::r-x	#effective:---
+-	> mask::---
+-	> other::---
+-	> 
+-	
+-	$ setfacl -m u::rwx,g::r-x,o:-,u:root:-,m:- g
+-	$ getfacl g
+-	> # file: g
+-	> # owner: bin
+-	> # group: bin
+-	> user::rwx
+-	> user:root:---
+-	> user:daemon:rw-	#effective:---
+-	> group::r-x	#effective:---
+-	> mask::---
+-	> other::---
+-	> 
+-	
+-	$ setfacl -m u::rwx,g::r-x,o:-,u:root:-,m:- g
+-	$ getfacl g
+-	> # file: g
+-	> # owner: bin
+-	> # group: bin
+-	> user::rwx
+-	> user:root:---
+-	> user:daemon:rw-	#effective:---
+-	> group::r-x	#effective:---
+-	> mask::---
+-	> other::---
+-	> 
+-	
+-	$ setfacl -m u::rwx,g::r-x,o:-,u:root:- g
+-	$ getfacl g
+-	> # file: g
+-	> # owner: bin
+-	> # group: bin
+-	> user::rwx
+-	> user:root:---
+-	> user:daemon:rw-
+-	> group::r-x
+-	> mask::rwx
+-	> other::---
+-	> 
+-	
+-	$ setfacl --test -x u: g
+-	> setfacl: g: Malformed access ACL `user:root:---,user:daemon:rw-,group::r-x,mask::rwx,other::---': Missing or wrong entry at entry 1
+-	
+-	$ setfacl --test -x u:x
+-	> setfacl: Option -x: Invalid argument near character 3
+-	
+-	$ setfacl -m d:u:root:rwx g
+-	> setfacl: g: Only directories can have default ACLs
+-	
+-	$ setfacl -x m g
+-	> setfacl: g: Malformed access ACL `user::rwx,user:root:---,user:daemon:rw-,group::r-x,other::---': Missing or wrong entry at entry 5
+-	 setfacl --test -m d:u:daemon:rwx setfacl
+-	 setfacl --test -n -m d:u:daemon:rwx setfacl
+-	
+-Check if the mask is properly recalculated
+- 
+-	$ mkdir d
+-	$ setfacl --test -m u::rwx,u:bin:rwx,g::r-x,o::--- d
+-	> d: u::rwx,u:bin:rwx,g::r-x,m::rwx,o::---,*
+-	
+-	$ setfacl --test -m u::rwx,u:bin:rwx,g::r-x,m::---,o::--- d
+-	> d: u::rwx,u:bin:rwx,g::r-x,m::---,o::---,*
+-	
+-	$ setfacl --test -d -m u::rwx,u:bin:rwx,g::r-x,o::--- d
+-	> d: *,d:u::rwx,d:u:bin:rwx,d:g::r-x,d:m::rwx,d:o::---
+-	
+-	$ setfacl --test -d -m u::rwx,u:bin:rwx,g::r-x,m::---,o::--- d
+-	> d: *,d:u::rwx,d:u:bin:rwx,d:g::r-x,d:m::---,d:o::---
+-	
+-	$ su
+-	$ cd ..
+-	$ rm -r d
+Index: acl-2.2.47/test/root/permissions.test
+===================================================================
+--- /dev/null
+++ acl-2.2.47/test/root/permissions.test
+@@ -0,0 +1,279 @@
+This script tests if file permissions are properly checked with and
+without ACLs. The script must be run as root to allow switching users.
+The following users are required. They must be a member in the groups
+listed in parentheses.
+
+	bin (bin)
+	daemon (bin, daemon)
+
+
+Cry immediately if we are not running as root.
+
+	$ id -u
+	> 0
+
+
+First, set up a temporary directory and create a regular file with
+defined permissions.
+
+	$ mkdir d
+	$ cd d
+	$ umask 027
+	$ touch f
+	$ ls -l f | awk -- '{ print $1, $3, $4 }'
+	> -rw-r----- root root
+
+
+Make sure root has access to the file.  Verify that user daemon does not
+have access to the file owned by root.
+
+	$ echo root > f
+
+	$ su daemon
+	$ echo daemon >> f
+	| f: Permission denied$
+
+	$ su
+
+
+Now, change the ownership of the file to bin:bin and verify that this
+gives user bin write access.
+
+	$ chown bin:bin f
+	$ ls -l f | awk -- '{ print $1, $3, $4 }'
+	> -rw-r----- bin bin
+	$ su bin
+	$ echo bin >> f
+
+
+User daemon is a member in the owning group, which has only read access.
+Verify this.
+
+	$ su daemon
+	$ cat f
+	> root
+	> bin
+
+	$ echo daemon >> f
+	| f: Permission denied$
+
+
+Now, add an ACL entry for user daemon that grants him rw- access. File
+owners and users capable of CAP_FOWNER are allowed to change ACLs.
+
+	$ su bin
+	$ setfacl -m u:daemon:rw f
+	$ getfacl --omit-header f
+	> user::rw-
+	> user:daemon:rw-
+	> group::r--
+	> mask::rw-
+	> other::---
+	>
+
+
+Verify that the additional ACL entry grants user daemon write access.
+
+	$ su daemon
+	$ echo daemon >> f
+	$ cat f
+	> root
+	> bin
+	> daemon
+
+
+Remove write access from the group class permission bits, and
+verify that this masks daemon's write permission.
+
+	$ su bin
+	$ chmod g-w f
+	$ getfacl --omit-header f
+	> user::rw-
+	> user:daemon:rw-	#effective:r--
+	> group::r--
+	> mask::r--
+	> other::---
+	>
+
+	$ su daemon
+	$ echo daemon >> f
+	| f: Permission denied$
+
+
+Add an entry for group daemon with rw- access, and change the
+permissions for user daemon to r--. Also change the others permissions t
+rw-. The user entry should take precedence, so daemon should be denied
+access.
+
+	$ su bin
+	$ setfacl -m u:daemon:r,g:daemon:rw-,o::rw- f
+
+	$ su daemon
+	$ echo daemon >> f
+	| f: Permission denied$
+
+
+Remove the entry for user daemon. The group daemon permissions should
+now give user daemon rw- access.
+
+	$ su bin
+	$ setfacl -x u:daemon f
+
+	$ su daemon
+	$ echo daemon2 >> f
+	$ cat f
+	> root
+	> bin
+	> daemon
+	> daemon2
+
+
+Set the group daemon permissions to r-- and verify that after than, user
+daemon does not have write access anymore.
+
+	$ su bin
+	$ setfacl -m g:daemon:r f
+
+	$ su daemon
+	$ echo daemon3 >> f
+	| f: Permission denied$
+
+
+Now, remove the group daemon entry. Because user daemon is a member in
+the owning group, he should still have no write access.
+
+	$ su bin
+	$ setfacl -x g:daemon f
+
+	$ su daemon
+	$ echo daemon4 >> f
+	| f: Permission denied$
+
+
+Change the owning group. The other permissions should now grant user
+daemon write access.
+
+	$ su
+	$ chgrp root f
+
+	$ su daemon
+	$ echo daemon5 >> f
+	$ cat f
+	> root
+	> bin
+	> daemon
+	> daemon2
+	> daemon5
+
+
+Verify that permissions in separate matching ACL entries do not
+accumulate.
+
+	$ su
+	$ setfacl -m g:bin:r,g:daemon:w f
+
+	$ su daemon
+	$ : < f	 # open for reading
+	$ : > f  # open for writing
+	$ : <> f  # open for read-write
+	| f: Permission denied$
+
+
+Test if directories can have ACLs.  We assume that only one access check
+algorithm is used for all file types the file system, so these tests
+only need to verify that ACL permissions make a difference.
+
+	$ su
+	$ mkdir -m 750 e
+	$ touch e/h
+
+	$ su bin
+	$ shopt -s nullglob ; echo e/*
+	>
+
+	$ echo i > e/i
+	| e/i: Permission denied$
+
+	$ su
+	$ setfacl -m u:bin:rx e
+
+	$ su bin
+	$ echo e/*
+	> e/h
+	$ echo i > e/i
+	| e/i: Permission denied$
+
+	$ su
+	$ setfacl -m u:bin:rwx e
+
+	$ su bin
+	$ echo i > e/i
+
+
+Test if symlinks are properly followed.
+
+	$ su
+	$ touch g
+	$ ln -s g l
+	$ setfacl -m u:bin:rw l
+	$ ls -l g | awk -- '{ print $1, $3, $4 }'
+	> -rw-rw----+ root root
+
+
+Test if ACLs are effective for block and character special files, fifos,
+sockets. This is done by creating special files locally. The devices do
+not need to exist: The access check is earlier in the code path than the
+test if the device exists.
+
+
+	$ mknod -m 0660 hdt b 91 64	# /dev/hdt
+	$ mknod -m 0660 null c 1 3	# /dev/null
+	$ mkfifo -m 0660 fifo
+
+	$ su bin
+	$ : < hdt
+	| hdt: Permission denied$
+	$ : < null
+	| null: Permission denied$
+	$ : < fifo
+	| fifo: Permission denied$
+
+	$ su
+	$ setfacl -m u:bin:rw hdt null fifo
+
+	$ su bin
+	$ : < hdt
+	| hdt: No such device or address$
+	$ : < null
+	$ ( echo blah > fifo & ) ; cat fifo
+	> blah
+
+
+Test if CAP_FOWNER is properly honored for directories. This addresses a
+specific bug in XFS 1.2, which does not grant root access to files in
+directories if the file has an ACL and only CAP_FOWNER would grant them.
+
+	$ su
+	$ mkdir -m 600 x
+	$ chown daemon:daemon x
+	$ echo j > x/j
+	$ ls -l x/j | awk -- '{ print $1, $3, $4 }'
+	> -rw-r----- root root
+
+	$ setfacl -m u:daemon:r x
+
+	$ ls -l x/j | awk -- '{ print $1, $3, $4 }'
+	> -rw-r----- root root
+	(With the bug this gives: `ls: x/j: Permission denied'.)
+
+	$ echo k > x/k
+	(With the bug this gives: `x/k: Permission denied'.)
+
+	$ chmod 750 x
+
+
+Clean up.
+
+	$ su
+	$ cd ..
+	$ rm -rf d
+Index: acl-2.2.47/test/root/setfacl.test
+===================================================================
+--- /dev/null
+++ acl-2.2.47/test/root/setfacl.test
+@@ -0,0 +1,144 @@
+Setfacl utility tests. Run these tests on a filesystem with ACL support.
+
+ 	$ mkdir d
+	$ chown bin:bin d
+	$ cd d
+
+	$ su bin
+	$ sg bin
+	$ umask 027
+	$ touch g
+	$ ls -dl g | awk '{print $1}'
+	> -rw-r-----
+
+	$ setfacl -m m:- g
+	$ ls -dl g | awk '{print $1}'
+	> -rw-------+
+
+	$ getfacl g
+	> # file: g
+	> # owner: bin
+	> # group: bin
+	> user::rw-
+	> group::r--	#effective:---
+	> mask::---
+	> other::---
+	>
+
+	$ setfacl -x m g
+	$ getfacl g
+	> # file: g
+	> # owner: bin
+	> # group: bin
+	> user::rw-
+	> group::r--
+	> other::---
+	>
+
+	$ setfacl -m u:daemon:rw g
+	$ getfacl g
+	> # file: g
+	> # owner: bin
+	> # group: bin
+	> user::rw-
+	> user:daemon:rw-
+	> group::r--
+	> mask::rw-
+	> other::---
+	>
+
+	$ setfacl -m u::rwx,g::r-x,o:- g
+	$ getfacl g
+	> # file: g
+	> # owner: bin
+	> # group: bin
+	> user::rwx
+	> user:daemon:rw-
+	> group::r-x
+	> mask::rwx
+	> other::---
+	>
+
+	$ setfacl -m u::rwx,g::r-x,o:-,m:- g
+	$ getfacl g
+	> # file: g
+	> # owner: bin
+	> # group: bin
+	> user::rwx
+	> user:daemon:rw-	#effective:---
+	> group::r-x	#effective:---
+	> mask::---
+	> other::---
+	>
+
+	$ setfacl -m u::rwx,g::r-x,o:-,u:root:-,m:- g
+	$ getfacl g
+	> # file: g
+	> # owner: bin
+	> # group: bin
+	> user::rwx
+	> user:root:---
+	> user:daemon:rw-	#effective:---
+	> group::r-x	#effective:---
+	> mask::---
+	> other::---
+	>
+
+	$ setfacl -m u::rwx,g::r-x,o:-,u:root:-,m:- g
+	$ getfacl g
+	> # file: g
+	> # owner: bin
+	> # group: bin
+	> user::rwx
+	> user:root:---
+	> user:daemon:rw-	#effective:---
+	> group::r-x	#effective:---
+	> mask::---
+	> other::---
+	>
+
+	$ setfacl -m u::rwx,g::r-x,o:-,u:root:- g
+	$ getfacl g
+	> # file: g
+	> # owner: bin
+	> # group: bin
+	> user::rwx
+	> user:root:---
+	> user:daemon:rw-
+	> group::r-x
+	> mask::rwx
+	> other::---
+	>
+
+	$ setfacl --test -x u: g
+	> setfacl: g: Malformed access ACL `user:root:---,user:daemon:rw-,group::r-x,mask::rwx,other::---': Missing or wrong entry at entry 1
+
+	$ setfacl --test -x u:x
+	> setfacl: Option -x: Invalid argument near character 3
+
+	$ setfacl -m d:u:root:rwx g
+	> setfacl: g: Only directories can have default ACLs
+
+	$ setfacl -x m g
+	> setfacl: g: Malformed access ACL `user::rwx,user:root:---,user:daemon:rw-,group::r-x,other::---': Missing or wrong entry at entry 5
+	 setfacl --test -m d:u:daemon:rwx setfacl
+	 setfacl --test -n -m d:u:daemon:rwx setfacl
+
+Check if the mask is properly recalculated
+
+	$ mkdir d
+	$ setfacl --test -m u::rwx,u:bin:rwx,g::r-x,o::--- d
+	> d: u::rwx,u:bin:rwx,g::r-x,m::rwx,o::---,*
+
+	$ setfacl --test -m u::rwx,u:bin:rwx,g::r-x,m::---,o::--- d
+	> d: u::rwx,u:bin:rwx,g::r-x,m::---,o::---,*
+
+	$ setfacl --test -d -m u::rwx,u:bin:rwx,g::r-x,o::--- d
+	> d: *,d:u::rwx,d:u:bin:rwx,d:g::r-x,d:m::rwx,d:o::---
+
+	$ setfacl --test -d -m u::rwx,u:bin:rwx,g::r-x,m::---,o::--- d
+	> d: *,d:u::rwx,d:u:bin:rwx,d:g::r-x,d:m::---,d:o::---
+
+	$ su
+	$ cd ..
+	$ rm -r d
--- a/acl-various-improvements-for-test-run.patch
+++ b/acl-various-improvements-for-test-run.patch
@ -0,0 +1,149 @@
+Subject: [PATCH] acl: various improvements for test/run
+
+First move process_test to avoid a warning:
+
+main::process_test() called too early to check prototype at ./run line 47.
+main::process_test() called too early to check prototype at ./run line 60.
+
+Create two ENV variables TUSER and TGROUP to get the user/group
+running the test.
+
+Add a | test line that is similar to > but is interpreted as a regular
+expression.
+
+Signed-off-by: Brandon Philips <bphilips@suse.de>
+
+---
+ test/run |   99 ++++++++++++++++++++++++++++++++-------------------------------
+ 1 file changed, 51 insertions(+), 48 deletions(-)
+
+Index: acl-2.2.47/test/run
+===================================================================
+--- acl-2.2.47.orig/test/run
+++ acl-2.2.47/test/run
+@@ -25,26 +25,69 @@ if (isatty(fileno(STDOUT))) {
+ 	$FAILED = "\033[31m\033[1m" . $FAILED . "\033[m";
+ }
+ 
+$ENV{"TUSER"} = getpwuid($>);
+$ENV{"TGROUP"} = getgrgid($));
+
+ sub exec_test($$);
+ 
+-my ($prog, $in, $out) = ([], [], []);
+my ($prog, $in, $out, $outmatch) = ([], [], [], []);
+ my $line_number = 0;
+ my $prog_line;
+ my ($tests, $failed) = (0,0);
+ 
+sub process_test($$$$$) {
+  my ($prog, $prog_line, $in, $out, $outmatch) = @_;
+
+  return unless @$prog;
+
+       my $p = [ @$prog ];
+       print "[$prog_line] \$ ", join(' ',
+             map { s/\s/\\$&/g; $_ } @$p), " -- ";
+       my $result = exec_test($prog, $in);
+       my $good = 1;
+       my $nmax = (@$outmatch > @$result) ? @$outmatch : @$result;
+       for (my $n=0; $n < $nmax; $n++) {
+	 if (!defined($outmatch->[$n]) || !defined($result->[$n]) ||
+	      $result->[$n] !~ /($outmatch->[$n])/) {
+		 $good = 0;
+	 }
+       }
+       $tests++;
+       $failed++ unless $good;
+       print $good ? $OK : $FAILED, "\n";
+       if (!$good) {
+         for (my $n=0; $n < $nmax; $n++) {
+	   my $l = defined($out->[$n]) ? $out->[$n] : "~";
+	   chomp $l;
+	   my $r = defined($result->[$n]) ? $result->[$n] : "~";
+	   chomp $r;
+	   print sprintf("%-37s %s %-39s\n", $l, $l eq $r ? "|" : "?", $r);
+         }
+       } elsif ($opt_v) {
+	 print join('', @$result);
+       }
+}
+
+
+
+ for (;;) {
+   my $line = <>; $line_number++;
+   if (defined $line) {
+     # Substitute %VAR and %{VAR} with environment variables.
+-    $line =~ s[%(?:(\w+)|\{(\w+)\})][$ENV{"$1$2"}]eg;
+    $line =~ s[%\{(\w+)\}][$ENV{"$1"}]eg;
+    $line =~ s[%(\w+)][$ENV{"$1"}]eg;
+   }
+   if (defined $line) {
+     if ($line =~ s/^\s*< ?//) {
+       push @$in, $line;
+-    } elsif ($line =~ s/^\s*> ?//) {
+    } elsif ($line =~ s/^\s*> ?//) { # explicit matching
+      push @$outmatch, "^(\Q$line\E)\$";
+      push @$out, $line;
+    } elsif ($line =~ s/^\s*\| ?//) { # regex case
+      push @$outmatch, $line;
+       push @$out, $line;
+     } else {
+-      process_test($prog, $prog_line, $in, $out);
+      process_test($prog, $prog_line, $in, $out, $outmatch);
+ 
+       $prog = [];
+       $prog_line = 0;
+@@ -55,9 +98,10 @@ for (;;) {
+       $prog_line = $line_number;
+       $in = [];
+       $out = [];
+      $outmatch = [];
+     }
+   } else {
+-    process_test($prog, $prog_line, $in, $out);
+    process_test($prog, $prog_line, $in, $out, $outmatch);
+     last;
+   }
+ }
+@@ -75,39 +119,6 @@ print $status, "\n";
+ exit $failed ? 1 : 0;
+ 
+ 
+-sub process_test($$$$) {
+-  my ($prog, $prog_line, $in, $out) = @_;
+-
+-  return unless @$prog;
+-
+-       my $p = [ @$prog ];
+-       print "[$prog_line] \$ ", join(' ',
+-             map { s/\s/\\$&/g; $_ } @$p), " -- ";
+-       my $result = exec_test($prog, $in);
+-       my $good = 1;
+-       my $nmax = (@$out > @$result) ? @$out : @$result;
+-       for (my $n=0; $n < $nmax; $n++) {
+-	 if (!defined($out->[$n]) || !defined($result->[$n]) ||
+-	     $out->[$n] ne $result->[$n]) {
+-		 $good = 0;
+-	 }
+-       }
+-       $tests++;
+-       $failed++ unless $good;
+-       print $good ? $OK : $FAILED, "\n";
+-       if (!$good) {
+-         for (my $n=0; $n < $nmax; $n++) {
+-	   my $l = defined($out->[$n]) ? $out->[$n] : "~";
+-	   chomp $l;
+-	   my $r = defined($result->[$n]) ? $result->[$n] : "~";
+-	   chomp $r;
+-	   print sprintf("%-37s %s %-39s\n", $l, $l eq $r ? "|" : "?", $r);
+-         }
+-       } elsif ($opt_v) {
+-	 print join('', @$result);
+-       }
+-}
+-
+ 
+ sub su($) {
+   my ($user) = @_;
--- a/acl.changes
+++ b/acl.changes
@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Thu Jan  8 13:16:22 PST 2009 - bphilips@novell.com
+
+- Added a number of unit test improvements
+
 -------------------------------------------------------------------
 Wed Dec 10 12:34:56 CET 2008 - olh@suse.de

--- a/acl.spec
+++ b/acl.spec
@ -1,7 +1,7 @@
 #
 # spec file for package acl (Version 2.2.47)
 #
-# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -24,11 +24,17 @@ Group:          System/Filesystems
 AutoReqProv:    on
 Summary:        Commands for Manipulating POSIX Access Control Lists
 Version:        2.2.47
-Release:        27
+Release:        28
 Source:         %name-%version.src.tar.bz2
 Patch0:         builddefs.in.diff
 Patch1:         walk-tree-fix-for-deref.patch
 Patch2:         null-pointer-access.diff
+Patch3:         acl-add-make-test-target-and-use-make-to-run-tests.patch
+Patch4:         acl-various-improvements-for-test-run.patch
+Patch5:         acl-move-root-tests-to-their-own-folder.patch
+Patch6:         acl-move-nfs-tests-to-their-own-folder.patch
+Patch7:         acl-minor-fix-to-cp.test.patch
+Patch8:         acl-add-getfacl-r-l-p-tests.patch
 Url:            ftp://oss.sgi.com/projects/xfs/cmd_tars
 License:        GPL v2 or later
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@ -95,6 +101,12 @@ Authors:
 %patch0 -p1
 %patch1 -p1
 %patch2 -p1
+%patch3 -p1
+%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1

 %build
 export OPTIMIZER="$RPM_OPT_FLAGS -fPIC"
@ -202,6 +214,8 @@ rm -f $RPM_BUILD_ROOT/%{_lib}/libacl.{a,la,so}
 /%{_lib}/libacl.so.1*

 %changelog
+* Thu Jan 08 2009 bphilips@novell.com
+- Added a number of unit test improvements
 * Wed Dec 10 2008 olh@suse.de
 - use Obsoletes: -XXbit only for ppc64 to help solver during distupgrade
  (bnc#437293)
@ -218,7 +232,7 @@ rm -f $RPM_BUILD_ROOT/%{_lib}/libacl.{a,la,so}
 * Sat Oct 27 2007 agruen@suse.de
 - Don't exhaust the number of file descriptors in the path walking
  code, and make sure each directory is only visited once.
-* Fri Oct 26 2007 agruen@suse.de
+* Thu Oct 25 2007 agruen@suse.de
 - A large jump to the current upstream version 2.2.45.
 - Fix the upstream path walking code.
 * Sat Mar 18 2006 agruen@suse.de
@ -257,11 +271,11 @@ rm -f $RPM_BUILD_ROOT/%{_lib}/libacl.{a,la,so}
 * Thu Jan 01 2004 agruen@suse.de
 - Update to version 2.2.21. Bug fix in directory tree walking
  code.
-* Wed Oct 22 2003 kukuk@suse.de
+* Tue Oct 21 2003 kukuk@suse.de
 - Fix provides for update case
 * Thu Aug 28 2003 agruen@suse.de
 - Fix a bug with error handling while walking directory trees.
-* Thu Aug 28 2003 ro@suse.de
+* Wed Aug 27 2003 ro@suse.de
 - fix patch depth in specfile
 * Tue Aug 26 2003 agruen@suse.de
 - Fix SIGSEGV if the quote function.
@ -322,7 +336,7 @@ rm -f $RPM_BUILD_ROOT/%{_lib}/libacl.{a,la,so}
 - Update to version 2.0.17
 * Thu Jun 20 2002 uli@suse.de
 - fixed for lib64
-* Thu Jun 20 2002 lmuelle@suse.de
+* Wed Jun 19 2002 lmuelle@suse.de
 - Remove DESTDIR patch, use DIST_ROOT of package instead
 - Fix library location in the devel package
 - Update to version 2.0.11