diff options
Diffstat (limited to 'src/tests/cwrap/test_become_user.c')
-rw-r--r-- | src/tests/cwrap/test_become_user.c | 156 |
1 files changed, 156 insertions, 0 deletions
diff --git a/src/tests/cwrap/test_become_user.c b/src/tests/cwrap/test_become_user.c new file mode 100644 index 000000000..06d3ad425 --- /dev/null +++ b/src/tests/cwrap/test_become_user.c @@ -0,0 +1,156 @@ +/* + Authors: + Jakub Hrozek <jhrozek@redhat.com> + + Copyright (C) 2014 Red Hat + + SSSD tests: User switching + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +/* Yes, a .c file. We need to call static functions during the test */ +#include "../../../src/util/become_user.c" + +#include <popt.h> +#include "util/util.h" +#include "tests/cmocka/common_mock.h" + +void test_become_user(void **state) +{ + struct passwd *sssd; + errno_t ret; + pid_t pid, wpid; + int status; + + /* Must root as root, real or fake */ + assert_int_equal(geteuid(), 0); + + sssd = getpwnam("sssd"); + assert_non_null(sssd); + + pid = fork(); + if (pid == 0) { + /* Change the UID in a child */ + ret = become_user(sssd->pw_uid, sssd->pw_gid); + assert_int_equal(ret, EOK); + + /* Make sure we have the requested UID and GID now and there + * are no supplementary groups + */ + assert_int_equal(geteuid(), sssd->pw_uid); + assert_int_equal(getegid(), sssd->pw_gid); + assert_int_equal(getuid(), sssd->pw_uid); + assert_int_equal(getgid(), sssd->pw_gid); + + /* Another become_user is a no-op */ + ret = become_user(sssd->pw_uid, sssd->pw_gid); + assert_int_equal(ret, EOK); + + assert_int_equal(getgroups(0, NULL), 0); + exit(0); + } + + assert_int_not_equal(pid, -1); + + wpid = waitpid(pid, &status, 0); + assert_int_equal(wpid, pid); + assert_true(WIFEXITED(status)); + assert_int_equal(WEXITSTATUS(status), 0); +} + +void test_switch_user(void **state) +{ + errno_t ret; + struct passwd *sssd; + TALLOC_CTX *tmp_ctx; + struct sss_creds *saved_creds; + + check_leaks_push(global_talloc_context); + tmp_ctx = talloc_new(global_talloc_context); + assert_non_null(tmp_ctx); + + /* Must root as root, real or fake */ + assert_int_equal(geteuid(), 0); + + sssd = getpwnam("sssd"); + assert_non_null(sssd); + + check_leaks_push(tmp_ctx); + + ret = switch_creds(tmp_ctx, sssd->pw_uid, sssd->pw_gid, + 0, NULL, &saved_creds); + assert_int_equal(ret, EOK); + assert_int_equal(geteuid(), sssd->pw_uid); + assert_int_equal(getegid(), sssd->pw_gid); + /* Only effective UID is changed.. */ + assert_int_equal(getuid(), 0); + assert_int_equal(getgid(), 0); + + assert_non_null(saved_creds); + assert_int_equal(saved_creds->uid, 0); + assert_int_equal(saved_creds->gid, 0); + + /* restore root */ + ret = restore_creds(saved_creds); + assert_int_equal(ret, EOK); + assert_int_equal(geteuid(), 0); + assert_int_equal(getegid(), 0); + assert_int_equal(getuid(), 0); + assert_int_equal(getgid(), 0); + + talloc_free(saved_creds); + check_leaks_pop(tmp_ctx); + talloc_free(tmp_ctx); + check_leaks_pop(global_talloc_context); +} + +int main(int argc, const char *argv[]) +{ + poptContext pc; + int opt; + struct poptOption long_options[] = { + POPT_AUTOHELP + SSSD_DEBUG_OPTS + POPT_TABLEEND + }; + + const UnitTest tests[] = { + unit_test(test_become_user), + unit_test(test_switch_user), + }; + + /* Set debug level to invalid value so we can deside if -d 0 was used. */ + debug_level = SSSDBG_INVALID; + + pc = poptGetContext(argv[0], argc, argv, long_options, 0); + while((opt = poptGetNextOpt(pc)) != -1) { + switch(opt) { + default: + fprintf(stderr, "\nInvalid option %s: %s\n\n", + poptBadOption(pc, 0), poptStrerror(opt)); + poptPrintUsage(pc, stderr, 0); + return 1; + } + } + poptFreeContext(pc); + + DEBUG_CLI_INIT(debug_level); + + /* Even though normally the tests should clean up after themselves + * they might not after a failed run. Remove the old db to be sure */ + tests_set_cwd(); + + return run_tests(tests); +} |